diff --git a/sdk/security/azure-mgmt-security/_meta.json b/sdk/security/azure-mgmt-security/_meta.json index 4fcd76c66d92..981367894be9 100644 --- a/sdk/security/azure-mgmt-security/_meta.json +++ b/sdk/security/azure-mgmt-security/_meta.json @@ -4,7 +4,7 @@ "@autorest/python@5.8.4", "@autorest/modelerfour@4.19.2" ], - "commit": "a8719243647b7c6d06ed287483d788808de7ecab", + "commit": "c344ba9a712e9b29524aecf8dd62501aa9ee56e1", "repository_url": "https://github.com/Azure/azure-rest-api-specs", "autorest_command": "autorest specification/security/resource-manager/readme.md --multiapi --python --python-mode=update --python-sdks-folder=/home/vsts/work/1/s/azure-sdk-for-python/sdk --track2 --use=@autorest/python@5.8.4 --use=@autorest/modelerfour@4.19.2 --version=3.4.5", "readme": "specification/security/resource-manager/readme.md" diff --git a/sdk/security/azure-mgmt-security/azure/mgmt/security/_metadata.json b/sdk/security/azure-mgmt-security/azure/mgmt/security/_metadata.json index 57c07b73f3a8..6e8fb6fcd873 100644 --- a/sdk/security/azure-mgmt-security/azure/mgmt/security/_metadata.json +++ b/sdk/security/azure-mgmt-security/azure/mgmt/security/_metadata.json @@ -1,6 +1,6 @@ { "chosen_version": "", - "total_api_version_list": ["2015-06-01-preview", "2017-08-01", "2017-08-01-preview", "2018-06-01", "2019-01-01", "2019-01-01-preview", "2019-08-01", "2020-01-01", "2020-01-01-preview", "2020-07-01-preview", "2021-01-01", "2021-01-15-preview", "2021-05-01-preview", "2021-07-01"], + "total_api_version_list": ["2015-06-01-preview", "2017-08-01", "2017-08-01-preview", "2018-06-01", "2019-01-01", "2019-01-01-preview", "2019-08-01", "2020-01-01", "2020-01-01-preview", "2020-07-01-preview", "2021-01-01", "2021-01-15-preview", "2021-05-01-preview", "2021-06-01", "2021-07-01", "2021-07-01-preview", "2021-10-01-preview"], "client": { "name": "SecurityCenter", "filename": "_security_center", @@ -110,6 +110,9 @@ "async_imports": "{\"regular\": {\"azurecore\": {\"azure.core.configuration\": [\"Configuration\"], \"azure.core.pipeline\": [\"policies\"], \"azure.mgmt.core.policies\": [\"ARMHttpLoggingPolicy\"]}, \"local\": {\".._version\": [\"VERSION\"]}}, \"conditional\": {\"stdlib\": {\"typing\": [\"Any\"]}}, \"typing\": {\"azurecore\": {\"azure.core.credentials_async\": [\"AsyncTokenCredential\"]}}}" }, "operation_groups": { + "mde_onboardings": "MdeOnboardingsOperations", + "custom_assessment_automations": "CustomAssessmentAutomationsOperations", + "custom_entity_store_assignments": "CustomEntityStoreAssignmentsOperations", "compliance_results": "ComplianceResultsOperations", "pricings": "PricingsOperations", "advanced_threat_protection": "AdvancedThreatProtectionOperations", @@ -154,6 +157,7 @@ "alerts": "AlertsOperations", "settings": "SettingsOperations", "ingestion_settings": "IngestionSettingsOperations", - "software_inventories": "SoftwareInventoriesOperations" + "software_inventories": "SoftwareInventoriesOperations", + "security_connectors": "SecurityConnectorsOperations" } } \ No newline at end of file diff --git a/sdk/security/azure-mgmt-security/azure/mgmt/security/_security_center.py b/sdk/security/azure-mgmt-security/azure/mgmt/security/_security_center.py index 0c411e391bbb..440bf55a3ad8 100644 --- a/sdk/security/azure-mgmt-security/azure/mgmt/security/_security_center.py +++ b/sdk/security/azure-mgmt-security/azure/mgmt/security/_security_center.py @@ -19,6 +19,9 @@ from azure.core.pipeline.transport import HttpRequest, HttpResponse from ._configuration import SecurityCenterConfiguration +from .operations import MdeOnboardingsOperations +from .operations import CustomAssessmentAutomationsOperations +from .operations import CustomEntityStoreAssignmentsOperations from .operations import ComplianceResultsOperations from .operations import PricingsOperations from .operations import AdvancedThreatProtectionOperations @@ -64,12 +67,19 @@ from .operations import SettingsOperations from .operations import IngestionSettingsOperations from .operations import SoftwareInventoriesOperations +from .operations import SecurityConnectorsOperations from . import models class SecurityCenter(object): """API spec for Microsoft.Security (Azure Security Center) resource provider. + :ivar mde_onboardings: MdeOnboardingsOperations operations + :vartype mde_onboardings: azure.mgmt.security.operations.MdeOnboardingsOperations + :ivar custom_assessment_automations: CustomAssessmentAutomationsOperations operations + :vartype custom_assessment_automations: azure.mgmt.security.operations.CustomAssessmentAutomationsOperations + :ivar custom_entity_store_assignments: CustomEntityStoreAssignmentsOperations operations + :vartype custom_entity_store_assignments: azure.mgmt.security.operations.CustomEntityStoreAssignmentsOperations :ivar compliance_results: ComplianceResultsOperations operations :vartype compliance_results: azure.mgmt.security.operations.ComplianceResultsOperations :ivar pricings: PricingsOperations operations @@ -160,6 +170,8 @@ class SecurityCenter(object): :vartype ingestion_settings: azure.mgmt.security.operations.IngestionSettingsOperations :ivar software_inventories: SoftwareInventoriesOperations operations :vartype software_inventories: azure.mgmt.security.operations.SoftwareInventoriesOperations + :ivar security_connectors: SecurityConnectorsOperations operations + :vartype security_connectors: azure.mgmt.security.operations.SecurityConnectorsOperations :param credential: Credential needed for the client to connect to Azure. :type credential: ~azure.core.credentials.TokenCredential :param subscription_id: Azure subscription ID. @@ -189,6 +201,12 @@ def __init__( self._serialize.client_side_validation = False self._deserialize = Deserializer(client_models) + self.mde_onboardings = MdeOnboardingsOperations( + self._client, self._config, self._serialize, self._deserialize) + self.custom_assessment_automations = CustomAssessmentAutomationsOperations( + self._client, self._config, self._serialize, self._deserialize) + self.custom_entity_store_assignments = CustomEntityStoreAssignmentsOperations( + self._client, self._config, self._serialize, self._deserialize) self.compliance_results = ComplianceResultsOperations( self._client, self._config, self._serialize, self._deserialize) self.pricings = PricingsOperations( @@ -279,6 +297,8 @@ def __init__( self._client, self._config, self._serialize, self._deserialize) self.software_inventories = SoftwareInventoriesOperations( self._client, self._config, self._serialize, self._deserialize) + self.security_connectors = SecurityConnectorsOperations( + self._client, self._config, self._serialize, self._deserialize) def _send_request(self, http_request, **kwargs): # type: (HttpRequest, Any) -> HttpResponse diff --git a/sdk/security/azure-mgmt-security/azure/mgmt/security/_version.py b/sdk/security/azure-mgmt-security/azure/mgmt/security/_version.py index e32dc6ec4218..e5754a47ce68 100644 --- a/sdk/security/azure-mgmt-security/azure/mgmt/security/_version.py +++ b/sdk/security/azure-mgmt-security/azure/mgmt/security/_version.py @@ -6,4 +6,4 @@ # Changes may cause incorrect behavior and will be lost if the code is regenerated. # -------------------------------------------------------------------------- -VERSION = "2.0.0b1" +VERSION = "1.0.0b1" diff --git a/sdk/security/azure-mgmt-security/azure/mgmt/security/aio/_security_center.py b/sdk/security/azure-mgmt-security/azure/mgmt/security/aio/_security_center.py index b238b910a8bb..5f6f5127871b 100644 --- a/sdk/security/azure-mgmt-security/azure/mgmt/security/aio/_security_center.py +++ b/sdk/security/azure-mgmt-security/azure/mgmt/security/aio/_security_center.py @@ -17,6 +17,9 @@ from azure.core.credentials_async import AsyncTokenCredential from ._configuration import SecurityCenterConfiguration +from .operations import MdeOnboardingsOperations +from .operations import CustomAssessmentAutomationsOperations +from .operations import CustomEntityStoreAssignmentsOperations from .operations import ComplianceResultsOperations from .operations import PricingsOperations from .operations import AdvancedThreatProtectionOperations @@ -62,12 +65,19 @@ from .operations import SettingsOperations from .operations import IngestionSettingsOperations from .operations import SoftwareInventoriesOperations +from .operations import SecurityConnectorsOperations from .. import models class SecurityCenter(object): """API spec for Microsoft.Security (Azure Security Center) resource provider. + :ivar mde_onboardings: MdeOnboardingsOperations operations + :vartype mde_onboardings: azure.mgmt.security.aio.operations.MdeOnboardingsOperations + :ivar custom_assessment_automations: CustomAssessmentAutomationsOperations operations + :vartype custom_assessment_automations: azure.mgmt.security.aio.operations.CustomAssessmentAutomationsOperations + :ivar custom_entity_store_assignments: CustomEntityStoreAssignmentsOperations operations + :vartype custom_entity_store_assignments: azure.mgmt.security.aio.operations.CustomEntityStoreAssignmentsOperations :ivar compliance_results: ComplianceResultsOperations operations :vartype compliance_results: azure.mgmt.security.aio.operations.ComplianceResultsOperations :ivar pricings: PricingsOperations operations @@ -158,6 +168,8 @@ class SecurityCenter(object): :vartype ingestion_settings: azure.mgmt.security.aio.operations.IngestionSettingsOperations :ivar software_inventories: SoftwareInventoriesOperations operations :vartype software_inventories: azure.mgmt.security.aio.operations.SoftwareInventoriesOperations + :ivar security_connectors: SecurityConnectorsOperations operations + :vartype security_connectors: azure.mgmt.security.aio.operations.SecurityConnectorsOperations :param credential: Credential needed for the client to connect to Azure. :type credential: ~azure.core.credentials_async.AsyncTokenCredential :param subscription_id: Azure subscription ID. @@ -186,6 +198,12 @@ def __init__( self._serialize.client_side_validation = False self._deserialize = Deserializer(client_models) + self.mde_onboardings = MdeOnboardingsOperations( + self._client, self._config, self._serialize, self._deserialize) + self.custom_assessment_automations = CustomAssessmentAutomationsOperations( + self._client, self._config, self._serialize, self._deserialize) + self.custom_entity_store_assignments = CustomEntityStoreAssignmentsOperations( + self._client, self._config, self._serialize, self._deserialize) self.compliance_results = ComplianceResultsOperations( self._client, self._config, self._serialize, self._deserialize) self.pricings = PricingsOperations( @@ -276,6 +294,8 @@ def __init__( self._client, self._config, self._serialize, self._deserialize) self.software_inventories = SoftwareInventoriesOperations( self._client, self._config, self._serialize, self._deserialize) + self.security_connectors = SecurityConnectorsOperations( + self._client, self._config, self._serialize, self._deserialize) async def _send_request(self, http_request: HttpRequest, **kwargs: Any) -> AsyncHttpResponse: """Runs the network request through the client's chained policies. diff --git a/sdk/security/azure-mgmt-security/azure/mgmt/security/aio/operations/__init__.py b/sdk/security/azure-mgmt-security/azure/mgmt/security/aio/operations/__init__.py index 65df4fa5ef35..e0a22181ca00 100644 --- a/sdk/security/azure-mgmt-security/azure/mgmt/security/aio/operations/__init__.py +++ b/sdk/security/azure-mgmt-security/azure/mgmt/security/aio/operations/__init__.py @@ -6,6 +6,9 @@ # Changes may cause incorrect behavior and will be lost if the code is regenerated. # -------------------------------------------------------------------------- +from ._mde_onboardings_operations import MdeOnboardingsOperations +from ._custom_assessment_automations_operations import CustomAssessmentAutomationsOperations +from ._custom_entity_store_assignments_operations import CustomEntityStoreAssignmentsOperations from ._compliance_results_operations import ComplianceResultsOperations from ._pricings_operations import PricingsOperations from ._advanced_threat_protection_operations import AdvancedThreatProtectionOperations @@ -51,8 +54,12 @@ from ._settings_operations import SettingsOperations from ._ingestion_settings_operations import IngestionSettingsOperations from ._software_inventories_operations import SoftwareInventoriesOperations +from ._security_connectors_operations import SecurityConnectorsOperations __all__ = [ + 'MdeOnboardingsOperations', + 'CustomAssessmentAutomationsOperations', + 'CustomEntityStoreAssignmentsOperations', 'ComplianceResultsOperations', 'PricingsOperations', 'AdvancedThreatProtectionOperations', @@ -98,4 +105,5 @@ 'SettingsOperations', 'IngestionSettingsOperations', 'SoftwareInventoriesOperations', + 'SecurityConnectorsOperations', ] diff --git a/sdk/security/azure-mgmt-security/azure/mgmt/security/aio/operations/_assessments_metadata_operations.py b/sdk/security/azure-mgmt-security/azure/mgmt/security/aio/operations/_assessments_metadata_operations.py index df9555e68ef3..718a664d6cd4 100644 --- a/sdk/security/azure-mgmt-security/azure/mgmt/security/aio/operations/_assessments_metadata_operations.py +++ b/sdk/security/azure-mgmt-security/azure/mgmt/security/aio/operations/_assessments_metadata_operations.py @@ -44,20 +44,20 @@ def __init__(self, client, config, serializer, deserializer) -> None: def list( self, **kwargs: Any - ) -> AsyncIterable["_models.SecurityAssessmentMetadataList"]: + ) -> AsyncIterable["_models.SecurityAssessmentMetadataResponseList"]: """Get metadata information on all assessment types. :keyword callable cls: A custom type or function that will be passed the direct response - :return: An iterator like instance of either SecurityAssessmentMetadataList or the result of cls(response) - :rtype: ~azure.core.async_paging.AsyncItemPaged[~azure.mgmt.security.models.SecurityAssessmentMetadataList] + :return: An iterator like instance of either SecurityAssessmentMetadataResponseList or the result of cls(response) + :rtype: ~azure.core.async_paging.AsyncItemPaged[~azure.mgmt.security.models.SecurityAssessmentMetadataResponseList] :raises: ~azure.core.exceptions.HttpResponseError """ - cls = kwargs.pop('cls', None) # type: ClsType["_models.SecurityAssessmentMetadataList"] + cls = kwargs.pop('cls', None) # type: ClsType["_models.SecurityAssessmentMetadataResponseList"] error_map = { 401: ClientAuthenticationError, 404: ResourceNotFoundError, 409: ResourceExistsError } error_map.update(kwargs.pop('error_map', {})) - api_version = "2020-01-01" + api_version = "2021-06-01" accept = "application/json" def prepare_request(next_link=None): @@ -80,7 +80,7 @@ def prepare_request(next_link=None): return request async def extract_data(pipeline_response): - deserialized = self._deserialize('SecurityAssessmentMetadataList', pipeline_response) + deserialized = self._deserialize('SecurityAssessmentMetadataResponseList', pipeline_response) list_of_elem = deserialized.value if cls: list_of_elem = cls(list_of_elem) @@ -107,22 +107,22 @@ async def get( self, assessment_metadata_name: str, **kwargs: Any - ) -> "_models.SecurityAssessmentMetadata": + ) -> "_models.SecurityAssessmentMetadataResponse": """Get metadata information on an assessment type. :param assessment_metadata_name: The Assessment Key - Unique key for the assessment type. :type assessment_metadata_name: str :keyword callable cls: A custom type or function that will be passed the direct response - :return: SecurityAssessmentMetadata, or the result of cls(response) - :rtype: ~azure.mgmt.security.models.SecurityAssessmentMetadata + :return: SecurityAssessmentMetadataResponse, or the result of cls(response) + :rtype: ~azure.mgmt.security.models.SecurityAssessmentMetadataResponse :raises: ~azure.core.exceptions.HttpResponseError """ - cls = kwargs.pop('cls', None) # type: ClsType["_models.SecurityAssessmentMetadata"] + cls = kwargs.pop('cls', None) # type: ClsType["_models.SecurityAssessmentMetadataResponse"] error_map = { 401: ClientAuthenticationError, 404: ResourceNotFoundError, 409: ResourceExistsError } error_map.update(kwargs.pop('error_map', {})) - api_version = "2020-01-01" + api_version = "2021-06-01" accept = "application/json" # Construct URL @@ -148,7 +148,7 @@ async def get( map_error(status_code=response.status_code, response=response, error_map=error_map) raise HttpResponseError(response=response, error_format=ARMErrorFormat) - deserialized = self._deserialize('SecurityAssessmentMetadata', pipeline_response) + deserialized = self._deserialize('SecurityAssessmentMetadataResponse', pipeline_response) if cls: return cls(pipeline_response, deserialized, {}) @@ -159,20 +159,20 @@ async def get( def list_by_subscription( self, **kwargs: Any - ) -> AsyncIterable["_models.SecurityAssessmentMetadataList"]: + ) -> AsyncIterable["_models.SecurityAssessmentMetadataResponseList"]: """Get metadata information on all assessment types in a specific subscription. :keyword callable cls: A custom type or function that will be passed the direct response - :return: An iterator like instance of either SecurityAssessmentMetadataList or the result of cls(response) - :rtype: ~azure.core.async_paging.AsyncItemPaged[~azure.mgmt.security.models.SecurityAssessmentMetadataList] + :return: An iterator like instance of either SecurityAssessmentMetadataResponseList or the result of cls(response) + :rtype: ~azure.core.async_paging.AsyncItemPaged[~azure.mgmt.security.models.SecurityAssessmentMetadataResponseList] :raises: ~azure.core.exceptions.HttpResponseError """ - cls = kwargs.pop('cls', None) # type: ClsType["_models.SecurityAssessmentMetadataList"] + cls = kwargs.pop('cls', None) # type: ClsType["_models.SecurityAssessmentMetadataResponseList"] error_map = { 401: ClientAuthenticationError, 404: ResourceNotFoundError, 409: ResourceExistsError } error_map.update(kwargs.pop('error_map', {})) - api_version = "2020-01-01" + api_version = "2021-06-01" accept = "application/json" def prepare_request(next_link=None): @@ -199,7 +199,7 @@ def prepare_request(next_link=None): return request async def extract_data(pipeline_response): - deserialized = self._deserialize('SecurityAssessmentMetadataList', pipeline_response) + deserialized = self._deserialize('SecurityAssessmentMetadataResponseList', pipeline_response) list_of_elem = deserialized.value if cls: list_of_elem = cls(list_of_elem) @@ -226,22 +226,22 @@ async def get_in_subscription( self, assessment_metadata_name: str, **kwargs: Any - ) -> "_models.SecurityAssessmentMetadata": + ) -> "_models.SecurityAssessmentMetadataResponse": """Get metadata information on an assessment type in a specific subscription. :param assessment_metadata_name: The Assessment Key - Unique key for the assessment type. :type assessment_metadata_name: str :keyword callable cls: A custom type or function that will be passed the direct response - :return: SecurityAssessmentMetadata, or the result of cls(response) - :rtype: ~azure.mgmt.security.models.SecurityAssessmentMetadata + :return: SecurityAssessmentMetadataResponse, or the result of cls(response) + :rtype: ~azure.mgmt.security.models.SecurityAssessmentMetadataResponse :raises: ~azure.core.exceptions.HttpResponseError """ - cls = kwargs.pop('cls', None) # type: ClsType["_models.SecurityAssessmentMetadata"] + cls = kwargs.pop('cls', None) # type: ClsType["_models.SecurityAssessmentMetadataResponse"] error_map = { 401: ClientAuthenticationError, 404: ResourceNotFoundError, 409: ResourceExistsError } error_map.update(kwargs.pop('error_map', {})) - api_version = "2020-01-01" + api_version = "2021-06-01" accept = "application/json" # Construct URL @@ -268,7 +268,7 @@ async def get_in_subscription( map_error(status_code=response.status_code, response=response, error_map=error_map) raise HttpResponseError(response=response, error_format=ARMErrorFormat) - deserialized = self._deserialize('SecurityAssessmentMetadata', pipeline_response) + deserialized = self._deserialize('SecurityAssessmentMetadataResponse', pipeline_response) if cls: return cls(pipeline_response, deserialized, {}) @@ -279,26 +279,26 @@ async def get_in_subscription( async def create_in_subscription( self, assessment_metadata_name: str, - assessment_metadata: "_models.SecurityAssessmentMetadata", + assessment_metadata: "_models.SecurityAssessmentMetadataResponse", **kwargs: Any - ) -> "_models.SecurityAssessmentMetadata": + ) -> "_models.SecurityAssessmentMetadataResponse": """Create metadata information on an assessment type in a specific subscription. :param assessment_metadata_name: The Assessment Key - Unique key for the assessment type. :type assessment_metadata_name: str :param assessment_metadata: AssessmentMetadata object. - :type assessment_metadata: ~azure.mgmt.security.models.SecurityAssessmentMetadata + :type assessment_metadata: ~azure.mgmt.security.models.SecurityAssessmentMetadataResponse :keyword callable cls: A custom type or function that will be passed the direct response - :return: SecurityAssessmentMetadata, or the result of cls(response) - :rtype: ~azure.mgmt.security.models.SecurityAssessmentMetadata + :return: SecurityAssessmentMetadataResponse, or the result of cls(response) + :rtype: ~azure.mgmt.security.models.SecurityAssessmentMetadataResponse :raises: ~azure.core.exceptions.HttpResponseError """ - cls = kwargs.pop('cls', None) # type: ClsType["_models.SecurityAssessmentMetadata"] + cls = kwargs.pop('cls', None) # type: ClsType["_models.SecurityAssessmentMetadataResponse"] error_map = { 401: ClientAuthenticationError, 404: ResourceNotFoundError, 409: ResourceExistsError } error_map.update(kwargs.pop('error_map', {})) - api_version = "2020-01-01" + api_version = "2021-06-01" content_type = kwargs.pop("content_type", "application/json") accept = "application/json" @@ -320,7 +320,7 @@ async def create_in_subscription( header_parameters['Accept'] = self._serialize.header("accept", accept, 'str') body_content_kwargs = {} # type: Dict[str, Any] - body_content = self._serialize.body(assessment_metadata, 'SecurityAssessmentMetadata') + body_content = self._serialize.body(assessment_metadata, 'SecurityAssessmentMetadataResponse') body_content_kwargs['content'] = body_content request = self._client.put(url, query_parameters, header_parameters, **body_content_kwargs) pipeline_response = await self._client._pipeline.run(request, stream=False, **kwargs) @@ -330,7 +330,7 @@ async def create_in_subscription( map_error(status_code=response.status_code, response=response, error_map=error_map) raise HttpResponseError(response=response, error_format=ARMErrorFormat) - deserialized = self._deserialize('SecurityAssessmentMetadata', pipeline_response) + deserialized = self._deserialize('SecurityAssessmentMetadataResponse', pipeline_response) if cls: return cls(pipeline_response, deserialized, {}) @@ -358,7 +358,7 @@ async def delete_in_subscription( 401: ClientAuthenticationError, 404: ResourceNotFoundError, 409: ResourceExistsError } error_map.update(kwargs.pop('error_map', {})) - api_version = "2020-01-01" + api_version = "2021-06-01" accept = "application/json" # Construct URL diff --git a/sdk/security/azure-mgmt-security/azure/mgmt/security/aio/operations/_assessments_operations.py b/sdk/security/azure-mgmt-security/azure/mgmt/security/aio/operations/_assessments_operations.py index 306648b7d29e..460dce53bce5 100644 --- a/sdk/security/azure-mgmt-security/azure/mgmt/security/aio/operations/_assessments_operations.py +++ b/sdk/security/azure-mgmt-security/azure/mgmt/security/aio/operations/_assessments_operations.py @@ -62,7 +62,7 @@ def list( 401: ClientAuthenticationError, 404: ResourceNotFoundError, 409: ResourceExistsError } error_map.update(kwargs.pop('error_map', {})) - api_version = "2020-01-01" + api_version = "2021-06-01" accept = "application/json" def prepare_request(next_link=None): @@ -118,7 +118,7 @@ async def get( assessment_name: str, expand: Optional[Union[str, "_models.ExpandEnum"]] = None, **kwargs: Any - ) -> "_models.SecurityAssessment": + ) -> "_models.SecurityAssessmentResponse": """Get a security assessment on your scanned resource. :param resource_id: The identifier of the resource. @@ -128,16 +128,16 @@ async def get( :param expand: OData expand. Optional. :type expand: str or ~azure.mgmt.security.models.ExpandEnum :keyword callable cls: A custom type or function that will be passed the direct response - :return: SecurityAssessment, or the result of cls(response) - :rtype: ~azure.mgmt.security.models.SecurityAssessment + :return: SecurityAssessmentResponse, or the result of cls(response) + :rtype: ~azure.mgmt.security.models.SecurityAssessmentResponse :raises: ~azure.core.exceptions.HttpResponseError """ - cls = kwargs.pop('cls', None) # type: ClsType["_models.SecurityAssessment"] + cls = kwargs.pop('cls', None) # type: ClsType["_models.SecurityAssessmentResponse"] error_map = { 401: ClientAuthenticationError, 404: ResourceNotFoundError, 409: ResourceExistsError } error_map.update(kwargs.pop('error_map', {})) - api_version = "2020-01-01" + api_version = "2021-06-01" accept = "application/json" # Construct URL @@ -166,7 +166,7 @@ async def get( map_error(status_code=response.status_code, response=response, error_map=error_map) raise HttpResponseError(response=response, error_format=ARMErrorFormat) - deserialized = self._deserialize('SecurityAssessment', pipeline_response) + deserialized = self._deserialize('SecurityAssessmentResponse', pipeline_response) if cls: return cls(pipeline_response, deserialized, {}) @@ -180,7 +180,7 @@ async def create_or_update( assessment_name: str, assessment: "_models.SecurityAssessment", **kwargs: Any - ) -> "_models.SecurityAssessment": + ) -> "_models.SecurityAssessmentResponse": """Create a security assessment on your resource. An assessment metadata that describes this assessment must be predefined with the same name before inserting the assessment result. @@ -191,16 +191,16 @@ async def create_or_update( :param assessment: Calculated assessment on a pre-defined assessment metadata. :type assessment: ~azure.mgmt.security.models.SecurityAssessment :keyword callable cls: A custom type or function that will be passed the direct response - :return: SecurityAssessment, or the result of cls(response) - :rtype: ~azure.mgmt.security.models.SecurityAssessment + :return: SecurityAssessmentResponse, or the result of cls(response) + :rtype: ~azure.mgmt.security.models.SecurityAssessmentResponse :raises: ~azure.core.exceptions.HttpResponseError """ - cls = kwargs.pop('cls', None) # type: ClsType["_models.SecurityAssessment"] + cls = kwargs.pop('cls', None) # type: ClsType["_models.SecurityAssessmentResponse"] error_map = { 401: ClientAuthenticationError, 404: ResourceNotFoundError, 409: ResourceExistsError } error_map.update(kwargs.pop('error_map', {})) - api_version = "2020-01-01" + api_version = "2021-06-01" content_type = kwargs.pop("content_type", "application/json") accept = "application/json" @@ -233,10 +233,10 @@ async def create_or_update( raise HttpResponseError(response=response, error_format=ARMErrorFormat) if response.status_code == 200: - deserialized = self._deserialize('SecurityAssessment', pipeline_response) + deserialized = self._deserialize('SecurityAssessmentResponse', pipeline_response) if response.status_code == 201: - deserialized = self._deserialize('SecurityAssessment', pipeline_response) + deserialized = self._deserialize('SecurityAssessmentResponse', pipeline_response) if cls: return cls(pipeline_response, deserialized, {}) @@ -267,7 +267,7 @@ async def delete( 401: ClientAuthenticationError, 404: ResourceNotFoundError, 409: ResourceExistsError } error_map.update(kwargs.pop('error_map', {})) - api_version = "2020-01-01" + api_version = "2021-06-01" accept = "application/json" # Construct URL diff --git a/sdk/security/azure-mgmt-security/azure/mgmt/security/aio/operations/_custom_assessment_automations_operations.py b/sdk/security/azure-mgmt-security/azure/mgmt/security/aio/operations/_custom_assessment_automations_operations.py new file mode 100644 index 000000000000..fb8d4a86b68b --- /dev/null +++ b/sdk/security/azure-mgmt-security/azure/mgmt/security/aio/operations/_custom_assessment_automations_operations.py @@ -0,0 +1,377 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for license information. +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is regenerated. +# -------------------------------------------------------------------------- +from typing import Any, AsyncIterable, Callable, Dict, Generic, Optional, TypeVar, Union +import warnings + +from azure.core.async_paging import AsyncItemPaged, AsyncList +from azure.core.exceptions import ClientAuthenticationError, HttpResponseError, ResourceExistsError, ResourceNotFoundError, map_error +from azure.core.pipeline import PipelineResponse +from azure.core.pipeline.transport import AsyncHttpResponse, HttpRequest +from azure.mgmt.core.exceptions import ARMErrorFormat + +from ... import models as _models + +T = TypeVar('T') +ClsType = Optional[Callable[[PipelineResponse[HttpRequest, AsyncHttpResponse], T, Dict[str, Any]], Any]] + +class CustomAssessmentAutomationsOperations: + """CustomAssessmentAutomationsOperations async operations. + + You should not instantiate this class directly. Instead, you should create a Client instance that + instantiates it for you and attaches it as an attribute. + + :ivar models: Alias to model classes used in this operation group. + :type models: ~azure.mgmt.security.models + :param client: Client for service requests. + :param config: Configuration of service client. + :param serializer: An object model serializer. + :param deserializer: An object model deserializer. + """ + + models = _models + + def __init__(self, client, config, serializer, deserializer) -> None: + self._client = client + self._serialize = serializer + self._deserialize = deserializer + self._config = config + + async def get( + self, + resource_group_name: str, + custom_assessment_automation_name: str, + **kwargs: Any + ) -> "_models.CustomAssessmentAutomation": + """Gets a custom assessment automation. + + Gets a single custom assessment automation by name for the provided subscription and resource + group. + + :param resource_group_name: The name of the resource group within the user's subscription. The + name is case insensitive. + :type resource_group_name: str + :param custom_assessment_automation_name: Name of the Custom Assessment Automation. + :type custom_assessment_automation_name: str + :keyword callable cls: A custom type or function that will be passed the direct response + :return: CustomAssessmentAutomation, or the result of cls(response) + :rtype: ~azure.mgmt.security.models.CustomAssessmentAutomation + :raises: ~azure.core.exceptions.HttpResponseError + """ + cls = kwargs.pop('cls', None) # type: ClsType["_models.CustomAssessmentAutomation"] + error_map = { + 401: ClientAuthenticationError, 404: ResourceNotFoundError, 409: ResourceExistsError + } + error_map.update(kwargs.pop('error_map', {})) + api_version = "2021-07-01-preview" + accept = "application/json" + + # Construct URL + url = self.get.metadata['url'] # type: ignore + path_format_arguments = { + 'subscriptionId': self._serialize.url("self._config.subscription_id", self._config.subscription_id, 'str', pattern=r'^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$'), + 'resourceGroupName': self._serialize.url("resource_group_name", resource_group_name, 'str', max_length=90, min_length=1, pattern=r'^[-\w\._\(\)]+$'), + 'customAssessmentAutomationName': self._serialize.url("custom_assessment_automation_name", custom_assessment_automation_name, 'str'), + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} # type: Dict[str, Any] + query_parameters['api-version'] = self._serialize.query("api_version", api_version, 'str') + + # Construct headers + header_parameters = {} # type: Dict[str, Any] + header_parameters['Accept'] = self._serialize.header("accept", accept, 'str') + + request = self._client.get(url, query_parameters, header_parameters) + pipeline_response = await self._client._pipeline.run(request, stream=False, **kwargs) + response = pipeline_response.http_response + + if response.status_code not in [200]: + map_error(status_code=response.status_code, response=response, error_map=error_map) + raise HttpResponseError(response=response, error_format=ARMErrorFormat) + + deserialized = self._deserialize('CustomAssessmentAutomation', pipeline_response) + + if cls: + return cls(pipeline_response, deserialized, {}) + + return deserialized + get.metadata = {'url': '/subscriptions/{subscriptionId}/resourcegroups/{resourceGroupName}/providers/Microsoft.Security/customAssessmentAutomations/{customAssessmentAutomationName}'} # type: ignore + + async def create( + self, + resource_group_name: str, + custom_assessment_automation_name: str, + custom_assessment_automation_body: "_models.CustomAssessmentAutomationRequest", + **kwargs: Any + ) -> "_models.CustomAssessmentAutomation": + """Creates a custom assessment automation. + + Creates or updates a custom assessment automation for the provided subscription. Please note + that providing an existing custom assessment automation will replace the existing record. + + :param resource_group_name: The name of the resource group within the user's subscription. The + name is case insensitive. + :type resource_group_name: str + :param custom_assessment_automation_name: Name of the Custom Assessment Automation. + :type custom_assessment_automation_name: str + :param custom_assessment_automation_body: Custom Assessment Automation body. + :type custom_assessment_automation_body: ~azure.mgmt.security.models.CustomAssessmentAutomationRequest + :keyword callable cls: A custom type or function that will be passed the direct response + :return: CustomAssessmentAutomation, or the result of cls(response) + :rtype: ~azure.mgmt.security.models.CustomAssessmentAutomation + :raises: ~azure.core.exceptions.HttpResponseError + """ + cls = kwargs.pop('cls', None) # type: ClsType["_models.CustomAssessmentAutomation"] + error_map = { + 401: ClientAuthenticationError, 404: ResourceNotFoundError, 409: ResourceExistsError + } + error_map.update(kwargs.pop('error_map', {})) + api_version = "2021-07-01-preview" + content_type = kwargs.pop("content_type", "application/json") + accept = "application/json" + + # Construct URL + url = self.create.metadata['url'] # type: ignore + path_format_arguments = { + 'subscriptionId': self._serialize.url("self._config.subscription_id", self._config.subscription_id, 'str', pattern=r'^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$'), + 'resourceGroupName': self._serialize.url("resource_group_name", resource_group_name, 'str', max_length=90, min_length=1, pattern=r'^[-\w\._\(\)]+$'), + 'customAssessmentAutomationName': self._serialize.url("custom_assessment_automation_name", custom_assessment_automation_name, 'str'), + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} # type: Dict[str, Any] + query_parameters['api-version'] = self._serialize.query("api_version", api_version, 'str') + + # Construct headers + header_parameters = {} # type: Dict[str, Any] + header_parameters['Content-Type'] = self._serialize.header("content_type", content_type, 'str') + header_parameters['Accept'] = self._serialize.header("accept", accept, 'str') + + body_content_kwargs = {} # type: Dict[str, Any] + body_content = self._serialize.body(custom_assessment_automation_body, 'CustomAssessmentAutomationRequest') + body_content_kwargs['content'] = body_content + request = self._client.put(url, query_parameters, header_parameters, **body_content_kwargs) + pipeline_response = await self._client._pipeline.run(request, stream=False, **kwargs) + response = pipeline_response.http_response + + if response.status_code not in [200, 201]: + map_error(status_code=response.status_code, response=response, error_map=error_map) + raise HttpResponseError(response=response, error_format=ARMErrorFormat) + + if response.status_code == 200: + deserialized = self._deserialize('CustomAssessmentAutomation', pipeline_response) + + if response.status_code == 201: + deserialized = self._deserialize('CustomAssessmentAutomation', pipeline_response) + + if cls: + return cls(pipeline_response, deserialized, {}) + + return deserialized + create.metadata = {'url': '/subscriptions/{subscriptionId}/resourcegroups/{resourceGroupName}/providers/Microsoft.Security/customAssessmentAutomations/{customAssessmentAutomationName}'} # type: ignore + + async def delete( + self, + resource_group_name: str, + custom_assessment_automation_name: str, + **kwargs: Any + ) -> None: + """Deletes a custom assessment automation. + + Deletes a custom assessment automation by name for a provided subscription. + + :param resource_group_name: The name of the resource group within the user's subscription. The + name is case insensitive. + :type resource_group_name: str + :param custom_assessment_automation_name: Name of the Custom Assessment Automation. + :type custom_assessment_automation_name: str + :keyword callable cls: A custom type or function that will be passed the direct response + :return: None, or the result of cls(response) + :rtype: None + :raises: ~azure.core.exceptions.HttpResponseError + """ + cls = kwargs.pop('cls', None) # type: ClsType[None] + error_map = { + 401: ClientAuthenticationError, 404: ResourceNotFoundError, 409: ResourceExistsError + } + error_map.update(kwargs.pop('error_map', {})) + api_version = "2021-07-01-preview" + accept = "application/json" + + # Construct URL + url = self.delete.metadata['url'] # type: ignore + path_format_arguments = { + 'subscriptionId': self._serialize.url("self._config.subscription_id", self._config.subscription_id, 'str', pattern=r'^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$'), + 'resourceGroupName': self._serialize.url("resource_group_name", resource_group_name, 'str', max_length=90, min_length=1, pattern=r'^[-\w\._\(\)]+$'), + 'customAssessmentAutomationName': self._serialize.url("custom_assessment_automation_name", custom_assessment_automation_name, 'str'), + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} # type: Dict[str, Any] + query_parameters['api-version'] = self._serialize.query("api_version", api_version, 'str') + + # Construct headers + header_parameters = {} # type: Dict[str, Any] + header_parameters['Accept'] = self._serialize.header("accept", accept, 'str') + + request = self._client.delete(url, query_parameters, header_parameters) + pipeline_response = await self._client._pipeline.run(request, stream=False, **kwargs) + response = pipeline_response.http_response + + if response.status_code not in [200, 204]: + map_error(status_code=response.status_code, response=response, error_map=error_map) + raise HttpResponseError(response=response, error_format=ARMErrorFormat) + + if cls: + return cls(pipeline_response, None, {}) + + delete.metadata = {'url': '/subscriptions/{subscriptionId}/resourcegroups/{resourceGroupName}/providers/Microsoft.Security/customAssessmentAutomations/{customAssessmentAutomationName}'} # type: ignore + + def list_by_resource_group( + self, + resource_group_name: str, + **kwargs: Any + ) -> AsyncIterable["_models.CustomAssessmentAutomationsListResult"]: + """List custom assessment automations in a subscription and a resource group. + + List custom assessment automations by provided subscription and resource group. + + :param resource_group_name: The name of the resource group within the user's subscription. The + name is case insensitive. + :type resource_group_name: str + :keyword callable cls: A custom type or function that will be passed the direct response + :return: An iterator like instance of either CustomAssessmentAutomationsListResult or the result of cls(response) + :rtype: ~azure.core.async_paging.AsyncItemPaged[~azure.mgmt.security.models.CustomAssessmentAutomationsListResult] + :raises: ~azure.core.exceptions.HttpResponseError + """ + cls = kwargs.pop('cls', None) # type: ClsType["_models.CustomAssessmentAutomationsListResult"] + error_map = { + 401: ClientAuthenticationError, 404: ResourceNotFoundError, 409: ResourceExistsError + } + error_map.update(kwargs.pop('error_map', {})) + api_version = "2021-07-01-preview" + accept = "application/json" + + def prepare_request(next_link=None): + # Construct headers + header_parameters = {} # type: Dict[str, Any] + header_parameters['Accept'] = self._serialize.header("accept", accept, 'str') + + if not next_link: + # Construct URL + url = self.list_by_resource_group.metadata['url'] # type: ignore + path_format_arguments = { + 'subscriptionId': self._serialize.url("self._config.subscription_id", self._config.subscription_id, 'str', pattern=r'^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$'), + 'resourceGroupName': self._serialize.url("resource_group_name", resource_group_name, 'str', max_length=90, min_length=1, pattern=r'^[-\w\._\(\)]+$'), + } + url = self._client.format_url(url, **path_format_arguments) + # Construct parameters + query_parameters = {} # type: Dict[str, Any] + query_parameters['api-version'] = self._serialize.query("api_version", api_version, 'str') + + request = self._client.get(url, query_parameters, header_parameters) + else: + url = next_link + query_parameters = {} # type: Dict[str, Any] + request = self._client.get(url, query_parameters, header_parameters) + return request + + async def extract_data(pipeline_response): + deserialized = self._deserialize('CustomAssessmentAutomationsListResult', pipeline_response) + list_of_elem = deserialized.value + if cls: + list_of_elem = cls(list_of_elem) + return deserialized.next_link or None, AsyncList(list_of_elem) + + async def get_next(next_link=None): + request = prepare_request(next_link) + + pipeline_response = await self._client._pipeline.run(request, stream=False, **kwargs) + response = pipeline_response.http_response + + if response.status_code not in [200]: + map_error(status_code=response.status_code, response=response, error_map=error_map) + raise HttpResponseError(response=response, error_format=ARMErrorFormat) + + return pipeline_response + + return AsyncItemPaged( + get_next, extract_data + ) + list_by_resource_group.metadata = {'url': '/subscriptions/{subscriptionId}/resourcegroups/{resourceGroupName}/providers/Microsoft.Security/customAssessmentAutomations'} # type: ignore + + def list_by_subscription( + self, + **kwargs: Any + ) -> AsyncIterable["_models.CustomAssessmentAutomationsListResult"]: + """List custom assessment automations in a subscription. + + List custom assessment automations by provided subscription. + + :keyword callable cls: A custom type or function that will be passed the direct response + :return: An iterator like instance of either CustomAssessmentAutomationsListResult or the result of cls(response) + :rtype: ~azure.core.async_paging.AsyncItemPaged[~azure.mgmt.security.models.CustomAssessmentAutomationsListResult] + :raises: ~azure.core.exceptions.HttpResponseError + """ + cls = kwargs.pop('cls', None) # type: ClsType["_models.CustomAssessmentAutomationsListResult"] + error_map = { + 401: ClientAuthenticationError, 404: ResourceNotFoundError, 409: ResourceExistsError + } + error_map.update(kwargs.pop('error_map', {})) + api_version = "2021-07-01-preview" + accept = "application/json" + + def prepare_request(next_link=None): + # Construct headers + header_parameters = {} # type: Dict[str, Any] + header_parameters['Accept'] = self._serialize.header("accept", accept, 'str') + + if not next_link: + # Construct URL + url = self.list_by_subscription.metadata['url'] # type: ignore + path_format_arguments = { + 'subscriptionId': self._serialize.url("self._config.subscription_id", self._config.subscription_id, 'str', pattern=r'^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$'), + } + url = self._client.format_url(url, **path_format_arguments) + # Construct parameters + query_parameters = {} # type: Dict[str, Any] + query_parameters['api-version'] = self._serialize.query("api_version", api_version, 'str') + + request = self._client.get(url, query_parameters, header_parameters) + else: + url = next_link + query_parameters = {} # type: Dict[str, Any] + request = self._client.get(url, query_parameters, header_parameters) + return request + + async def extract_data(pipeline_response): + deserialized = self._deserialize('CustomAssessmentAutomationsListResult', pipeline_response) + list_of_elem = deserialized.value + if cls: + list_of_elem = cls(list_of_elem) + return deserialized.next_link or None, AsyncList(list_of_elem) + + async def get_next(next_link=None): + request = prepare_request(next_link) + + pipeline_response = await self._client._pipeline.run(request, stream=False, **kwargs) + response = pipeline_response.http_response + + if response.status_code not in [200]: + map_error(status_code=response.status_code, response=response, error_map=error_map) + raise HttpResponseError(response=response, error_format=ARMErrorFormat) + + return pipeline_response + + return AsyncItemPaged( + get_next, extract_data + ) + list_by_subscription.metadata = {'url': '/subscriptions/{subscriptionId}/providers/Microsoft.Security/customAssessmentAutomations'} # type: ignore diff --git a/sdk/security/azure-mgmt-security/azure/mgmt/security/aio/operations/_custom_entity_store_assignments_operations.py b/sdk/security/azure-mgmt-security/azure/mgmt/security/aio/operations/_custom_entity_store_assignments_operations.py new file mode 100644 index 000000000000..9acb28ad4558 --- /dev/null +++ b/sdk/security/azure-mgmt-security/azure/mgmt/security/aio/operations/_custom_entity_store_assignments_operations.py @@ -0,0 +1,379 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for license information. +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is regenerated. +# -------------------------------------------------------------------------- +from typing import Any, AsyncIterable, Callable, Dict, Generic, Optional, TypeVar, Union +import warnings + +from azure.core.async_paging import AsyncItemPaged, AsyncList +from azure.core.exceptions import ClientAuthenticationError, HttpResponseError, ResourceExistsError, ResourceNotFoundError, map_error +from azure.core.pipeline import PipelineResponse +from azure.core.pipeline.transport import AsyncHttpResponse, HttpRequest +from azure.mgmt.core.exceptions import ARMErrorFormat + +from ... import models as _models + +T = TypeVar('T') +ClsType = Optional[Callable[[PipelineResponse[HttpRequest, AsyncHttpResponse], T, Dict[str, Any]], Any]] + +class CustomEntityStoreAssignmentsOperations: + """CustomEntityStoreAssignmentsOperations async operations. + + You should not instantiate this class directly. Instead, you should create a Client instance that + instantiates it for you and attaches it as an attribute. + + :ivar models: Alias to model classes used in this operation group. + :type models: ~azure.mgmt.security.models + :param client: Client for service requests. + :param config: Configuration of service client. + :param serializer: An object model serializer. + :param deserializer: An object model deserializer. + """ + + models = _models + + def __init__(self, client, config, serializer, deserializer) -> None: + self._client = client + self._serialize = serializer + self._deserialize = deserializer + self._config = config + + async def get( + self, + resource_group_name: str, + custom_entity_store_assignment_name: str, + **kwargs: Any + ) -> "_models.CustomEntityStoreAssignment": + """Gets a custom entity store assignment. + + Gets a single custom entity store assignment by name for the provided subscription and resource + group. + + :param resource_group_name: The name of the resource group within the user's subscription. The + name is case insensitive. + :type resource_group_name: str + :param custom_entity_store_assignment_name: Name of the custom entity store assignment. + Generated name is GUID. + :type custom_entity_store_assignment_name: str + :keyword callable cls: A custom type or function that will be passed the direct response + :return: CustomEntityStoreAssignment, or the result of cls(response) + :rtype: ~azure.mgmt.security.models.CustomEntityStoreAssignment + :raises: ~azure.core.exceptions.HttpResponseError + """ + cls = kwargs.pop('cls', None) # type: ClsType["_models.CustomEntityStoreAssignment"] + error_map = { + 401: ClientAuthenticationError, 404: ResourceNotFoundError, 409: ResourceExistsError + } + error_map.update(kwargs.pop('error_map', {})) + api_version = "2021-07-01-preview" + accept = "application/json" + + # Construct URL + url = self.get.metadata['url'] # type: ignore + path_format_arguments = { + 'subscriptionId': self._serialize.url("self._config.subscription_id", self._config.subscription_id, 'str', pattern=r'^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$'), + 'resourceGroupName': self._serialize.url("resource_group_name", resource_group_name, 'str', max_length=90, min_length=1, pattern=r'^[-\w\._\(\)]+$'), + 'customEntityStoreAssignmentName': self._serialize.url("custom_entity_store_assignment_name", custom_entity_store_assignment_name, 'str'), + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} # type: Dict[str, Any] + query_parameters['api-version'] = self._serialize.query("api_version", api_version, 'str') + + # Construct headers + header_parameters = {} # type: Dict[str, Any] + header_parameters['Accept'] = self._serialize.header("accept", accept, 'str') + + request = self._client.get(url, query_parameters, header_parameters) + pipeline_response = await self._client._pipeline.run(request, stream=False, **kwargs) + response = pipeline_response.http_response + + if response.status_code not in [200]: + map_error(status_code=response.status_code, response=response, error_map=error_map) + raise HttpResponseError(response=response, error_format=ARMErrorFormat) + + deserialized = self._deserialize('CustomEntityStoreAssignment', pipeline_response) + + if cls: + return cls(pipeline_response, deserialized, {}) + + return deserialized + get.metadata = {'url': '/subscriptions/{subscriptionId}/resourcegroups/{resourceGroupName}/providers/Microsoft.Security/customEntityStoreAssignments/{customEntityStoreAssignmentName}'} # type: ignore + + async def create( + self, + resource_group_name: str, + custom_entity_store_assignment_name: str, + custom_entity_store_assignment_request_body: "_models.CustomEntityStoreAssignmentRequest", + **kwargs: Any + ) -> "_models.CustomEntityStoreAssignment": + """Creates a custom entity store assignment. + + Creates a custom entity store assignment for the provided subscription, if not already exists. + + :param resource_group_name: The name of the resource group within the user's subscription. The + name is case insensitive. + :type resource_group_name: str + :param custom_entity_store_assignment_name: Name of the custom entity store assignment. + Generated name is GUID. + :type custom_entity_store_assignment_name: str + :param custom_entity_store_assignment_request_body: Custom entity store assignment body. + :type custom_entity_store_assignment_request_body: ~azure.mgmt.security.models.CustomEntityStoreAssignmentRequest + :keyword callable cls: A custom type or function that will be passed the direct response + :return: CustomEntityStoreAssignment, or the result of cls(response) + :rtype: ~azure.mgmt.security.models.CustomEntityStoreAssignment + :raises: ~azure.core.exceptions.HttpResponseError + """ + cls = kwargs.pop('cls', None) # type: ClsType["_models.CustomEntityStoreAssignment"] + error_map = { + 401: ClientAuthenticationError, 404: ResourceNotFoundError, 409: ResourceExistsError + } + error_map.update(kwargs.pop('error_map', {})) + api_version = "2021-07-01-preview" + content_type = kwargs.pop("content_type", "application/json") + accept = "application/json" + + # Construct URL + url = self.create.metadata['url'] # type: ignore + path_format_arguments = { + 'subscriptionId': self._serialize.url("self._config.subscription_id", self._config.subscription_id, 'str', pattern=r'^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$'), + 'resourceGroupName': self._serialize.url("resource_group_name", resource_group_name, 'str', max_length=90, min_length=1, pattern=r'^[-\w\._\(\)]+$'), + 'customEntityStoreAssignmentName': self._serialize.url("custom_entity_store_assignment_name", custom_entity_store_assignment_name, 'str'), + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} # type: Dict[str, Any] + query_parameters['api-version'] = self._serialize.query("api_version", api_version, 'str') + + # Construct headers + header_parameters = {} # type: Dict[str, Any] + header_parameters['Content-Type'] = self._serialize.header("content_type", content_type, 'str') + header_parameters['Accept'] = self._serialize.header("accept", accept, 'str') + + body_content_kwargs = {} # type: Dict[str, Any] + body_content = self._serialize.body(custom_entity_store_assignment_request_body, 'CustomEntityStoreAssignmentRequest') + body_content_kwargs['content'] = body_content + request = self._client.put(url, query_parameters, header_parameters, **body_content_kwargs) + pipeline_response = await self._client._pipeline.run(request, stream=False, **kwargs) + response = pipeline_response.http_response + + if response.status_code not in [200, 201]: + map_error(status_code=response.status_code, response=response, error_map=error_map) + raise HttpResponseError(response=response, error_format=ARMErrorFormat) + + if response.status_code == 200: + deserialized = self._deserialize('CustomEntityStoreAssignment', pipeline_response) + + if response.status_code == 201: + deserialized = self._deserialize('CustomEntityStoreAssignment', pipeline_response) + + if cls: + return cls(pipeline_response, deserialized, {}) + + return deserialized + create.metadata = {'url': '/subscriptions/{subscriptionId}/resourcegroups/{resourceGroupName}/providers/Microsoft.Security/customEntityStoreAssignments/{customEntityStoreAssignmentName}'} # type: ignore + + async def delete( + self, + resource_group_name: str, + custom_entity_store_assignment_name: str, + **kwargs: Any + ) -> None: + """Deleted a custom entity store assignment. + + Delete a custom entity store assignment by name for a provided subscription. + + :param resource_group_name: The name of the resource group within the user's subscription. The + name is case insensitive. + :type resource_group_name: str + :param custom_entity_store_assignment_name: Name of the custom entity store assignment. + Generated name is GUID. + :type custom_entity_store_assignment_name: str + :keyword callable cls: A custom type or function that will be passed the direct response + :return: None, or the result of cls(response) + :rtype: None + :raises: ~azure.core.exceptions.HttpResponseError + """ + cls = kwargs.pop('cls', None) # type: ClsType[None] + error_map = { + 401: ClientAuthenticationError, 404: ResourceNotFoundError, 409: ResourceExistsError + } + error_map.update(kwargs.pop('error_map', {})) + api_version = "2021-07-01-preview" + accept = "application/json" + + # Construct URL + url = self.delete.metadata['url'] # type: ignore + path_format_arguments = { + 'subscriptionId': self._serialize.url("self._config.subscription_id", self._config.subscription_id, 'str', pattern=r'^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$'), + 'resourceGroupName': self._serialize.url("resource_group_name", resource_group_name, 'str', max_length=90, min_length=1, pattern=r'^[-\w\._\(\)]+$'), + 'customEntityStoreAssignmentName': self._serialize.url("custom_entity_store_assignment_name", custom_entity_store_assignment_name, 'str'), + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} # type: Dict[str, Any] + query_parameters['api-version'] = self._serialize.query("api_version", api_version, 'str') + + # Construct headers + header_parameters = {} # type: Dict[str, Any] + header_parameters['Accept'] = self._serialize.header("accept", accept, 'str') + + request = self._client.delete(url, query_parameters, header_parameters) + pipeline_response = await self._client._pipeline.run(request, stream=False, **kwargs) + response = pipeline_response.http_response + + if response.status_code not in [200, 204]: + map_error(status_code=response.status_code, response=response, error_map=error_map) + raise HttpResponseError(response=response, error_format=ARMErrorFormat) + + if cls: + return cls(pipeline_response, None, {}) + + delete.metadata = {'url': '/subscriptions/{subscriptionId}/resourcegroups/{resourceGroupName}/providers/Microsoft.Security/customEntityStoreAssignments/{customEntityStoreAssignmentName}'} # type: ignore + + def list_by_resource_group( + self, + resource_group_name: str, + **kwargs: Any + ) -> AsyncIterable["_models.CustomEntityStoreAssignmentsListResult"]: + """List custom entity store assignments in a subscription and a resource group. + + List custom entity store assignments by a provided subscription and resource group. + + :param resource_group_name: The name of the resource group within the user's subscription. The + name is case insensitive. + :type resource_group_name: str + :keyword callable cls: A custom type or function that will be passed the direct response + :return: An iterator like instance of either CustomEntityStoreAssignmentsListResult or the result of cls(response) + :rtype: ~azure.core.async_paging.AsyncItemPaged[~azure.mgmt.security.models.CustomEntityStoreAssignmentsListResult] + :raises: ~azure.core.exceptions.HttpResponseError + """ + cls = kwargs.pop('cls', None) # type: ClsType["_models.CustomEntityStoreAssignmentsListResult"] + error_map = { + 401: ClientAuthenticationError, 404: ResourceNotFoundError, 409: ResourceExistsError + } + error_map.update(kwargs.pop('error_map', {})) + api_version = "2021-07-01-preview" + accept = "application/json" + + def prepare_request(next_link=None): + # Construct headers + header_parameters = {} # type: Dict[str, Any] + header_parameters['Accept'] = self._serialize.header("accept", accept, 'str') + + if not next_link: + # Construct URL + url = self.list_by_resource_group.metadata['url'] # type: ignore + path_format_arguments = { + 'subscriptionId': self._serialize.url("self._config.subscription_id", self._config.subscription_id, 'str', pattern=r'^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$'), + 'resourceGroupName': self._serialize.url("resource_group_name", resource_group_name, 'str', max_length=90, min_length=1, pattern=r'^[-\w\._\(\)]+$'), + } + url = self._client.format_url(url, **path_format_arguments) + # Construct parameters + query_parameters = {} # type: Dict[str, Any] + query_parameters['api-version'] = self._serialize.query("api_version", api_version, 'str') + + request = self._client.get(url, query_parameters, header_parameters) + else: + url = next_link + query_parameters = {} # type: Dict[str, Any] + request = self._client.get(url, query_parameters, header_parameters) + return request + + async def extract_data(pipeline_response): + deserialized = self._deserialize('CustomEntityStoreAssignmentsListResult', pipeline_response) + list_of_elem = deserialized.value + if cls: + list_of_elem = cls(list_of_elem) + return deserialized.next_link or None, AsyncList(list_of_elem) + + async def get_next(next_link=None): + request = prepare_request(next_link) + + pipeline_response = await self._client._pipeline.run(request, stream=False, **kwargs) + response = pipeline_response.http_response + + if response.status_code not in [200]: + map_error(status_code=response.status_code, response=response, error_map=error_map) + raise HttpResponseError(response=response, error_format=ARMErrorFormat) + + return pipeline_response + + return AsyncItemPaged( + get_next, extract_data + ) + list_by_resource_group.metadata = {'url': '/subscriptions/{subscriptionId}/resourcegroups/{resourceGroupName}/providers/Microsoft.Security/customEntityStoreAssignments'} # type: ignore + + def list_by_subscription( + self, + **kwargs: Any + ) -> AsyncIterable["_models.CustomEntityStoreAssignmentsListResult"]: + """List custom entity store assignments in a subscription. + + List custom entity store assignments by provided subscription. + + :keyword callable cls: A custom type or function that will be passed the direct response + :return: An iterator like instance of either CustomEntityStoreAssignmentsListResult or the result of cls(response) + :rtype: ~azure.core.async_paging.AsyncItemPaged[~azure.mgmt.security.models.CustomEntityStoreAssignmentsListResult] + :raises: ~azure.core.exceptions.HttpResponseError + """ + cls = kwargs.pop('cls', None) # type: ClsType["_models.CustomEntityStoreAssignmentsListResult"] + error_map = { + 401: ClientAuthenticationError, 404: ResourceNotFoundError, 409: ResourceExistsError + } + error_map.update(kwargs.pop('error_map', {})) + api_version = "2021-07-01-preview" + accept = "application/json" + + def prepare_request(next_link=None): + # Construct headers + header_parameters = {} # type: Dict[str, Any] + header_parameters['Accept'] = self._serialize.header("accept", accept, 'str') + + if not next_link: + # Construct URL + url = self.list_by_subscription.metadata['url'] # type: ignore + path_format_arguments = { + 'subscriptionId': self._serialize.url("self._config.subscription_id", self._config.subscription_id, 'str', pattern=r'^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$'), + } + url = self._client.format_url(url, **path_format_arguments) + # Construct parameters + query_parameters = {} # type: Dict[str, Any] + query_parameters['api-version'] = self._serialize.query("api_version", api_version, 'str') + + request = self._client.get(url, query_parameters, header_parameters) + else: + url = next_link + query_parameters = {} # type: Dict[str, Any] + request = self._client.get(url, query_parameters, header_parameters) + return request + + async def extract_data(pipeline_response): + deserialized = self._deserialize('CustomEntityStoreAssignmentsListResult', pipeline_response) + list_of_elem = deserialized.value + if cls: + list_of_elem = cls(list_of_elem) + return deserialized.next_link or None, AsyncList(list_of_elem) + + async def get_next(next_link=None): + request = prepare_request(next_link) + + pipeline_response = await self._client._pipeline.run(request, stream=False, **kwargs) + response = pipeline_response.http_response + + if response.status_code not in [200]: + map_error(status_code=response.status_code, response=response, error_map=error_map) + raise HttpResponseError(response=response, error_format=ARMErrorFormat) + + return pipeline_response + + return AsyncItemPaged( + get_next, extract_data + ) + list_by_subscription.metadata = {'url': '/subscriptions/{subscriptionId}/providers/Microsoft.Security/customEntityStoreAssignments'} # type: ignore diff --git a/sdk/security/azure-mgmt-security/azure/mgmt/security/aio/operations/_information_protection_policies_operations.py b/sdk/security/azure-mgmt-security/azure/mgmt/security/aio/operations/_information_protection_policies_operations.py index 821084dba221..4d6ebdd00891 100644 --- a/sdk/security/azure-mgmt-security/azure/mgmt/security/aio/operations/_information_protection_policies_operations.py +++ b/sdk/security/azure-mgmt-security/azure/mgmt/security/aio/operations/_information_protection_policies_operations.py @@ -44,7 +44,7 @@ def __init__(self, client, config, serializer, deserializer) -> None: async def get( self, scope: str, - information_protection_policy_name: Union[str, "_models.Enum15"], + information_protection_policy_name: Union[str, "_models.Enum19"], **kwargs: Any ) -> "_models.InformationProtectionPolicy": """Details of the information protection policy. @@ -54,7 +54,7 @@ async def get( (/providers/Microsoft.Management/managementGroups/mgName). :type scope: str :param information_protection_policy_name: Name of the information protection policy. - :type information_protection_policy_name: str or ~azure.mgmt.security.models.Enum15 + :type information_protection_policy_name: str or ~azure.mgmt.security.models.Enum19 :keyword callable cls: A custom type or function that will be passed the direct response :return: InformationProtectionPolicy, or the result of cls(response) :rtype: ~azure.mgmt.security.models.InformationProtectionPolicy @@ -103,7 +103,7 @@ async def get( async def create_or_update( self, scope: str, - information_protection_policy_name: Union[str, "_models.Enum15"], + information_protection_policy_name: Union[str, "_models.Enum19"], information_protection_policy: "_models.InformationProtectionPolicy", **kwargs: Any ) -> "_models.InformationProtectionPolicy": @@ -114,7 +114,7 @@ async def create_or_update( (/providers/Microsoft.Management/managementGroups/mgName). :type scope: str :param information_protection_policy_name: Name of the information protection policy. - :type information_protection_policy_name: str or ~azure.mgmt.security.models.Enum15 + :type information_protection_policy_name: str or ~azure.mgmt.security.models.Enum19 :param information_protection_policy: Information protection policy. :type information_protection_policy: ~azure.mgmt.security.models.InformationProtectionPolicy :keyword callable cls: A custom type or function that will be passed the direct response diff --git a/sdk/security/azure-mgmt-security/azure/mgmt/security/aio/operations/_mde_onboardings_operations.py b/sdk/security/azure-mgmt-security/azure/mgmt/security/aio/operations/_mde_onboardings_operations.py new file mode 100644 index 000000000000..6128cdc58bf6 --- /dev/null +++ b/sdk/security/azure-mgmt-security/azure/mgmt/security/aio/operations/_mde_onboardings_operations.py @@ -0,0 +1,141 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for license information. +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is regenerated. +# -------------------------------------------------------------------------- +from typing import Any, Callable, Dict, Generic, Optional, TypeVar +import warnings + +from azure.core.exceptions import ClientAuthenticationError, HttpResponseError, ResourceExistsError, ResourceNotFoundError, map_error +from azure.core.pipeline import PipelineResponse +from azure.core.pipeline.transport import AsyncHttpResponse, HttpRequest +from azure.mgmt.core.exceptions import ARMErrorFormat + +from ... import models as _models + +T = TypeVar('T') +ClsType = Optional[Callable[[PipelineResponse[HttpRequest, AsyncHttpResponse], T, Dict[str, Any]], Any]] + +class MdeOnboardingsOperations: + """MdeOnboardingsOperations async operations. + + You should not instantiate this class directly. Instead, you should create a Client instance that + instantiates it for you and attaches it as an attribute. + + :ivar models: Alias to model classes used in this operation group. + :type models: ~azure.mgmt.security.models + :param client: Client for service requests. + :param config: Configuration of service client. + :param serializer: An object model serializer. + :param deserializer: An object model deserializer. + """ + + models = _models + + def __init__(self, client, config, serializer, deserializer) -> None: + self._client = client + self._serialize = serializer + self._deserialize = deserializer + self._config = config + + async def list( + self, + **kwargs: Any + ) -> "_models.MdeOnboardingDataList": + """The configuration or data needed to onboard the machine to MDE. + + :keyword callable cls: A custom type or function that will be passed the direct response + :return: MdeOnboardingDataList, or the result of cls(response) + :rtype: ~azure.mgmt.security.models.MdeOnboardingDataList + :raises: ~azure.core.exceptions.HttpResponseError + """ + cls = kwargs.pop('cls', None) # type: ClsType["_models.MdeOnboardingDataList"] + error_map = { + 401: ClientAuthenticationError, 404: ResourceNotFoundError, 409: ResourceExistsError + } + error_map.update(kwargs.pop('error_map', {})) + api_version = "2021-10-01-preview" + accept = "application/json" + + # Construct URL + url = self.list.metadata['url'] # type: ignore + path_format_arguments = { + 'subscriptionId': self._serialize.url("self._config.subscription_id", self._config.subscription_id, 'str', pattern=r'^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$'), + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} # type: Dict[str, Any] + query_parameters['api-version'] = self._serialize.query("api_version", api_version, 'str') + + # Construct headers + header_parameters = {} # type: Dict[str, Any] + header_parameters['Accept'] = self._serialize.header("accept", accept, 'str') + + request = self._client.get(url, query_parameters, header_parameters) + pipeline_response = await self._client._pipeline.run(request, stream=False, **kwargs) + response = pipeline_response.http_response + + if response.status_code not in [200]: + map_error(status_code=response.status_code, response=response, error_map=error_map) + raise HttpResponseError(response=response, error_format=ARMErrorFormat) + + deserialized = self._deserialize('MdeOnboardingDataList', pipeline_response) + + if cls: + return cls(pipeline_response, deserialized, {}) + + return deserialized + list.metadata = {'url': '/subscriptions/{subscriptionId}/providers/Microsoft.Security/mdeOnboardings'} # type: ignore + + async def get( + self, + **kwargs: Any + ) -> "_models.MdeOnboardingData": + """The default configuration or data needed to onboard the machine to MDE. + + :keyword callable cls: A custom type or function that will be passed the direct response + :return: MdeOnboardingData, or the result of cls(response) + :rtype: ~azure.mgmt.security.models.MdeOnboardingData + :raises: ~azure.core.exceptions.HttpResponseError + """ + cls = kwargs.pop('cls', None) # type: ClsType["_models.MdeOnboardingData"] + error_map = { + 401: ClientAuthenticationError, 404: ResourceNotFoundError, 409: ResourceExistsError + } + error_map.update(kwargs.pop('error_map', {})) + api_version = "2021-10-01-preview" + accept = "application/json" + + # Construct URL + url = self.get.metadata['url'] # type: ignore + path_format_arguments = { + 'subscriptionId': self._serialize.url("self._config.subscription_id", self._config.subscription_id, 'str', pattern=r'^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$'), + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} # type: Dict[str, Any] + query_parameters['api-version'] = self._serialize.query("api_version", api_version, 'str') + + # Construct headers + header_parameters = {} # type: Dict[str, Any] + header_parameters['Accept'] = self._serialize.header("accept", accept, 'str') + + request = self._client.get(url, query_parameters, header_parameters) + pipeline_response = await self._client._pipeline.run(request, stream=False, **kwargs) + response = pipeline_response.http_response + + if response.status_code not in [200]: + map_error(status_code=response.status_code, response=response, error_map=error_map) + raise HttpResponseError(response=response, error_format=ARMErrorFormat) + + deserialized = self._deserialize('MdeOnboardingData', pipeline_response) + + if cls: + return cls(pipeline_response, deserialized, {}) + + return deserialized + get.metadata = {'url': '/subscriptions/{subscriptionId}/providers/Microsoft.Security/mdeOnboardings/default'} # type: ignore diff --git a/sdk/security/azure-mgmt-security/azure/mgmt/security/aio/operations/_security_connectors_operations.py b/sdk/security/azure-mgmt-security/azure/mgmt/security/aio/operations/_security_connectors_operations.py new file mode 100644 index 000000000000..c70d704f061a --- /dev/null +++ b/sdk/security/azure-mgmt-security/azure/mgmt/security/aio/operations/_security_connectors_operations.py @@ -0,0 +1,435 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for license information. +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is regenerated. +# -------------------------------------------------------------------------- +from typing import Any, AsyncIterable, Callable, Dict, Generic, Optional, TypeVar, Union +import warnings + +from azure.core.async_paging import AsyncItemPaged, AsyncList +from azure.core.exceptions import ClientAuthenticationError, HttpResponseError, ResourceExistsError, ResourceNotFoundError, map_error +from azure.core.pipeline import PipelineResponse +from azure.core.pipeline.transport import AsyncHttpResponse, HttpRequest +from azure.mgmt.core.exceptions import ARMErrorFormat + +from ... import models as _models + +T = TypeVar('T') +ClsType = Optional[Callable[[PipelineResponse[HttpRequest, AsyncHttpResponse], T, Dict[str, Any]], Any]] + +class SecurityConnectorsOperations: + """SecurityConnectorsOperations async operations. + + You should not instantiate this class directly. Instead, you should create a Client instance that + instantiates it for you and attaches it as an attribute. + + :ivar models: Alias to model classes used in this operation group. + :type models: ~azure.mgmt.security.models + :param client: Client for service requests. + :param config: Configuration of service client. + :param serializer: An object model serializer. + :param deserializer: An object model deserializer. + """ + + models = _models + + def __init__(self, client, config, serializer, deserializer) -> None: + self._client = client + self._serialize = serializer + self._deserialize = deserializer + self._config = config + + def list( + self, + **kwargs: Any + ) -> AsyncIterable["_models.SecurityConnectorsList"]: + """Lists all the security connectors in the specified subscription. Use the 'nextLink' property in + the response to get the next page of security connectors for the specified subscription. + + :keyword callable cls: A custom type or function that will be passed the direct response + :return: An iterator like instance of either SecurityConnectorsList or the result of cls(response) + :rtype: ~azure.core.async_paging.AsyncItemPaged[~azure.mgmt.security.models.SecurityConnectorsList] + :raises: ~azure.core.exceptions.HttpResponseError + """ + cls = kwargs.pop('cls', None) # type: ClsType["_models.SecurityConnectorsList"] + error_map = { + 401: ClientAuthenticationError, 404: ResourceNotFoundError, 409: ResourceExistsError + } + error_map.update(kwargs.pop('error_map', {})) + api_version = "2021-07-01-preview" + accept = "application/json" + + def prepare_request(next_link=None): + # Construct headers + header_parameters = {} # type: Dict[str, Any] + header_parameters['Accept'] = self._serialize.header("accept", accept, 'str') + + if not next_link: + # Construct URL + url = self.list.metadata['url'] # type: ignore + path_format_arguments = { + 'subscriptionId': self._serialize.url("self._config.subscription_id", self._config.subscription_id, 'str', pattern=r'^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$'), + } + url = self._client.format_url(url, **path_format_arguments) + # Construct parameters + query_parameters = {} # type: Dict[str, Any] + query_parameters['api-version'] = self._serialize.query("api_version", api_version, 'str') + + request = self._client.get(url, query_parameters, header_parameters) + else: + url = next_link + query_parameters = {} # type: Dict[str, Any] + request = self._client.get(url, query_parameters, header_parameters) + return request + + async def extract_data(pipeline_response): + deserialized = self._deserialize('SecurityConnectorsList', pipeline_response) + list_of_elem = deserialized.value + if cls: + list_of_elem = cls(list_of_elem) + return deserialized.next_link or None, AsyncList(list_of_elem) + + async def get_next(next_link=None): + request = prepare_request(next_link) + + pipeline_response = await self._client._pipeline.run(request, stream=False, **kwargs) + response = pipeline_response.http_response + + if response.status_code not in [200]: + map_error(status_code=response.status_code, response=response, error_map=error_map) + raise HttpResponseError(response=response, error_format=ARMErrorFormat) + + return pipeline_response + + return AsyncItemPaged( + get_next, extract_data + ) + list.metadata = {'url': '/subscriptions/{subscriptionId}/providers/Microsoft.Security/securityConnectors'} # type: ignore + + def list_by_resource_group( + self, + resource_group_name: str, + **kwargs: Any + ) -> AsyncIterable["_models.SecurityConnectorsList"]: + """Lists all the security connectors in the specified resource group. Use the 'nextLink' property + in the response to get the next page of security connectors for the specified resource group. + + :param resource_group_name: The name of the resource group within the user's subscription. The + name is case insensitive. + :type resource_group_name: str + :keyword callable cls: A custom type or function that will be passed the direct response + :return: An iterator like instance of either SecurityConnectorsList or the result of cls(response) + :rtype: ~azure.core.async_paging.AsyncItemPaged[~azure.mgmt.security.models.SecurityConnectorsList] + :raises: ~azure.core.exceptions.HttpResponseError + """ + cls = kwargs.pop('cls', None) # type: ClsType["_models.SecurityConnectorsList"] + error_map = { + 401: ClientAuthenticationError, 404: ResourceNotFoundError, 409: ResourceExistsError + } + error_map.update(kwargs.pop('error_map', {})) + api_version = "2021-07-01-preview" + accept = "application/json" + + def prepare_request(next_link=None): + # Construct headers + header_parameters = {} # type: Dict[str, Any] + header_parameters['Accept'] = self._serialize.header("accept", accept, 'str') + + if not next_link: + # Construct URL + url = self.list_by_resource_group.metadata['url'] # type: ignore + path_format_arguments = { + 'subscriptionId': self._serialize.url("self._config.subscription_id", self._config.subscription_id, 'str', pattern=r'^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$'), + 'resourceGroupName': self._serialize.url("resource_group_name", resource_group_name, 'str', max_length=90, min_length=1, pattern=r'^[-\w\._\(\)]+$'), + } + url = self._client.format_url(url, **path_format_arguments) + # Construct parameters + query_parameters = {} # type: Dict[str, Any] + query_parameters['api-version'] = self._serialize.query("api_version", api_version, 'str') + + request = self._client.get(url, query_parameters, header_parameters) + else: + url = next_link + query_parameters = {} # type: Dict[str, Any] + request = self._client.get(url, query_parameters, header_parameters) + return request + + async def extract_data(pipeline_response): + deserialized = self._deserialize('SecurityConnectorsList', pipeline_response) + list_of_elem = deserialized.value + if cls: + list_of_elem = cls(list_of_elem) + return deserialized.next_link or None, AsyncList(list_of_elem) + + async def get_next(next_link=None): + request = prepare_request(next_link) + + pipeline_response = await self._client._pipeline.run(request, stream=False, **kwargs) + response = pipeline_response.http_response + + if response.status_code not in [200]: + map_error(status_code=response.status_code, response=response, error_map=error_map) + raise HttpResponseError(response=response, error_format=ARMErrorFormat) + + return pipeline_response + + return AsyncItemPaged( + get_next, extract_data + ) + list_by_resource_group.metadata = {'url': '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/securityConnectors'} # type: ignore + + async def get( + self, + resource_group_name: str, + security_connector_name: str, + **kwargs: Any + ) -> "_models.SecurityConnector": + """Retrieves details of a specific security connector. + + :param resource_group_name: The name of the resource group within the user's subscription. The + name is case insensitive. + :type resource_group_name: str + :param security_connector_name: The security connector name. + :type security_connector_name: str + :keyword callable cls: A custom type or function that will be passed the direct response + :return: SecurityConnector, or the result of cls(response) + :rtype: ~azure.mgmt.security.models.SecurityConnector + :raises: ~azure.core.exceptions.HttpResponseError + """ + cls = kwargs.pop('cls', None) # type: ClsType["_models.SecurityConnector"] + error_map = { + 401: ClientAuthenticationError, 404: ResourceNotFoundError, 409: ResourceExistsError + } + error_map.update(kwargs.pop('error_map', {})) + api_version = "2021-07-01-preview" + accept = "application/json" + + # Construct URL + url = self.get.metadata['url'] # type: ignore + path_format_arguments = { + 'subscriptionId': self._serialize.url("self._config.subscription_id", self._config.subscription_id, 'str', pattern=r'^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$'), + 'resourceGroupName': self._serialize.url("resource_group_name", resource_group_name, 'str', max_length=90, min_length=1, pattern=r'^[-\w\._\(\)]+$'), + 'securityConnectorName': self._serialize.url("security_connector_name", security_connector_name, 'str'), + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} # type: Dict[str, Any] + query_parameters['api-version'] = self._serialize.query("api_version", api_version, 'str') + + # Construct headers + header_parameters = {} # type: Dict[str, Any] + header_parameters['Accept'] = self._serialize.header("accept", accept, 'str') + + request = self._client.get(url, query_parameters, header_parameters) + pipeline_response = await self._client._pipeline.run(request, stream=False, **kwargs) + response = pipeline_response.http_response + + if response.status_code not in [200]: + map_error(status_code=response.status_code, response=response, error_map=error_map) + raise HttpResponseError(response=response, error_format=ARMErrorFormat) + + deserialized = self._deserialize('SecurityConnector', pipeline_response) + + if cls: + return cls(pipeline_response, deserialized, {}) + + return deserialized + get.metadata = {'url': '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/securityConnectors/{securityConnectorName}'} # type: ignore + + async def create_or_update( + self, + resource_group_name: str, + security_connector_name: str, + security_connector: "_models.SecurityConnector", + **kwargs: Any + ) -> "_models.SecurityConnector": + """Creates or updates a security connector. If a security connector is already created and a + subsequent request is issued for the same security connector id, then it will be updated. + + :param resource_group_name: The name of the resource group within the user's subscription. The + name is case insensitive. + :type resource_group_name: str + :param security_connector_name: The security connector name. + :type security_connector_name: str + :param security_connector: The security connector resource. + :type security_connector: ~azure.mgmt.security.models.SecurityConnector + :keyword callable cls: A custom type or function that will be passed the direct response + :return: SecurityConnector, or the result of cls(response) + :rtype: ~azure.mgmt.security.models.SecurityConnector + :raises: ~azure.core.exceptions.HttpResponseError + """ + cls = kwargs.pop('cls', None) # type: ClsType["_models.SecurityConnector"] + error_map = { + 401: ClientAuthenticationError, 404: ResourceNotFoundError, 409: ResourceExistsError + } + error_map.update(kwargs.pop('error_map', {})) + api_version = "2021-07-01-preview" + content_type = kwargs.pop("content_type", "application/json") + accept = "application/json" + + # Construct URL + url = self.create_or_update.metadata['url'] # type: ignore + path_format_arguments = { + 'subscriptionId': self._serialize.url("self._config.subscription_id", self._config.subscription_id, 'str', pattern=r'^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$'), + 'resourceGroupName': self._serialize.url("resource_group_name", resource_group_name, 'str', max_length=90, min_length=1, pattern=r'^[-\w\._\(\)]+$'), + 'securityConnectorName': self._serialize.url("security_connector_name", security_connector_name, 'str'), + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} # type: Dict[str, Any] + query_parameters['api-version'] = self._serialize.query("api_version", api_version, 'str') + + # Construct headers + header_parameters = {} # type: Dict[str, Any] + header_parameters['Content-Type'] = self._serialize.header("content_type", content_type, 'str') + header_parameters['Accept'] = self._serialize.header("accept", accept, 'str') + + body_content_kwargs = {} # type: Dict[str, Any] + body_content = self._serialize.body(security_connector, 'SecurityConnector') + body_content_kwargs['content'] = body_content + request = self._client.put(url, query_parameters, header_parameters, **body_content_kwargs) + pipeline_response = await self._client._pipeline.run(request, stream=False, **kwargs) + response = pipeline_response.http_response + + if response.status_code not in [200, 201]: + map_error(status_code=response.status_code, response=response, error_map=error_map) + raise HttpResponseError(response=response, error_format=ARMErrorFormat) + + if response.status_code == 200: + deserialized = self._deserialize('SecurityConnector', pipeline_response) + + if response.status_code == 201: + deserialized = self._deserialize('SecurityConnector', pipeline_response) + + if cls: + return cls(pipeline_response, deserialized, {}) + + return deserialized + create_or_update.metadata = {'url': '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/securityConnectors/{securityConnectorName}'} # type: ignore + + async def update( + self, + resource_group_name: str, + security_connector_name: str, + security_connector: "_models.SecurityConnector", + **kwargs: Any + ) -> "_models.SecurityConnector": + """Updates a security connector. + + :param resource_group_name: The name of the resource group within the user's subscription. The + name is case insensitive. + :type resource_group_name: str + :param security_connector_name: The security connector name. + :type security_connector_name: str + :param security_connector: The security connector resource. + :type security_connector: ~azure.mgmt.security.models.SecurityConnector + :keyword callable cls: A custom type or function that will be passed the direct response + :return: SecurityConnector, or the result of cls(response) + :rtype: ~azure.mgmt.security.models.SecurityConnector + :raises: ~azure.core.exceptions.HttpResponseError + """ + cls = kwargs.pop('cls', None) # type: ClsType["_models.SecurityConnector"] + error_map = { + 401: ClientAuthenticationError, 404: ResourceNotFoundError, 409: ResourceExistsError + } + error_map.update(kwargs.pop('error_map', {})) + api_version = "2021-07-01-preview" + content_type = kwargs.pop("content_type", "application/json") + accept = "application/json" + + # Construct URL + url = self.update.metadata['url'] # type: ignore + path_format_arguments = { + 'subscriptionId': self._serialize.url("self._config.subscription_id", self._config.subscription_id, 'str', pattern=r'^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$'), + 'resourceGroupName': self._serialize.url("resource_group_name", resource_group_name, 'str', max_length=90, min_length=1, pattern=r'^[-\w\._\(\)]+$'), + 'securityConnectorName': self._serialize.url("security_connector_name", security_connector_name, 'str'), + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} # type: Dict[str, Any] + query_parameters['api-version'] = self._serialize.query("api_version", api_version, 'str') + + # Construct headers + header_parameters = {} # type: Dict[str, Any] + header_parameters['Content-Type'] = self._serialize.header("content_type", content_type, 'str') + header_parameters['Accept'] = self._serialize.header("accept", accept, 'str') + + body_content_kwargs = {} # type: Dict[str, Any] + body_content = self._serialize.body(security_connector, 'SecurityConnector') + body_content_kwargs['content'] = body_content + request = self._client.patch(url, query_parameters, header_parameters, **body_content_kwargs) + pipeline_response = await self._client._pipeline.run(request, stream=False, **kwargs) + response = pipeline_response.http_response + + if response.status_code not in [200]: + map_error(status_code=response.status_code, response=response, error_map=error_map) + raise HttpResponseError(response=response, error_format=ARMErrorFormat) + + deserialized = self._deserialize('SecurityConnector', pipeline_response) + + if cls: + return cls(pipeline_response, deserialized, {}) + + return deserialized + update.metadata = {'url': '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/securityConnectors/{securityConnectorName}'} # type: ignore + + async def delete( + self, + resource_group_name: str, + security_connector_name: str, + **kwargs: Any + ) -> None: + """Deletes a security connector. + + :param resource_group_name: The name of the resource group within the user's subscription. The + name is case insensitive. + :type resource_group_name: str + :param security_connector_name: The security connector name. + :type security_connector_name: str + :keyword callable cls: A custom type or function that will be passed the direct response + :return: None, or the result of cls(response) + :rtype: None + :raises: ~azure.core.exceptions.HttpResponseError + """ + cls = kwargs.pop('cls', None) # type: ClsType[None] + error_map = { + 401: ClientAuthenticationError, 404: ResourceNotFoundError, 409: ResourceExistsError + } + error_map.update(kwargs.pop('error_map', {})) + api_version = "2021-07-01-preview" + accept = "application/json" + + # Construct URL + url = self.delete.metadata['url'] # type: ignore + path_format_arguments = { + 'subscriptionId': self._serialize.url("self._config.subscription_id", self._config.subscription_id, 'str', pattern=r'^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$'), + 'resourceGroupName': self._serialize.url("resource_group_name", resource_group_name, 'str', max_length=90, min_length=1, pattern=r'^[-\w\._\(\)]+$'), + 'securityConnectorName': self._serialize.url("security_connector_name", security_connector_name, 'str'), + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} # type: Dict[str, Any] + query_parameters['api-version'] = self._serialize.query("api_version", api_version, 'str') + + # Construct headers + header_parameters = {} # type: Dict[str, Any] + header_parameters['Accept'] = self._serialize.header("accept", accept, 'str') + + request = self._client.delete(url, query_parameters, header_parameters) + pipeline_response = await self._client._pipeline.run(request, stream=False, **kwargs) + response = pipeline_response.http_response + + if response.status_code not in [200, 204]: + map_error(status_code=response.status_code, response=response, error_map=error_map) + raise HttpResponseError(response=response, error_format=ARMErrorFormat) + + if cls: + return cls(pipeline_response, None, {}) + + delete.metadata = {'url': '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/securityConnectors/{securityConnectorName}'} # type: ignore diff --git a/sdk/security/azure-mgmt-security/azure/mgmt/security/aio/operations/_settings_operations.py b/sdk/security/azure-mgmt-security/azure/mgmt/security/aio/operations/_settings_operations.py index bd641d4d7e72..276b64e641e9 100644 --- a/sdk/security/azure-mgmt-security/azure/mgmt/security/aio/operations/_settings_operations.py +++ b/sdk/security/azure-mgmt-security/azure/mgmt/security/aio/operations/_settings_operations.py @@ -109,13 +109,13 @@ async def get_next(next_link=None): async def get( self, - setting_name: Union[str, "_models.Enum69"], + setting_name: Union[str, "_models.Enum75"], **kwargs: Any ) -> "_models.Setting": """Settings of different configurations in security center. :param setting_name: The name of the setting. - :type setting_name: str or ~azure.mgmt.security.models.Enum69 + :type setting_name: str or ~azure.mgmt.security.models.Enum75 :keyword callable cls: A custom type or function that will be passed the direct response :return: Setting, or the result of cls(response) :rtype: ~azure.mgmt.security.models.Setting @@ -163,14 +163,14 @@ async def get( async def update( self, - setting_name: Union[str, "_models.Enum69"], + setting_name: Union[str, "_models.Enum75"], setting: "_models.Setting", **kwargs: Any ) -> "_models.Setting": """updating settings about different configurations in security center. :param setting_name: The name of the setting. - :type setting_name: str or ~azure.mgmt.security.models.Enum69 + :type setting_name: str or ~azure.mgmt.security.models.Enum75 :param setting: Setting object. :type setting: ~azure.mgmt.security.models.Setting :keyword callable cls: A custom type or function that will be passed the direct response diff --git a/sdk/security/azure-mgmt-security/azure/mgmt/security/aio/operations/_tasks_operations.py b/sdk/security/azure-mgmt-security/azure/mgmt/security/aio/operations/_tasks_operations.py index db7bbd5d59af..ec424a645486 100644 --- a/sdk/security/azure-mgmt-security/azure/mgmt/security/aio/operations/_tasks_operations.py +++ b/sdk/security/azure-mgmt-security/azure/mgmt/security/aio/operations/_tasks_operations.py @@ -242,7 +242,7 @@ async def get_subscription_level_task( async def update_subscription_level_task_state( self, task_name: str, - task_update_action_type: Union[str, "_models.Enum13"], + task_update_action_type: Union[str, "_models.Enum17"], **kwargs: Any ) -> None: """Recommended tasks that will help improve the security of the subscription proactively. @@ -250,7 +250,7 @@ async def update_subscription_level_task_state( :param task_name: Name of the task object, will be a GUID. :type task_name: str :param task_update_action_type: Type of the action to do on the task. - :type task_update_action_type: str or ~azure.mgmt.security.models.Enum13 + :type task_update_action_type: str or ~azure.mgmt.security.models.Enum17 :keyword callable cls: A custom type or function that will be passed the direct response :return: None, or the result of cls(response) :rtype: None @@ -436,7 +436,7 @@ async def update_resource_group_level_task_state( self, resource_group_name: str, task_name: str, - task_update_action_type: Union[str, "_models.Enum13"], + task_update_action_type: Union[str, "_models.Enum17"], **kwargs: Any ) -> None: """Recommended tasks that will help improve the security of the subscription proactively. @@ -447,7 +447,7 @@ async def update_resource_group_level_task_state( :param task_name: Name of the task object, will be a GUID. :type task_name: str :param task_update_action_type: Type of the action to do on the task. - :type task_update_action_type: str or ~azure.mgmt.security.models.Enum13 + :type task_update_action_type: str or ~azure.mgmt.security.models.Enum17 :keyword callable cls: A custom type or function that will be passed the direct response :return: None, or the result of cls(response) :rtype: None diff --git a/sdk/security/azure-mgmt-security/azure/mgmt/security/models/__init__.py b/sdk/security/azure-mgmt-security/azure/mgmt/security/models/__init__.py index f841b789d1e3..0a4c83b8ce61 100644 --- a/sdk/security/azure-mgmt-security/azure/mgmt/security/models/__init__.py +++ b/sdk/security/azure-mgmt-security/azure/mgmt/security/models/__init__.py @@ -39,6 +39,7 @@ from ._models_py3 import AscLocationList from ._models_py3 import AssessmentLinks from ._models_py3 import AssessmentStatus + from ._models_py3 import AssessmentStatusResponse from ._models_py3 import AtaExternalSecuritySolution from ._models_py3 import AtaSolutionProperties from ._models_py3 import AuthenticationDetailsProperties @@ -69,6 +70,7 @@ from ._models_py3 import CefExternalSecuritySolution from ._models_py3 import CefSolutionProperties from ._models_py3 import CloudErrorBody + from ._models_py3 import CloudOffering from ._models_py3 import Compliance from ._models_py3 import ComplianceList from ._models_py3 import ComplianceResult @@ -83,8 +85,25 @@ from ._models_py3 import ConnectorSetting from ._models_py3 import ConnectorSettingList from ._models_py3 import ContainerRegistryVulnerabilityProperties + from ._models_py3 import CspmMonitorAwsOffering + from ._models_py3 import CspmMonitorAwsOfferingNativeCloudConnection from ._models_py3 import CustomAlertRule + from ._models_py3 import CustomAssessmentAutomation + from ._models_py3 import CustomAssessmentAutomationRequest + from ._models_py3 import CustomAssessmentAutomationsListResult + from ._models_py3 import CustomEntityStoreAssignment + from ._models_py3 import CustomEntityStoreAssignmentRequest + from ._models_py3 import CustomEntityStoreAssignmentsListResult from ._models_py3 import DataExportSettings + from ._models_py3 import DefenderForContainersAwsOffering + from ._models_py3 import DefenderForContainersAwsOfferingCloudWatchToKinesis + from ._models_py3 import DefenderForContainersAwsOfferingKinesisToS3 + from ._models_py3 import DefenderForContainersAwsOfferingKubernetesScubaReader + from ._models_py3 import DefenderForContainersAwsOfferingKubernetesService + from ._models_py3 import DefenderForServersAwsOffering + from ._models_py3 import DefenderForServersAwsOfferingArcAutoProvisioning + from ._models_py3 import DefenderForServersAwsOfferingArcAutoProvisioningServicePrincipalSecretMetadata + from ._models_py3 import DefenderForServersAwsOfferingDefenderForServers from ._models_py3 import DenylistCustomAlertRule from ._models_py3 import DeviceSecurityGroup from ._models_py3 import DeviceSecurityGroupList @@ -142,6 +161,8 @@ from ._models_py3 import LocalUserNotAllowed from ._models_py3 import Location from ._models_py3 import LogAnalyticsIdentifier + from ._models_py3 import MdeOnboardingData + from ._models_py3 import MdeOnboardingDataList from ._models_py3 import MqttC2DMessagesNotInAllowedRange from ._models_py3 import MqttC2DRejectedMessagesNotInAllowedRange from ._models_py3 import MqttD2CMessagesNotInAllowedRange @@ -194,10 +215,20 @@ from ._models_py3 import SecurityAssessment from ._models_py3 import SecurityAssessmentList from ._models_py3 import SecurityAssessmentMetadata - from ._models_py3 import SecurityAssessmentMetadataList from ._models_py3 import SecurityAssessmentMetadataPartnerData from ._models_py3 import SecurityAssessmentMetadataProperties + from ._models_py3 import SecurityAssessmentMetadataPropertiesResponse + from ._models_py3 import SecurityAssessmentMetadataPropertiesResponsePublishDates + from ._models_py3 import SecurityAssessmentMetadataResponse + from ._models_py3 import SecurityAssessmentMetadataResponseList from ._models_py3 import SecurityAssessmentPartnerData + from ._models_py3 import SecurityAssessmentProperties + from ._models_py3 import SecurityAssessmentPropertiesBase + from ._models_py3 import SecurityAssessmentPropertiesResponse + from ._models_py3 import SecurityAssessmentResponse + from ._models_py3 import SecurityConnector + from ._models_py3 import SecurityConnectorPropertiesOrganizationalData + from ._models_py3 import SecurityConnectorsList from ._models_py3 import SecurityContact from ._models_py3 import SecurityContactList from ._models_py3 import SecuritySolution @@ -275,6 +306,7 @@ from ._models import AscLocationList # type: ignore from ._models import AssessmentLinks # type: ignore from ._models import AssessmentStatus # type: ignore + from ._models import AssessmentStatusResponse # type: ignore from ._models import AtaExternalSecuritySolution # type: ignore from ._models import AtaSolutionProperties # type: ignore from ._models import AuthenticationDetailsProperties # type: ignore @@ -305,6 +337,7 @@ from ._models import CefExternalSecuritySolution # type: ignore from ._models import CefSolutionProperties # type: ignore from ._models import CloudErrorBody # type: ignore + from ._models import CloudOffering # type: ignore from ._models import Compliance # type: ignore from ._models import ComplianceList # type: ignore from ._models import ComplianceResult # type: ignore @@ -319,8 +352,25 @@ from ._models import ConnectorSetting # type: ignore from ._models import ConnectorSettingList # type: ignore from ._models import ContainerRegistryVulnerabilityProperties # type: ignore + from ._models import CspmMonitorAwsOffering # type: ignore + from ._models import CspmMonitorAwsOfferingNativeCloudConnection # type: ignore from ._models import CustomAlertRule # type: ignore + from ._models import CustomAssessmentAutomation # type: ignore + from ._models import CustomAssessmentAutomationRequest # type: ignore + from ._models import CustomAssessmentAutomationsListResult # type: ignore + from ._models import CustomEntityStoreAssignment # type: ignore + from ._models import CustomEntityStoreAssignmentRequest # type: ignore + from ._models import CustomEntityStoreAssignmentsListResult # type: ignore from ._models import DataExportSettings # type: ignore + from ._models import DefenderForContainersAwsOffering # type: ignore + from ._models import DefenderForContainersAwsOfferingCloudWatchToKinesis # type: ignore + from ._models import DefenderForContainersAwsOfferingKinesisToS3 # type: ignore + from ._models import DefenderForContainersAwsOfferingKubernetesScubaReader # type: ignore + from ._models import DefenderForContainersAwsOfferingKubernetesService # type: ignore + from ._models import DefenderForServersAwsOffering # type: ignore + from ._models import DefenderForServersAwsOfferingArcAutoProvisioning # type: ignore + from ._models import DefenderForServersAwsOfferingArcAutoProvisioningServicePrincipalSecretMetadata # type: ignore + from ._models import DefenderForServersAwsOfferingDefenderForServers # type: ignore from ._models import DenylistCustomAlertRule # type: ignore from ._models import DeviceSecurityGroup # type: ignore from ._models import DeviceSecurityGroupList # type: ignore @@ -378,6 +428,8 @@ from ._models import LocalUserNotAllowed # type: ignore from ._models import Location # type: ignore from ._models import LogAnalyticsIdentifier # type: ignore + from ._models import MdeOnboardingData # type: ignore + from ._models import MdeOnboardingDataList # type: ignore from ._models import MqttC2DMessagesNotInAllowedRange # type: ignore from ._models import MqttC2DRejectedMessagesNotInAllowedRange # type: ignore from ._models import MqttD2CMessagesNotInAllowedRange # type: ignore @@ -430,10 +482,20 @@ from ._models import SecurityAssessment # type: ignore from ._models import SecurityAssessmentList # type: ignore from ._models import SecurityAssessmentMetadata # type: ignore - from ._models import SecurityAssessmentMetadataList # type: ignore from ._models import SecurityAssessmentMetadataPartnerData # type: ignore from ._models import SecurityAssessmentMetadataProperties # type: ignore + from ._models import SecurityAssessmentMetadataPropertiesResponse # type: ignore + from ._models import SecurityAssessmentMetadataPropertiesResponsePublishDates # type: ignore + from ._models import SecurityAssessmentMetadataResponse # type: ignore + from ._models import SecurityAssessmentMetadataResponseList # type: ignore from ._models import SecurityAssessmentPartnerData # type: ignore + from ._models import SecurityAssessmentProperties # type: ignore + from ._models import SecurityAssessmentPropertiesBase # type: ignore + from ._models import SecurityAssessmentPropertiesResponse # type: ignore + from ._models import SecurityAssessmentResponse # type: ignore + from ._models import SecurityConnector # type: ignore + from ._models import SecurityConnectorPropertiesOrganizationalData # type: ignore + from ._models import SecurityConnectorsList # type: ignore from ._models import SecurityContact # type: ignore from ._models import SecurityContactList # type: ignore from ._models import SecuritySolution # type: ignore @@ -497,6 +559,7 @@ AutoProvision, BundleType, Categories, + CloudName, ConfigurationStatus, ConnectionType, ControlType, @@ -506,9 +569,9 @@ EndOfSupportStatus, EnforcementMode, EnforcementSupport, - Enum13, - Enum15, - Enum69, + Enum17, + Enum19, + Enum75, EventSource, ExpandControlsEnum, ExpandEnum, @@ -517,9 +580,12 @@ FileType, HybridComputeProvisioningState, ImplementationEffort, + ImplementationEffortEnum, Intent, KindEnum, + OfferingType, Operator, + OrganizationMembershipType, PermissionProperty, PricingTier, PropertyType, @@ -544,16 +610,21 @@ ServerVulnerabilityAssessmentPropertiesProvisioningState, SettingKind, Severity, + SeverityEnum, Source, SourceSystem, State, Status, StatusReason, SubAssessmentStatusCode, + SupportedCloudEnum, + Tactics, + Techniques, Threats, TransportProtocol, UnmaskedIpLoggingStatus, UserImpact, + UserImpactEnum, ValueType, ) @@ -590,6 +661,7 @@ 'AscLocationList', 'AssessmentLinks', 'AssessmentStatus', + 'AssessmentStatusResponse', 'AtaExternalSecuritySolution', 'AtaSolutionProperties', 'AuthenticationDetailsProperties', @@ -620,6 +692,7 @@ 'CefExternalSecuritySolution', 'CefSolutionProperties', 'CloudErrorBody', + 'CloudOffering', 'Compliance', 'ComplianceList', 'ComplianceResult', @@ -634,8 +707,25 @@ 'ConnectorSetting', 'ConnectorSettingList', 'ContainerRegistryVulnerabilityProperties', + 'CspmMonitorAwsOffering', + 'CspmMonitorAwsOfferingNativeCloudConnection', 'CustomAlertRule', + 'CustomAssessmentAutomation', + 'CustomAssessmentAutomationRequest', + 'CustomAssessmentAutomationsListResult', + 'CustomEntityStoreAssignment', + 'CustomEntityStoreAssignmentRequest', + 'CustomEntityStoreAssignmentsListResult', 'DataExportSettings', + 'DefenderForContainersAwsOffering', + 'DefenderForContainersAwsOfferingCloudWatchToKinesis', + 'DefenderForContainersAwsOfferingKinesisToS3', + 'DefenderForContainersAwsOfferingKubernetesScubaReader', + 'DefenderForContainersAwsOfferingKubernetesService', + 'DefenderForServersAwsOffering', + 'DefenderForServersAwsOfferingArcAutoProvisioning', + 'DefenderForServersAwsOfferingArcAutoProvisioningServicePrincipalSecretMetadata', + 'DefenderForServersAwsOfferingDefenderForServers', 'DenylistCustomAlertRule', 'DeviceSecurityGroup', 'DeviceSecurityGroupList', @@ -693,6 +783,8 @@ 'LocalUserNotAllowed', 'Location', 'LogAnalyticsIdentifier', + 'MdeOnboardingData', + 'MdeOnboardingDataList', 'MqttC2DMessagesNotInAllowedRange', 'MqttC2DRejectedMessagesNotInAllowedRange', 'MqttD2CMessagesNotInAllowedRange', @@ -745,10 +837,20 @@ 'SecurityAssessment', 'SecurityAssessmentList', 'SecurityAssessmentMetadata', - 'SecurityAssessmentMetadataList', 'SecurityAssessmentMetadataPartnerData', 'SecurityAssessmentMetadataProperties', + 'SecurityAssessmentMetadataPropertiesResponse', + 'SecurityAssessmentMetadataPropertiesResponsePublishDates', + 'SecurityAssessmentMetadataResponse', + 'SecurityAssessmentMetadataResponseList', 'SecurityAssessmentPartnerData', + 'SecurityAssessmentProperties', + 'SecurityAssessmentPropertiesBase', + 'SecurityAssessmentPropertiesResponse', + 'SecurityAssessmentResponse', + 'SecurityConnector', + 'SecurityConnectorPropertiesOrganizationalData', + 'SecurityConnectorsList', 'SecurityContact', 'SecurityContactList', 'SecuritySolution', @@ -810,6 +912,7 @@ 'AutoProvision', 'BundleType', 'Categories', + 'CloudName', 'ConfigurationStatus', 'ConnectionType', 'ControlType', @@ -819,9 +922,9 @@ 'EndOfSupportStatus', 'EnforcementMode', 'EnforcementSupport', - 'Enum13', - 'Enum15', - 'Enum69', + 'Enum17', + 'Enum19', + 'Enum75', 'EventSource', 'ExpandControlsEnum', 'ExpandEnum', @@ -830,9 +933,12 @@ 'FileType', 'HybridComputeProvisioningState', 'ImplementationEffort', + 'ImplementationEffortEnum', 'Intent', 'KindEnum', + 'OfferingType', 'Operator', + 'OrganizationMembershipType', 'PermissionProperty', 'PricingTier', 'PropertyType', @@ -857,15 +963,20 @@ 'ServerVulnerabilityAssessmentPropertiesProvisioningState', 'SettingKind', 'Severity', + 'SeverityEnum', 'Source', 'SourceSystem', 'State', 'Status', 'StatusReason', 'SubAssessmentStatusCode', + 'SupportedCloudEnum', + 'Tactics', + 'Techniques', 'Threats', 'TransportProtocol', 'UnmaskedIpLoggingStatus', 'UserImpact', + 'UserImpactEnum', 'ValueType', ] diff --git a/sdk/security/azure-mgmt-security/azure/mgmt/security/models/_models.py b/sdk/security/azure-mgmt-security/azure/mgmt/security/models/_models.py index 13b2d159b9d3..0c577b687412 100644 --- a/sdk/security/azure-mgmt-security/azure/mgmt/security/models/_models.py +++ b/sdk/security/azure-mgmt-security/azure/mgmt/security/models/_models.py @@ -1784,6 +1784,51 @@ def __init__( self.description = kwargs.get('description', None) +class AssessmentStatusResponse(AssessmentStatus): + """The result of the assessment. + + Variables are only populated by the server, and will be ignored when sending a request. + + All required parameters must be populated in order to send to Azure. + + :param code: Required. Programmatic code for the status of the assessment. Possible values + include: "Healthy", "Unhealthy", "NotApplicable". + :type code: str or ~azure.mgmt.security.models.AssessmentStatusCode + :param cause: Programmatic code for the cause of the assessment status. + :type cause: str + :param description: Human readable description of the assessment status. + :type description: str + :ivar first_evaluation_date: The time that the assessment was created and first evaluated. + Returned as UTC time in ISO 8601 format. + :vartype first_evaluation_date: ~datetime.datetime + :ivar status_change_date: The time that the status of the assessment last changed. Returned as + UTC time in ISO 8601 format. + :vartype status_change_date: ~datetime.datetime + """ + + _validation = { + 'code': {'required': True}, + 'first_evaluation_date': {'readonly': True}, + 'status_change_date': {'readonly': True}, + } + + _attribute_map = { + 'code': {'key': 'code', 'type': 'str'}, + 'cause': {'key': 'cause', 'type': 'str'}, + 'description': {'key': 'description', 'type': 'str'}, + 'first_evaluation_date': {'key': 'firstEvaluationDate', 'type': 'iso-8601'}, + 'status_change_date': {'key': 'statusChangeDate', 'type': 'iso-8601'}, + } + + def __init__( + self, + **kwargs + ): + super(AssessmentStatusResponse, self).__init__(**kwargs) + self.first_evaluation_date = None + self.status_change_date = None + + class AtaExternalSecuritySolution(ExternalSecuritySolution): """Represents an ATA security solution which sends logs to an OMS workspace. @@ -2349,9 +2394,9 @@ class AutomationSource(msrest.serialization.Model): """The source event types which evaluate the security automation set of rules. For example - security alerts and security assessments. To learn more about the supported security events data models schemas - please visit https://aka.ms/ASCAutomationSchemas. :param event_source: A valid event source type. Possible values include: "Assessments", - "SubAssessments", "Alerts", "SecureScores", "SecureScoresSnapshot", "SecureScoreControls", - "SecureScoreControlsSnapshot", "RegulatoryComplianceAssessment", - "RegulatoryComplianceAssessmentSnapshot". + "AssessmentsSnapshot", "SubAssessments", "SubAssessmentsSnapshot", "Alerts", "SecureScores", + "SecureScoresSnapshot", "SecureScoreControls", "SecureScoreControlsSnapshot", + "RegulatoryComplianceAssessment", "RegulatoryComplianceAssessmentSnapshot". :type event_source: str or ~azure.mgmt.security.models.EventSource :param rule_sets: A set of rules which evaluate upon event interception. A logical disjunction is applied between defined rule sets (logical 'or'). @@ -2974,6 +3019,46 @@ def __init__( self.additional_info = None +class CloudOffering(msrest.serialization.Model): + """The security offering details. + + You probably want to use the sub-classes and not this class directly. Known + sub-classes are: CspmMonitorAwsOffering, DefenderForContainersAwsOffering, DefenderForServersAwsOffering. + + Variables are only populated by the server, and will be ignored when sending a request. + + All required parameters must be populated in order to send to Azure. + + :param offering_type: Required. The type of the security offering.Constant filled by server. + Possible values include: "CspmMonitorAws", "DefenderForContainersAws", "DefenderForServersAws". + :type offering_type: str or ~azure.mgmt.security.models.OfferingType + :ivar description: The offering description. + :vartype description: str + """ + + _validation = { + 'offering_type': {'required': True}, + 'description': {'readonly': True}, + } + + _attribute_map = { + 'offering_type': {'key': 'offeringType', 'type': 'str'}, + 'description': {'key': 'description', 'type': 'str'}, + } + + _subtype_map = { + 'offering_type': {'CspmMonitorAws': 'CspmMonitorAwsOffering', 'DefenderForContainersAws': 'DefenderForContainersAwsOffering', 'DefenderForServersAWS': 'DefenderForServersAwsOffering'} + } + + def __init__( + self, + **kwargs + ): + super(CloudOffering, self).__init__(**kwargs) + self.offering_type = None # type: Optional[str] + self.description = None + + class Compliance(Resource): """Compliance of a scope. @@ -3508,157 +3593,238 @@ def __init__( self.image_digest = None -class CVE(msrest.serialization.Model): - """CVE details. +class CspmMonitorAwsOffering(CloudOffering): + """The CSPM monitoring for AWS offering configurations. Variables are only populated by the server, and will be ignored when sending a request. - :ivar title: CVE title. - :vartype title: str - :ivar link: Link url. - :vartype link: str + All required parameters must be populated in order to send to Azure. + + :param offering_type: Required. The type of the security offering.Constant filled by server. + Possible values include: "CspmMonitorAws", "DefenderForContainersAws", "DefenderForServersAws". + :type offering_type: str or ~azure.mgmt.security.models.OfferingType + :ivar description: The offering description. + :vartype description: str + :param native_cloud_connection: The native cloud connection configuration. + :type native_cloud_connection: + ~azure.mgmt.security.models.CspmMonitorAwsOfferingNativeCloudConnection """ _validation = { - 'title': {'readonly': True}, - 'link': {'readonly': True}, + 'offering_type': {'required': True}, + 'description': {'readonly': True}, } _attribute_map = { - 'title': {'key': 'title', 'type': 'str'}, - 'link': {'key': 'link', 'type': 'str'}, + 'offering_type': {'key': 'offeringType', 'type': 'str'}, + 'description': {'key': 'description', 'type': 'str'}, + 'native_cloud_connection': {'key': 'nativeCloudConnection', 'type': 'CspmMonitorAwsOfferingNativeCloudConnection'}, } def __init__( self, **kwargs ): - super(CVE, self).__init__(**kwargs) - self.title = None - self.link = None + super(CspmMonitorAwsOffering, self).__init__(**kwargs) + self.offering_type = 'CspmMonitorAws' # type: str + self.native_cloud_connection = kwargs.get('native_cloud_connection', None) -class CVSS(msrest.serialization.Model): - """CVSS details. +class CspmMonitorAwsOfferingNativeCloudConnection(msrest.serialization.Model): + """The native cloud connection configuration. + + :param cloud_role_arn: The cloud role ARN in AWS for this feature. + :type cloud_role_arn: str + """ + + _attribute_map = { + 'cloud_role_arn': {'key': 'cloudRoleArn', 'type': 'str'}, + } + + def __init__( + self, + **kwargs + ): + super(CspmMonitorAwsOfferingNativeCloudConnection, self).__init__(**kwargs) + self.cloud_role_arn = kwargs.get('cloud_role_arn', None) + + +class CustomAssessmentAutomation(Resource): + """Custom Assessment Automation. Variables are only populated by the server, and will be ignored when sending a request. - :ivar base: CVSS base. - :vartype base: float + :ivar id: Resource Id. + :vartype id: str + :ivar name: Resource name. + :vartype name: str + :ivar type: Resource type. + :vartype type: str + :ivar system_data: Azure Resource Manager metadata containing createdBy and modifiedBy + information. + :vartype system_data: ~azure.mgmt.security.models.SystemData + :param compressed_query: GZip encoded KQL query representing the assessment automation results + required. + :type compressed_query: str + :param supported_cloud: Relevant cloud for the custom assessment automation. Possible values + include: "AWS". + :type supported_cloud: str or ~azure.mgmt.security.models.SupportedCloudEnum + :param severity: The severity to relate to the assessments generated by this assessment + automation. Possible values include: "High", "Medium", "Low". + :type severity: str or ~azure.mgmt.security.models.SeverityEnum + :param user_impact: The user impact to relate to the assessments generated by this assessment + automation. Possible values include: "High", "Moderate", "Low". + :type user_impact: str or ~azure.mgmt.security.models.UserImpactEnum + :param implementation_effort: The implementation effort to relate to the assessments generated + by this assessment automation. Possible values include: "High", "Moderate", "Low". + :type implementation_effort: str or ~azure.mgmt.security.models.ImplementationEffortEnum + :param description: The description to relate to the assessments generated by this assessment + automation. + :type description: str + :param remediation_description: The remediation description to relate to the assessments + generated by this assessment automation. + :type remediation_description: str + :param assessment_key: The assessment metadata key used when an assessment is generated for + this assessment automation. + :type assessment_key: str """ _validation = { - 'base': {'readonly': True}, + 'id': {'readonly': True}, + 'name': {'readonly': True}, + 'type': {'readonly': True}, + 'system_data': {'readonly': True}, } _attribute_map = { - 'base': {'key': 'base', 'type': 'float'}, + 'id': {'key': 'id', 'type': 'str'}, + 'name': {'key': 'name', 'type': 'str'}, + 'type': {'key': 'type', 'type': 'str'}, + 'system_data': {'key': 'systemData', 'type': 'SystemData'}, + 'compressed_query': {'key': 'properties.compressedQuery', 'type': 'str'}, + 'supported_cloud': {'key': 'properties.supportedCloud', 'type': 'str'}, + 'severity': {'key': 'properties.severity', 'type': 'str'}, + 'user_impact': {'key': 'properties.userImpact', 'type': 'str'}, + 'implementation_effort': {'key': 'properties.implementationEffort', 'type': 'str'}, + 'description': {'key': 'properties.description', 'type': 'str'}, + 'remediation_description': {'key': 'properties.remediationDescription', 'type': 'str'}, + 'assessment_key': {'key': 'properties.assessmentKey', 'type': 'str'}, } def __init__( self, **kwargs ): - super(CVSS, self).__init__(**kwargs) - self.base = None + super(CustomAssessmentAutomation, self).__init__(**kwargs) + self.system_data = None + self.compressed_query = kwargs.get('compressed_query', None) + self.supported_cloud = kwargs.get('supported_cloud', "AWS") + self.severity = kwargs.get('severity', "Low") + self.user_impact = kwargs.get('user_impact', "Low") + self.implementation_effort = kwargs.get('implementation_effort', "Low") + self.description = kwargs.get('description', None) + self.remediation_description = kwargs.get('remediation_description', None) + self.assessment_key = kwargs.get('assessment_key', None) -class DataExportSettings(Setting): - """Represents a data export setting. +class CustomAssessmentAutomationRequest(Resource): + """Custom Assessment Automation request. Variables are only populated by the server, and will be ignored when sending a request. - All required parameters must be populated in order to send to Azure. - :ivar id: Resource Id. :vartype id: str :ivar name: Resource name. :vartype name: str :ivar type: Resource type. :vartype type: str - :param kind: Required. the kind of the settings string.Constant filled by server. Possible - values include: "DataExportSettings", "AlertSuppressionSetting", "AlertSyncSettings". - :type kind: str or ~azure.mgmt.security.models.SettingKind - :param enabled: Is the data export setting enabled. - :type enabled: bool + :param compressed_query: Base 64 encoded KQL query representing the assessment automation + results required. + :type compressed_query: str + :param supported_cloud: Relevant cloud for the custom assessment automation. Possible values + include: "AWS". + :type supported_cloud: str or ~azure.mgmt.security.models.SupportedCloudEnum + :param severity: The severity to relate to the assessments generated by this assessment + automation. Possible values include: "High", "Medium", "Low". + :type severity: str or ~azure.mgmt.security.models.SeverityEnum + :param user_impact: The user impact to relate to the assessments generated by this assessment + automation. Possible values include: "High", "Moderate", "Low". + :type user_impact: str or ~azure.mgmt.security.models.UserImpactEnum + :param implementation_effort: The implementation effort to relate to the assessments generated + by this assessment automation. Possible values include: "High", "Moderate", "Low". + :type implementation_effort: str or ~azure.mgmt.security.models.ImplementationEffortEnum + :param description: The description to relate to the assessments generated by this assessment + automation. + :type description: str + :param remediation_description: The remediation description to relate to the assessments + generated by this assessment automation. + :type remediation_description: str """ _validation = { 'id': {'readonly': True}, 'name': {'readonly': True}, 'type': {'readonly': True}, - 'kind': {'required': True}, } _attribute_map = { 'id': {'key': 'id', 'type': 'str'}, 'name': {'key': 'name', 'type': 'str'}, 'type': {'key': 'type', 'type': 'str'}, - 'kind': {'key': 'kind', 'type': 'str'}, - 'enabled': {'key': 'properties.enabled', 'type': 'bool'}, + 'compressed_query': {'key': 'properties.compressedQuery', 'type': 'str'}, + 'supported_cloud': {'key': 'properties.supportedCloud', 'type': 'str'}, + 'severity': {'key': 'properties.severity', 'type': 'str'}, + 'user_impact': {'key': 'properties.userImpact', 'type': 'str'}, + 'implementation_effort': {'key': 'properties.implementationEffort', 'type': 'str'}, + 'description': {'key': 'properties.description', 'type': 'str'}, + 'remediation_description': {'key': 'properties.remediationDescription', 'type': 'str'}, } def __init__( self, **kwargs ): - super(DataExportSettings, self).__init__(**kwargs) - self.kind = 'DataExportSettings' # type: str - self.enabled = kwargs.get('enabled', None) + super(CustomAssessmentAutomationRequest, self).__init__(**kwargs) + self.compressed_query = kwargs.get('compressed_query', None) + self.supported_cloud = kwargs.get('supported_cloud', "AWS") + self.severity = kwargs.get('severity', "Low") + self.user_impact = kwargs.get('user_impact', "Low") + self.implementation_effort = kwargs.get('implementation_effort', "Low") + self.description = kwargs.get('description', None) + self.remediation_description = kwargs.get('remediation_description', None) -class DenylistCustomAlertRule(ListCustomAlertRule): - """A custom alert rule that checks if a value (depends on the custom alert type) is denied. +class CustomAssessmentAutomationsListResult(msrest.serialization.Model): + """A list of Custom Assessment Automations. Variables are only populated by the server, and will be ignored when sending a request. - All required parameters must be populated in order to send to Azure. - - :ivar display_name: The display name of the custom alert. - :vartype display_name: str - :ivar description: The description of the custom alert. - :vartype description: str - :param is_enabled: Required. Status of the custom alert. - :type is_enabled: bool - :param rule_type: Required. The type of the custom alert rule.Constant filled by server. - :type rule_type: str - :ivar value_type: The value type of the items in the list. Possible values include: "IpCidr", - "String". - :vartype value_type: str or ~azure.mgmt.security.models.ValueType - :param denylist_values: Required. The values to deny. The format of the values depends on the - rule type. - :type denylist_values: list[str] + :ivar value: Collection of Custom Assessment Automations. + :vartype value: list[~azure.mgmt.security.models.CustomAssessmentAutomation] + :param next_link: The link used to get the next page of operations. + :type next_link: str """ _validation = { - 'display_name': {'readonly': True}, - 'description': {'readonly': True}, - 'is_enabled': {'required': True}, - 'rule_type': {'required': True}, - 'value_type': {'readonly': True}, - 'denylist_values': {'required': True}, + 'value': {'readonly': True}, } _attribute_map = { - 'display_name': {'key': 'displayName', 'type': 'str'}, - 'description': {'key': 'description', 'type': 'str'}, - 'is_enabled': {'key': 'isEnabled', 'type': 'bool'}, - 'rule_type': {'key': 'ruleType', 'type': 'str'}, - 'value_type': {'key': 'valueType', 'type': 'str'}, - 'denylist_values': {'key': 'denylistValues', 'type': '[str]'}, + 'value': {'key': 'value', 'type': '[CustomAssessmentAutomation]'}, + 'next_link': {'key': 'nextLink', 'type': 'str'}, } def __init__( self, **kwargs ): - super(DenylistCustomAlertRule, self).__init__(**kwargs) - self.rule_type = 'DenylistCustomAlertRule' # type: str - self.denylist_values = kwargs['denylist_values'] + super(CustomAssessmentAutomationsListResult, self).__init__(**kwargs) + self.value = None + self.next_link = kwargs.get('next_link', None) -class DeviceSecurityGroup(Resource): - """The device security group resource. +class CustomEntityStoreAssignment(Resource): + """Custom entity store assignment. Variables are only populated by the server, and will be ignored when sending a request. @@ -3668,60 +3834,79 @@ class DeviceSecurityGroup(Resource): :vartype name: str :ivar type: Resource type. :vartype type: str - :param threshold_rules: The list of custom alert threshold rules. - :type threshold_rules: list[~azure.mgmt.security.models.ThresholdCustomAlertRule] - :param time_window_rules: The list of custom alert time-window rules. - :type time_window_rules: list[~azure.mgmt.security.models.TimeWindowCustomAlertRule] - :param allowlist_rules: The allow-list custom alert rules. - :type allowlist_rules: list[~azure.mgmt.security.models.AllowlistCustomAlertRule] - :param denylist_rules: The deny-list custom alert rules. - :type denylist_rules: list[~azure.mgmt.security.models.DenylistCustomAlertRule] + :ivar system_data: Azure Resource Manager metadata containing createdBy and modifiedBy + information. + :vartype system_data: ~azure.mgmt.security.models.SystemData + :param principal: The principal assigned with entity store. Format of principal is: [AAD + type]=[PrincipalObjectId];[TenantId]. + :type principal: str + :param entity_store_database_link: The link to entity store database. + :type entity_store_database_link: str """ _validation = { 'id': {'readonly': True}, 'name': {'readonly': True}, 'type': {'readonly': True}, + 'system_data': {'readonly': True}, } _attribute_map = { 'id': {'key': 'id', 'type': 'str'}, 'name': {'key': 'name', 'type': 'str'}, 'type': {'key': 'type', 'type': 'str'}, - 'threshold_rules': {'key': 'properties.thresholdRules', 'type': '[ThresholdCustomAlertRule]'}, - 'time_window_rules': {'key': 'properties.timeWindowRules', 'type': '[TimeWindowCustomAlertRule]'}, - 'allowlist_rules': {'key': 'properties.allowlistRules', 'type': '[AllowlistCustomAlertRule]'}, - 'denylist_rules': {'key': 'properties.denylistRules', 'type': '[DenylistCustomAlertRule]'}, + 'system_data': {'key': 'systemData', 'type': 'SystemData'}, + 'principal': {'key': 'properties.principal', 'type': 'str'}, + 'entity_store_database_link': {'key': 'properties.entityStoreDatabaseLink', 'type': 'str'}, } def __init__( self, **kwargs ): - super(DeviceSecurityGroup, self).__init__(**kwargs) - self.threshold_rules = kwargs.get('threshold_rules', None) - self.time_window_rules = kwargs.get('time_window_rules', None) - self.allowlist_rules = kwargs.get('allowlist_rules', None) - self.denylist_rules = kwargs.get('denylist_rules', None) + super(CustomEntityStoreAssignment, self).__init__(**kwargs) + self.system_data = None + self.principal = kwargs.get('principal', None) + self.entity_store_database_link = kwargs.get('entity_store_database_link', None) -class DeviceSecurityGroupList(msrest.serialization.Model): - """List of device security groups. +class CustomEntityStoreAssignmentRequest(msrest.serialization.Model): + """describes the custom entity store assignment request. + + :param principal: The principal assigned with entity store. If not provided, will use caller + principal. Format of principal is: [AAD type]=[PrincipalObjectId];[TenantId]. + :type principal: str + """ + + _attribute_map = { + 'principal': {'key': 'properties.principal', 'type': 'str'}, + } + + def __init__( + self, + **kwargs + ): + super(CustomEntityStoreAssignmentRequest, self).__init__(**kwargs) + self.principal = kwargs.get('principal', None) + + +class CustomEntityStoreAssignmentsListResult(msrest.serialization.Model): + """A list of custom entity store assignments. Variables are only populated by the server, and will be ignored when sending a request. - :param value: List of device security group objects. - :type value: list[~azure.mgmt.security.models.DeviceSecurityGroup] - :ivar next_link: The URI to fetch the next page. - :vartype next_link: str + :ivar value: Collection of custom entity store assignments. + :vartype value: list[~azure.mgmt.security.models.CustomEntityStoreAssignment] + :param next_link: The link used to get the next page of operations. + :type next_link: str """ _validation = { - 'next_link': {'readonly': True}, + 'value': {'readonly': True}, } _attribute_map = { - 'value': {'key': 'value', 'type': '[DeviceSecurityGroup]'}, + 'value': {'key': 'value', 'type': '[CustomEntityStoreAssignment]'}, 'next_link': {'key': 'nextLink', 'type': 'str'}, } @@ -3729,242 +3914,352 @@ def __init__( self, **kwargs ): - super(DeviceSecurityGroupList, self).__init__(**kwargs) - self.value = kwargs.get('value', None) - self.next_link = None + super(CustomEntityStoreAssignmentsListResult, self).__init__(**kwargs) + self.value = None + self.next_link = kwargs.get('next_link', None) -class DirectMethodInvokesNotInAllowedRange(TimeWindowCustomAlertRule): - """Number of direct method invokes is not in allowed range. +class CVE(msrest.serialization.Model): + """CVE details. Variables are only populated by the server, and will be ignored when sending a request. - All required parameters must be populated in order to send to Azure. + :ivar title: CVE title. + :vartype title: str + :ivar link: Link url. + :vartype link: str + """ - :ivar display_name: The display name of the custom alert. - :vartype display_name: str - :ivar description: The description of the custom alert. - :vartype description: str - :param is_enabled: Required. Status of the custom alert. - :type is_enabled: bool - :param rule_type: Required. The type of the custom alert rule.Constant filled by server. - :type rule_type: str - :param min_threshold: Required. The minimum threshold. - :type min_threshold: int - :param max_threshold: Required. The maximum threshold. - :type max_threshold: int - :param time_window_size: Required. The time window size in iso8601 format. - :type time_window_size: ~datetime.timedelta + _validation = { + 'title': {'readonly': True}, + 'link': {'readonly': True}, + } + + _attribute_map = { + 'title': {'key': 'title', 'type': 'str'}, + 'link': {'key': 'link', 'type': 'str'}, + } + + def __init__( + self, + **kwargs + ): + super(CVE, self).__init__(**kwargs) + self.title = None + self.link = None + + +class CVSS(msrest.serialization.Model): + """CVSS details. + + Variables are only populated by the server, and will be ignored when sending a request. + + :ivar base: CVSS base. + :vartype base: float """ _validation = { - 'display_name': {'readonly': True}, - 'description': {'readonly': True}, - 'is_enabled': {'required': True}, - 'rule_type': {'required': True}, - 'min_threshold': {'required': True}, - 'max_threshold': {'required': True}, - 'time_window_size': {'required': True}, + 'base': {'readonly': True}, } _attribute_map = { - 'display_name': {'key': 'displayName', 'type': 'str'}, - 'description': {'key': 'description', 'type': 'str'}, - 'is_enabled': {'key': 'isEnabled', 'type': 'bool'}, - 'rule_type': {'key': 'ruleType', 'type': 'str'}, - 'min_threshold': {'key': 'minThreshold', 'type': 'int'}, - 'max_threshold': {'key': 'maxThreshold', 'type': 'int'}, - 'time_window_size': {'key': 'timeWindowSize', 'type': 'duration'}, + 'base': {'key': 'base', 'type': 'float'}, } def __init__( self, **kwargs ): - super(DirectMethodInvokesNotInAllowedRange, self).__init__(**kwargs) - self.rule_type = 'DirectMethodInvokesNotInAllowedRange' # type: str + super(CVSS, self).__init__(**kwargs) + self.base = None -class DiscoveredSecuritySolution(Resource, Location): - """DiscoveredSecuritySolution. +class DataExportSettings(Setting): + """Represents a data export setting. Variables are only populated by the server, and will be ignored when sending a request. All required parameters must be populated in order to send to Azure. - :ivar location: Location where the resource is stored. - :vartype location: str :ivar id: Resource Id. :vartype id: str :ivar name: Resource name. :vartype name: str :ivar type: Resource type. :vartype type: str - :param security_family: Required. The security family of the discovered solution. Possible - values include: "Waf", "Ngfw", "SaasWaf", "Va". - :type security_family: str or ~azure.mgmt.security.models.SecurityFamily - :param offer: Required. The security solutions' image offer. - :type offer: str - :param publisher: Required. The security solutions' image publisher. - :type publisher: str - :param sku: Required. The security solutions' image sku. - :type sku: str + :param kind: Required. the kind of the settings string.Constant filled by server. Possible + values include: "DataExportSettings", "AlertSuppressionSetting", "AlertSyncSettings". + :type kind: str or ~azure.mgmt.security.models.SettingKind + :param enabled: Is the data export setting enabled. + :type enabled: bool """ _validation = { - 'location': {'readonly': True}, 'id': {'readonly': True}, 'name': {'readonly': True}, 'type': {'readonly': True}, - 'security_family': {'required': True}, - 'offer': {'required': True}, - 'publisher': {'required': True}, - 'sku': {'required': True}, + 'kind': {'required': True}, } _attribute_map = { - 'location': {'key': 'location', 'type': 'str'}, 'id': {'key': 'id', 'type': 'str'}, 'name': {'key': 'name', 'type': 'str'}, 'type': {'key': 'type', 'type': 'str'}, - 'security_family': {'key': 'properties.securityFamily', 'type': 'str'}, - 'offer': {'key': 'properties.offer', 'type': 'str'}, - 'publisher': {'key': 'properties.publisher', 'type': 'str'}, - 'sku': {'key': 'properties.sku', 'type': 'str'}, + 'kind': {'key': 'kind', 'type': 'str'}, + 'enabled': {'key': 'properties.enabled', 'type': 'bool'}, } def __init__( self, **kwargs ): - super(DiscoveredSecuritySolution, self).__init__(**kwargs) - self.location = None - self.security_family = kwargs['security_family'] - self.offer = kwargs['offer'] - self.publisher = kwargs['publisher'] - self.sku = kwargs['sku'] - self.id = None - self.name = None - self.type = None - self.security_family = kwargs['security_family'] - self.offer = kwargs['offer'] - self.publisher = kwargs['publisher'] - self.sku = kwargs['sku'] + super(DataExportSettings, self).__init__(**kwargs) + self.kind = 'DataExportSettings' # type: str + self.enabled = kwargs.get('enabled', None) -class DiscoveredSecuritySolutionList(msrest.serialization.Model): - """DiscoveredSecuritySolutionList. +class DefenderForContainersAwsOffering(CloudOffering): + """The Defender for Containers AWS offering configurations. Variables are only populated by the server, and will be ignored when sending a request. - :param value: - :type value: list[~azure.mgmt.security.models.DiscoveredSecuritySolution] - :ivar next_link: The URI to fetch the next page. - :vartype next_link: str + All required parameters must be populated in order to send to Azure. + + :param offering_type: Required. The type of the security offering.Constant filled by server. + Possible values include: "CspmMonitorAws", "DefenderForContainersAws", "DefenderForServersAws". + :type offering_type: str or ~azure.mgmt.security.models.OfferingType + :ivar description: The offering description. + :vartype description: str + :param kubernetes_service: The kubernetes service connection configuration. + :type kubernetes_service: + ~azure.mgmt.security.models.DefenderForContainersAwsOfferingKubernetesService + :param kubernetes_scuba_reader: The kubernetes to scuba connection configuration. + :type kubernetes_scuba_reader: + ~azure.mgmt.security.models.DefenderForContainersAwsOfferingKubernetesScubaReader + :param cloud_watch_to_kinesis: The cloudwatch to kinesis connection configuration. + :type cloud_watch_to_kinesis: + ~azure.mgmt.security.models.DefenderForContainersAwsOfferingCloudWatchToKinesis + :param kinesis_to_s3: The kinesis to s3 connection configuration. + :type kinesis_to_s3: ~azure.mgmt.security.models.DefenderForContainersAwsOfferingKinesisToS3 """ _validation = { - 'next_link': {'readonly': True}, + 'offering_type': {'required': True}, + 'description': {'readonly': True}, } _attribute_map = { - 'value': {'key': 'value', 'type': '[DiscoveredSecuritySolution]'}, - 'next_link': {'key': 'nextLink', 'type': 'str'}, + 'offering_type': {'key': 'offeringType', 'type': 'str'}, + 'description': {'key': 'description', 'type': 'str'}, + 'kubernetes_service': {'key': 'kubernetesService', 'type': 'DefenderForContainersAwsOfferingKubernetesService'}, + 'kubernetes_scuba_reader': {'key': 'kubernetesScubaReader', 'type': 'DefenderForContainersAwsOfferingKubernetesScubaReader'}, + 'cloud_watch_to_kinesis': {'key': 'cloudWatchToKinesis', 'type': 'DefenderForContainersAwsOfferingCloudWatchToKinesis'}, + 'kinesis_to_s3': {'key': 'kinesisToS3', 'type': 'DefenderForContainersAwsOfferingKinesisToS3'}, } def __init__( self, **kwargs ): - super(DiscoveredSecuritySolutionList, self).__init__(**kwargs) - self.value = kwargs.get('value', None) - self.next_link = None + super(DefenderForContainersAwsOffering, self).__init__(**kwargs) + self.offering_type = 'DefenderForContainersAws' # type: str + self.kubernetes_service = kwargs.get('kubernetes_service', None) + self.kubernetes_scuba_reader = kwargs.get('kubernetes_scuba_reader', None) + self.cloud_watch_to_kinesis = kwargs.get('cloud_watch_to_kinesis', None) + self.kinesis_to_s3 = kwargs.get('kinesis_to_s3', None) -class EffectiveNetworkSecurityGroups(msrest.serialization.Model): - """Describes the Network Security Groups effective on a network interface. +class DefenderForContainersAwsOfferingCloudWatchToKinesis(msrest.serialization.Model): + """The cloudwatch to kinesis connection configuration. - :param network_interface: The Azure resource ID of the network interface. - :type network_interface: str - :param network_security_groups: The Network Security Groups effective on the network interface. - :type network_security_groups: list[str] + :param cloud_role_arn: The cloud role ARN in AWS for this feature. + :type cloud_role_arn: str """ _attribute_map = { - 'network_interface': {'key': 'networkInterface', 'type': 'str'}, - 'network_security_groups': {'key': 'networkSecurityGroups', 'type': '[str]'}, + 'cloud_role_arn': {'key': 'cloudRoleArn', 'type': 'str'}, } def __init__( self, **kwargs ): - super(EffectiveNetworkSecurityGroups, self).__init__(**kwargs) - self.network_interface = kwargs.get('network_interface', None) - self.network_security_groups = kwargs.get('network_security_groups', None) + super(DefenderForContainersAwsOfferingCloudWatchToKinesis, self).__init__(**kwargs) + self.cloud_role_arn = kwargs.get('cloud_role_arn', None) -class ErrorAdditionalInfo(msrest.serialization.Model): - """The resource management error additional info. +class DefenderForContainersAwsOfferingKinesisToS3(msrest.serialization.Model): + """The kinesis to s3 connection configuration. - Variables are only populated by the server, and will be ignored when sending a request. + :param cloud_role_arn: The cloud role ARN in AWS for this feature. + :type cloud_role_arn: str + """ - :ivar type: The additional info type. - :vartype type: str - :ivar info: The additional info. - :vartype info: any + _attribute_map = { + 'cloud_role_arn': {'key': 'cloudRoleArn', 'type': 'str'}, + } + + def __init__( + self, + **kwargs + ): + super(DefenderForContainersAwsOfferingKinesisToS3, self).__init__(**kwargs) + self.cloud_role_arn = kwargs.get('cloud_role_arn', None) + + +class DefenderForContainersAwsOfferingKubernetesScubaReader(msrest.serialization.Model): + """The kubernetes to scuba connection configuration. + + :param cloud_role_arn: The cloud role ARN in AWS for this feature. + :type cloud_role_arn: str """ - _validation = { - 'type': {'readonly': True}, - 'info': {'readonly': True}, + _attribute_map = { + 'cloud_role_arn': {'key': 'cloudRoleArn', 'type': 'str'}, } + def __init__( + self, + **kwargs + ): + super(DefenderForContainersAwsOfferingKubernetesScubaReader, self).__init__(**kwargs) + self.cloud_role_arn = kwargs.get('cloud_role_arn', None) + + +class DefenderForContainersAwsOfferingKubernetesService(msrest.serialization.Model): + """The kubernetes service connection configuration. + + :param cloud_role_arn: The cloud role ARN in AWS for this feature. + :type cloud_role_arn: str + """ + _attribute_map = { - 'type': {'key': 'type', 'type': 'str'}, - 'info': {'key': 'info', 'type': 'object'}, + 'cloud_role_arn': {'key': 'cloudRoleArn', 'type': 'str'}, } def __init__( self, **kwargs ): - super(ErrorAdditionalInfo, self).__init__(**kwargs) - self.type = None - self.info = None + super(DefenderForContainersAwsOfferingKubernetesService, self).__init__(**kwargs) + self.cloud_role_arn = kwargs.get('cloud_role_arn', None) -class ExternalSecuritySolutionList(msrest.serialization.Model): - """ExternalSecuritySolutionList. +class DefenderForServersAwsOffering(CloudOffering): + """The Defender for Servers AWS offering configurations. Variables are only populated by the server, and will be ignored when sending a request. - :param value: - :type value: list[~azure.mgmt.security.models.ExternalSecuritySolution] - :ivar next_link: The URI to fetch the next page. - :vartype next_link: str + All required parameters must be populated in order to send to Azure. + + :param offering_type: Required. The type of the security offering.Constant filled by server. + Possible values include: "CspmMonitorAws", "DefenderForContainersAws", "DefenderForServersAws". + :type offering_type: str or ~azure.mgmt.security.models.OfferingType + :ivar description: The offering description. + :vartype description: str + :param defender_for_servers: The Defender for servers connection configuration. + :type defender_for_servers: + ~azure.mgmt.security.models.DefenderForServersAwsOfferingDefenderForServers + :param arc_auto_provisioning: The ARC autoprovisioning configuration. + :type arc_auto_provisioning: + ~azure.mgmt.security.models.DefenderForServersAwsOfferingArcAutoProvisioning """ _validation = { - 'next_link': {'readonly': True}, + 'offering_type': {'required': True}, + 'description': {'readonly': True}, } _attribute_map = { - 'value': {'key': 'value', 'type': '[ExternalSecuritySolution]'}, - 'next_link': {'key': 'nextLink', 'type': 'str'}, + 'offering_type': {'key': 'offeringType', 'type': 'str'}, + 'description': {'key': 'description', 'type': 'str'}, + 'defender_for_servers': {'key': 'defenderForServers', 'type': 'DefenderForServersAwsOfferingDefenderForServers'}, + 'arc_auto_provisioning': {'key': 'arcAutoProvisioning', 'type': 'DefenderForServersAwsOfferingArcAutoProvisioning'}, } def __init__( self, **kwargs ): - super(ExternalSecuritySolutionList, self).__init__(**kwargs) - self.value = kwargs.get('value', None) - self.next_link = None + super(DefenderForServersAwsOffering, self).__init__(**kwargs) + self.offering_type = 'DefenderForServersAWS' # type: str + self.defender_for_servers = kwargs.get('defender_for_servers', None) + self.arc_auto_provisioning = kwargs.get('arc_auto_provisioning', None) -class FailedLocalLoginsNotInAllowedRange(TimeWindowCustomAlertRule): - """Number of failed local logins is not in allowed range. +class DefenderForServersAwsOfferingArcAutoProvisioning(msrest.serialization.Model): + """The ARC autoprovisioning configuration. + + :param enabled: Is arc auto provisioning enabled. + :type enabled: bool + :param service_principal_secret_metadata: Metadata of Service Principal secret for + autoprovisioning. + :type service_principal_secret_metadata: + ~azure.mgmt.security.models.DefenderForServersAwsOfferingArcAutoProvisioningServicePrincipalSecretMetadata + """ + + _attribute_map = { + 'enabled': {'key': 'enabled', 'type': 'bool'}, + 'service_principal_secret_metadata': {'key': 'servicePrincipalSecretMetadata', 'type': 'DefenderForServersAwsOfferingArcAutoProvisioningServicePrincipalSecretMetadata'}, + } + + def __init__( + self, + **kwargs + ): + super(DefenderForServersAwsOfferingArcAutoProvisioning, self).__init__(**kwargs) + self.enabled = kwargs.get('enabled', None) + self.service_principal_secret_metadata = kwargs.get('service_principal_secret_metadata', None) + + +class DefenderForServersAwsOfferingArcAutoProvisioningServicePrincipalSecretMetadata(msrest.serialization.Model): + """Metadata of Service Principal secret for autoprovisioning. + + :param expiry_date: expiration date of service principal secret. + :type expiry_date: str + :param parameter_store_region: region of parameter store where secret is kept. + :type parameter_store_region: str + :param parameter_name_in_store: name of secret resource in parameter store. + :type parameter_name_in_store: str + """ + + _attribute_map = { + 'expiry_date': {'key': 'expiryDate', 'type': 'str'}, + 'parameter_store_region': {'key': 'parameterStoreRegion', 'type': 'str'}, + 'parameter_name_in_store': {'key': 'parameterNameInStore', 'type': 'str'}, + } + + def __init__( + self, + **kwargs + ): + super(DefenderForServersAwsOfferingArcAutoProvisioningServicePrincipalSecretMetadata, self).__init__(**kwargs) + self.expiry_date = kwargs.get('expiry_date', None) + self.parameter_store_region = kwargs.get('parameter_store_region', None) + self.parameter_name_in_store = kwargs.get('parameter_name_in_store', None) + + +class DefenderForServersAwsOfferingDefenderForServers(msrest.serialization.Model): + """The Defender for servers connection configuration. + + :param cloud_role_arn: The cloud role ARN in AWS for this feature. + :type cloud_role_arn: str + """ + + _attribute_map = { + 'cloud_role_arn': {'key': 'cloudRoleArn', 'type': 'str'}, + } + + def __init__( + self, + **kwargs + ): + super(DefenderForServersAwsOfferingDefenderForServers, self).__init__(**kwargs) + self.cloud_role_arn = kwargs.get('cloud_role_arn', None) + + +class DenylistCustomAlertRule(ListCustomAlertRule): + """A custom alert rule that checks if a value (depends on the custom alert type) is denied. Variables are only populated by the server, and will be ignored when sending a request. @@ -3978,12 +4273,12 @@ class FailedLocalLoginsNotInAllowedRange(TimeWindowCustomAlertRule): :type is_enabled: bool :param rule_type: Required. The type of the custom alert rule.Constant filled by server. :type rule_type: str - :param min_threshold: Required. The minimum threshold. - :type min_threshold: int - :param max_threshold: Required. The maximum threshold. - :type max_threshold: int - :param time_window_size: Required. The time window size in iso8601 format. - :type time_window_size: ~datetime.timedelta + :ivar value_type: The value type of the items in the list. Possible values include: "IpCidr", + "String". + :vartype value_type: str or ~azure.mgmt.security.models.ValueType + :param denylist_values: Required. The values to deny. The format of the values depends on the + rule type. + :type denylist_values: list[str] """ _validation = { @@ -3991,9 +4286,8 @@ class FailedLocalLoginsNotInAllowedRange(TimeWindowCustomAlertRule): 'description': {'readonly': True}, 'is_enabled': {'required': True}, 'rule_type': {'required': True}, - 'min_threshold': {'required': True}, - 'max_threshold': {'required': True}, - 'time_window_size': {'required': True}, + 'value_type': {'readonly': True}, + 'denylist_values': {'required': True}, } _attribute_map = { @@ -4001,168 +4295,98 @@ class FailedLocalLoginsNotInAllowedRange(TimeWindowCustomAlertRule): 'description': {'key': 'description', 'type': 'str'}, 'is_enabled': {'key': 'isEnabled', 'type': 'bool'}, 'rule_type': {'key': 'ruleType', 'type': 'str'}, - 'min_threshold': {'key': 'minThreshold', 'type': 'int'}, - 'max_threshold': {'key': 'maxThreshold', 'type': 'int'}, - 'time_window_size': {'key': 'timeWindowSize', 'type': 'duration'}, + 'value_type': {'key': 'valueType', 'type': 'str'}, + 'denylist_values': {'key': 'denylistValues', 'type': '[str]'}, } def __init__( self, **kwargs ): - super(FailedLocalLoginsNotInAllowedRange, self).__init__(**kwargs) - self.rule_type = 'FailedLocalLoginsNotInAllowedRange' # type: str + super(DenylistCustomAlertRule, self).__init__(**kwargs) + self.rule_type = 'DenylistCustomAlertRule' # type: str + self.denylist_values = kwargs['denylist_values'] -class FileUploadsNotInAllowedRange(TimeWindowCustomAlertRule): - """Number of file uploads is not in allowed range. +class DeviceSecurityGroup(Resource): + """The device security group resource. Variables are only populated by the server, and will be ignored when sending a request. - All required parameters must be populated in order to send to Azure. - - :ivar display_name: The display name of the custom alert. - :vartype display_name: str - :ivar description: The description of the custom alert. - :vartype description: str - :param is_enabled: Required. Status of the custom alert. - :type is_enabled: bool - :param rule_type: Required. The type of the custom alert rule.Constant filled by server. - :type rule_type: str - :param min_threshold: Required. The minimum threshold. - :type min_threshold: int - :param max_threshold: Required. The maximum threshold. - :type max_threshold: int - :param time_window_size: Required. The time window size in iso8601 format. - :type time_window_size: ~datetime.timedelta + :ivar id: Resource Id. + :vartype id: str + :ivar name: Resource name. + :vartype name: str + :ivar type: Resource type. + :vartype type: str + :param threshold_rules: The list of custom alert threshold rules. + :type threshold_rules: list[~azure.mgmt.security.models.ThresholdCustomAlertRule] + :param time_window_rules: The list of custom alert time-window rules. + :type time_window_rules: list[~azure.mgmt.security.models.TimeWindowCustomAlertRule] + :param allowlist_rules: The allow-list custom alert rules. + :type allowlist_rules: list[~azure.mgmt.security.models.AllowlistCustomAlertRule] + :param denylist_rules: The deny-list custom alert rules. + :type denylist_rules: list[~azure.mgmt.security.models.DenylistCustomAlertRule] """ _validation = { - 'display_name': {'readonly': True}, - 'description': {'readonly': True}, - 'is_enabled': {'required': True}, - 'rule_type': {'required': True}, - 'min_threshold': {'required': True}, - 'max_threshold': {'required': True}, - 'time_window_size': {'required': True}, + 'id': {'readonly': True}, + 'name': {'readonly': True}, + 'type': {'readonly': True}, } _attribute_map = { - 'display_name': {'key': 'displayName', 'type': 'str'}, - 'description': {'key': 'description', 'type': 'str'}, - 'is_enabled': {'key': 'isEnabled', 'type': 'bool'}, - 'rule_type': {'key': 'ruleType', 'type': 'str'}, - 'min_threshold': {'key': 'minThreshold', 'type': 'int'}, - 'max_threshold': {'key': 'maxThreshold', 'type': 'int'}, - 'time_window_size': {'key': 'timeWindowSize', 'type': 'duration'}, + 'id': {'key': 'id', 'type': 'str'}, + 'name': {'key': 'name', 'type': 'str'}, + 'type': {'key': 'type', 'type': 'str'}, + 'threshold_rules': {'key': 'properties.thresholdRules', 'type': '[ThresholdCustomAlertRule]'}, + 'time_window_rules': {'key': 'properties.timeWindowRules', 'type': '[TimeWindowCustomAlertRule]'}, + 'allowlist_rules': {'key': 'properties.allowlistRules', 'type': '[AllowlistCustomAlertRule]'}, + 'denylist_rules': {'key': 'properties.denylistRules', 'type': '[DenylistCustomAlertRule]'}, } def __init__( self, **kwargs ): - super(FileUploadsNotInAllowedRange, self).__init__(**kwargs) - self.rule_type = 'FileUploadsNotInAllowedRange' # type: str + super(DeviceSecurityGroup, self).__init__(**kwargs) + self.threshold_rules = kwargs.get('threshold_rules', None) + self.time_window_rules = kwargs.get('time_window_rules', None) + self.allowlist_rules = kwargs.get('allowlist_rules', None) + self.denylist_rules = kwargs.get('denylist_rules', None) -class GcpCredentialsDetailsProperties(AuthenticationDetailsProperties): - """GCP cloud account connector based service to service credentials, the credentials are composed of the organization ID and a JSON API key (write only). +class DeviceSecurityGroupList(msrest.serialization.Model): + """List of device security groups. Variables are only populated by the server, and will be ignored when sending a request. - All required parameters must be populated in order to send to Azure. - - :ivar authentication_provisioning_state: State of the multi-cloud connector. Possible values - include: "Valid", "Invalid", "Expired", "IncorrectPolicy". - :vartype authentication_provisioning_state: str or - ~azure.mgmt.security.models.AuthenticationProvisioningState - :ivar granted_permissions: The permissions detected in the cloud account. - :vartype granted_permissions: list[str or ~azure.mgmt.security.models.PermissionProperty] - :param authentication_type: Required. Connect to your cloud account, for AWS use either account - credentials or role-based authentication. For GCP use account organization credentials.Constant - filled by server. Possible values include: "awsCreds", "awsAssumeRole", "gcpCredentials". - :type authentication_type: str or ~azure.mgmt.security.models.AuthenticationType - :param organization_id: Required. The organization ID of the GCP cloud account. - :type organization_id: str - :param type: Required. Type field of the API key (write only). - :type type: str - :param project_id: Required. Project ID field of the API key (write only). - :type project_id: str - :param private_key_id: Required. Private key ID field of the API key (write only). - :type private_key_id: str - :param private_key: Required. Private key field of the API key (write only). - :type private_key: str - :param client_email: Required. Client email field of the API key (write only). - :type client_email: str - :param client_id: Required. Client ID field of the API key (write only). - :type client_id: str - :param auth_uri: Required. Auth URI field of the API key (write only). - :type auth_uri: str - :param token_uri: Required. Token URI field of the API key (write only). - :type token_uri: str - :param auth_provider_x509_cert_url: Required. Auth provider x509 certificate URL field of the - API key (write only). - :type auth_provider_x509_cert_url: str - :param client_x509_cert_url: Required. Client x509 certificate URL field of the API key (write - only). - :type client_x509_cert_url: str + :param value: List of device security group objects. + :type value: list[~azure.mgmt.security.models.DeviceSecurityGroup] + :ivar next_link: The URI to fetch the next page. + :vartype next_link: str """ _validation = { - 'authentication_provisioning_state': {'readonly': True}, - 'granted_permissions': {'readonly': True}, - 'authentication_type': {'required': True}, - 'organization_id': {'required': True}, - 'type': {'required': True}, - 'project_id': {'required': True}, - 'private_key_id': {'required': True}, - 'private_key': {'required': True}, - 'client_email': {'required': True}, - 'client_id': {'required': True}, - 'auth_uri': {'required': True}, - 'token_uri': {'required': True}, - 'auth_provider_x509_cert_url': {'required': True}, - 'client_x509_cert_url': {'required': True}, + 'next_link': {'readonly': True}, } _attribute_map = { - 'authentication_provisioning_state': {'key': 'authenticationProvisioningState', 'type': 'str'}, - 'granted_permissions': {'key': 'grantedPermissions', 'type': '[str]'}, - 'authentication_type': {'key': 'authenticationType', 'type': 'str'}, - 'organization_id': {'key': 'organizationId', 'type': 'str'}, - 'type': {'key': 'type', 'type': 'str'}, - 'project_id': {'key': 'projectId', 'type': 'str'}, - 'private_key_id': {'key': 'privateKeyId', 'type': 'str'}, - 'private_key': {'key': 'privateKey', 'type': 'str'}, - 'client_email': {'key': 'clientEmail', 'type': 'str'}, - 'client_id': {'key': 'clientId', 'type': 'str'}, - 'auth_uri': {'key': 'authUri', 'type': 'str'}, - 'token_uri': {'key': 'tokenUri', 'type': 'str'}, - 'auth_provider_x509_cert_url': {'key': 'authProviderX509CertUrl', 'type': 'str'}, - 'client_x509_cert_url': {'key': 'clientX509CertUrl', 'type': 'str'}, + 'value': {'key': 'value', 'type': '[DeviceSecurityGroup]'}, + 'next_link': {'key': 'nextLink', 'type': 'str'}, } def __init__( self, **kwargs ): - super(GcpCredentialsDetailsProperties, self).__init__(**kwargs) - self.authentication_type = 'gcpCredentials' # type: str - self.organization_id = kwargs['organization_id'] - self.type = kwargs['type'] - self.project_id = kwargs['project_id'] - self.private_key_id = kwargs['private_key_id'] - self.private_key = kwargs['private_key'] - self.client_email = kwargs['client_email'] - self.client_id = kwargs['client_id'] - self.auth_uri = kwargs['auth_uri'] - self.token_uri = kwargs['token_uri'] - self.auth_provider_x509_cert_url = kwargs['auth_provider_x509_cert_url'] - self.client_x509_cert_url = kwargs['client_x509_cert_url'] + super(DeviceSecurityGroupList, self).__init__(**kwargs) + self.value = kwargs.get('value', None) + self.next_link = None -class HttpC2DMessagesNotInAllowedRange(TimeWindowCustomAlertRule): - """Number of cloud to device messages (HTTP protocol) is not in allowed range. +class DirectMethodInvokesNotInAllowedRange(TimeWindowCustomAlertRule): + """Number of direct method invokes is not in allowed range. Variables are only populated by the server, and will be ignored when sending a request. @@ -4208,253 +4432,166 @@ def __init__( self, **kwargs ): - super(HttpC2DMessagesNotInAllowedRange, self).__init__(**kwargs) - self.rule_type = 'HttpC2DMessagesNotInAllowedRange' # type: str + super(DirectMethodInvokesNotInAllowedRange, self).__init__(**kwargs) + self.rule_type = 'DirectMethodInvokesNotInAllowedRange' # type: str -class HttpC2DRejectedMessagesNotInAllowedRange(TimeWindowCustomAlertRule): - """Number of rejected cloud to device messages (HTTP protocol) is not in allowed range. +class DiscoveredSecuritySolution(Resource, Location): + """DiscoveredSecuritySolution. Variables are only populated by the server, and will be ignored when sending a request. All required parameters must be populated in order to send to Azure. - :ivar display_name: The display name of the custom alert. - :vartype display_name: str - :ivar description: The description of the custom alert. - :vartype description: str - :param is_enabled: Required. Status of the custom alert. - :type is_enabled: bool - :param rule_type: Required. The type of the custom alert rule.Constant filled by server. - :type rule_type: str - :param min_threshold: Required. The minimum threshold. - :type min_threshold: int - :param max_threshold: Required. The maximum threshold. - :type max_threshold: int - :param time_window_size: Required. The time window size in iso8601 format. - :type time_window_size: ~datetime.timedelta + :ivar location: Location where the resource is stored. + :vartype location: str + :ivar id: Resource Id. + :vartype id: str + :ivar name: Resource name. + :vartype name: str + :ivar type: Resource type. + :vartype type: str + :param security_family: Required. The security family of the discovered solution. Possible + values include: "Waf", "Ngfw", "SaasWaf", "Va". + :type security_family: str or ~azure.mgmt.security.models.SecurityFamily + :param offer: Required. The security solutions' image offer. + :type offer: str + :param publisher: Required. The security solutions' image publisher. + :type publisher: str + :param sku: Required. The security solutions' image sku. + :type sku: str """ _validation = { - 'display_name': {'readonly': True}, - 'description': {'readonly': True}, - 'is_enabled': {'required': True}, - 'rule_type': {'required': True}, - 'min_threshold': {'required': True}, - 'max_threshold': {'required': True}, - 'time_window_size': {'required': True}, + 'location': {'readonly': True}, + 'id': {'readonly': True}, + 'name': {'readonly': True}, + 'type': {'readonly': True}, + 'security_family': {'required': True}, + 'offer': {'required': True}, + 'publisher': {'required': True}, + 'sku': {'required': True}, } _attribute_map = { - 'display_name': {'key': 'displayName', 'type': 'str'}, - 'description': {'key': 'description', 'type': 'str'}, - 'is_enabled': {'key': 'isEnabled', 'type': 'bool'}, - 'rule_type': {'key': 'ruleType', 'type': 'str'}, - 'min_threshold': {'key': 'minThreshold', 'type': 'int'}, - 'max_threshold': {'key': 'maxThreshold', 'type': 'int'}, - 'time_window_size': {'key': 'timeWindowSize', 'type': 'duration'}, + 'location': {'key': 'location', 'type': 'str'}, + 'id': {'key': 'id', 'type': 'str'}, + 'name': {'key': 'name', 'type': 'str'}, + 'type': {'key': 'type', 'type': 'str'}, + 'security_family': {'key': 'properties.securityFamily', 'type': 'str'}, + 'offer': {'key': 'properties.offer', 'type': 'str'}, + 'publisher': {'key': 'properties.publisher', 'type': 'str'}, + 'sku': {'key': 'properties.sku', 'type': 'str'}, } def __init__( self, **kwargs ): - super(HttpC2DRejectedMessagesNotInAllowedRange, self).__init__(**kwargs) - self.rule_type = 'HttpC2DRejectedMessagesNotInAllowedRange' # type: str + super(DiscoveredSecuritySolution, self).__init__(**kwargs) + self.location = None + self.security_family = kwargs['security_family'] + self.offer = kwargs['offer'] + self.publisher = kwargs['publisher'] + self.sku = kwargs['sku'] + self.id = None + self.name = None + self.type = None + self.security_family = kwargs['security_family'] + self.offer = kwargs['offer'] + self.publisher = kwargs['publisher'] + self.sku = kwargs['sku'] -class HttpD2CMessagesNotInAllowedRange(TimeWindowCustomAlertRule): - """Number of device to cloud messages (HTTP protocol) is not in allowed range. +class DiscoveredSecuritySolutionList(msrest.serialization.Model): + """DiscoveredSecuritySolutionList. Variables are only populated by the server, and will be ignored when sending a request. - All required parameters must be populated in order to send to Azure. - - :ivar display_name: The display name of the custom alert. - :vartype display_name: str - :ivar description: The description of the custom alert. - :vartype description: str - :param is_enabled: Required. Status of the custom alert. - :type is_enabled: bool - :param rule_type: Required. The type of the custom alert rule.Constant filled by server. - :type rule_type: str - :param min_threshold: Required. The minimum threshold. - :type min_threshold: int - :param max_threshold: Required. The maximum threshold. - :type max_threshold: int - :param time_window_size: Required. The time window size in iso8601 format. - :type time_window_size: ~datetime.timedelta - """ - - _validation = { - 'display_name': {'readonly': True}, - 'description': {'readonly': True}, - 'is_enabled': {'required': True}, - 'rule_type': {'required': True}, - 'min_threshold': {'required': True}, - 'max_threshold': {'required': True}, - 'time_window_size': {'required': True}, - } - - _attribute_map = { - 'display_name': {'key': 'displayName', 'type': 'str'}, - 'description': {'key': 'description', 'type': 'str'}, - 'is_enabled': {'key': 'isEnabled', 'type': 'bool'}, - 'rule_type': {'key': 'ruleType', 'type': 'str'}, - 'min_threshold': {'key': 'minThreshold', 'type': 'int'}, - 'max_threshold': {'key': 'maxThreshold', 'type': 'int'}, - 'time_window_size': {'key': 'timeWindowSize', 'type': 'duration'}, - } - - def __init__( - self, - **kwargs - ): - super(HttpD2CMessagesNotInAllowedRange, self).__init__(**kwargs) - self.rule_type = 'HttpD2CMessagesNotInAllowedRange' # type: str - - -class HybridComputeSettingsProperties(msrest.serialization.Model): - """Settings for hybrid compute management. - - Variables are only populated by the server, and will be ignored when sending a request. - - All required parameters must be populated in order to send to Azure. - - :ivar hybrid_compute_provisioning_state: State of the service principal and its secret. - Possible values include: "Valid", "Invalid", "Expired". - :vartype hybrid_compute_provisioning_state: str or - ~azure.mgmt.security.models.HybridComputeProvisioningState - :param auto_provision: Required. Whether or not to automatically install Azure Arc (hybrid - compute) agents on machines. Possible values include: "On", "Off". - :type auto_provision: str or ~azure.mgmt.security.models.AutoProvision - :param resource_group_name: The name of the resource group where Arc (Hybrid Compute) - connectors are connected. - :type resource_group_name: str - :param region: The location where the metadata of machines will be stored. - :type region: str - :param proxy_server: For a non-Azure machine that is not connected directly to the internet, - specify a proxy server that the non-Azure machine can use. - :type proxy_server: ~azure.mgmt.security.models.ProxyServerProperties - :param service_principal: An object to access resources that are secured by an Azure AD tenant. - :type service_principal: ~azure.mgmt.security.models.ServicePrincipalProperties - """ + :param value: + :type value: list[~azure.mgmt.security.models.DiscoveredSecuritySolution] + :ivar next_link: The URI to fetch the next page. + :vartype next_link: str + """ _validation = { - 'hybrid_compute_provisioning_state': {'readonly': True}, - 'auto_provision': {'required': True}, + 'next_link': {'readonly': True}, } _attribute_map = { - 'hybrid_compute_provisioning_state': {'key': 'hybridComputeProvisioningState', 'type': 'str'}, - 'auto_provision': {'key': 'autoProvision', 'type': 'str'}, - 'resource_group_name': {'key': 'resourceGroupName', 'type': 'str'}, - 'region': {'key': 'region', 'type': 'str'}, - 'proxy_server': {'key': 'proxyServer', 'type': 'ProxyServerProperties'}, - 'service_principal': {'key': 'servicePrincipal', 'type': 'ServicePrincipalProperties'}, + 'value': {'key': 'value', 'type': '[DiscoveredSecuritySolution]'}, + 'next_link': {'key': 'nextLink', 'type': 'str'}, } def __init__( self, **kwargs ): - super(HybridComputeSettingsProperties, self).__init__(**kwargs) - self.hybrid_compute_provisioning_state = None - self.auto_provision = kwargs['auto_provision'] - self.resource_group_name = kwargs.get('resource_group_name', None) - self.region = kwargs.get('region', None) - self.proxy_server = kwargs.get('proxy_server', None) - self.service_principal = kwargs.get('service_principal', None) + super(DiscoveredSecuritySolutionList, self).__init__(**kwargs) + self.value = kwargs.get('value', None) + self.next_link = None -class InformationProtectionKeyword(msrest.serialization.Model): - """The information type keyword. +class EffectiveNetworkSecurityGroups(msrest.serialization.Model): + """Describes the Network Security Groups effective on a network interface. - :param pattern: The keyword pattern. - :type pattern: str - :param custom: Indicates whether the keyword is custom or not. - :type custom: bool - :param can_be_numeric: Indicates whether the keyword can be applied on numeric types or not. - :type can_be_numeric: bool - :param excluded: Indicates whether the keyword is excluded or not. - :type excluded: bool + :param network_interface: The Azure resource ID of the network interface. + :type network_interface: str + :param network_security_groups: The Network Security Groups effective on the network interface. + :type network_security_groups: list[str] """ _attribute_map = { - 'pattern': {'key': 'pattern', 'type': 'str'}, - 'custom': {'key': 'custom', 'type': 'bool'}, - 'can_be_numeric': {'key': 'canBeNumeric', 'type': 'bool'}, - 'excluded': {'key': 'excluded', 'type': 'bool'}, + 'network_interface': {'key': 'networkInterface', 'type': 'str'}, + 'network_security_groups': {'key': 'networkSecurityGroups', 'type': '[str]'}, } def __init__( self, **kwargs ): - super(InformationProtectionKeyword, self).__init__(**kwargs) - self.pattern = kwargs.get('pattern', None) - self.custom = kwargs.get('custom', None) - self.can_be_numeric = kwargs.get('can_be_numeric', None) - self.excluded = kwargs.get('excluded', None) + super(EffectiveNetworkSecurityGroups, self).__init__(**kwargs) + self.network_interface = kwargs.get('network_interface', None) + self.network_security_groups = kwargs.get('network_security_groups', None) -class InformationProtectionPolicy(Resource): - """Information protection policy. +class ErrorAdditionalInfo(msrest.serialization.Model): + """The resource management error additional info. Variables are only populated by the server, and will be ignored when sending a request. - :ivar id: Resource Id. - :vartype id: str - :ivar name: Resource name. - :vartype name: str - :ivar type: Resource type. + :ivar type: The additional info type. :vartype type: str - :ivar last_modified_utc: Describes the last UTC time the policy was modified. - :vartype last_modified_utc: ~datetime.datetime - :ivar version: Describes the version of the policy. - :vartype version: str - :param labels: Dictionary of sensitivity labels. - :type labels: dict[str, ~azure.mgmt.security.models.SensitivityLabel] - :param information_types: The sensitivity information types. - :type information_types: dict[str, ~azure.mgmt.security.models.InformationType] + :ivar info: The additional info. + :vartype info: any """ _validation = { - 'id': {'readonly': True}, - 'name': {'readonly': True}, 'type': {'readonly': True}, - 'last_modified_utc': {'readonly': True}, - 'version': {'readonly': True}, + 'info': {'readonly': True}, } _attribute_map = { - 'id': {'key': 'id', 'type': 'str'}, - 'name': {'key': 'name', 'type': 'str'}, 'type': {'key': 'type', 'type': 'str'}, - 'last_modified_utc': {'key': 'properties.lastModifiedUtc', 'type': 'iso-8601'}, - 'version': {'key': 'properties.version', 'type': 'str'}, - 'labels': {'key': 'properties.labels', 'type': '{SensitivityLabel}'}, - 'information_types': {'key': 'properties.informationTypes', 'type': '{InformationType}'}, + 'info': {'key': 'info', 'type': 'object'}, } def __init__( self, **kwargs ): - super(InformationProtectionPolicy, self).__init__(**kwargs) - self.last_modified_utc = None - self.version = None - self.labels = kwargs.get('labels', None) - self.information_types = kwargs.get('information_types', None) + super(ErrorAdditionalInfo, self).__init__(**kwargs) + self.type = None + self.info = None -class InformationProtectionPolicyList(msrest.serialization.Model): - """Information protection policies response. +class ExternalSecuritySolutionList(msrest.serialization.Model): + """ExternalSecuritySolutionList. Variables are only populated by the server, and will be ignored when sending a request. - :param value: List of information protection policies. - :type value: list[~azure.mgmt.security.models.InformationProtectionPolicy] + :param value: + :type value: list[~azure.mgmt.security.models.ExternalSecuritySolution] :ivar next_link: The URI to fetch the next page. :vartype next_link: str """ @@ -4464,7 +4601,7 @@ class InformationProtectionPolicyList(msrest.serialization.Model): } _attribute_map = { - 'value': {'key': 'value', 'type': '[InformationProtectionPolicy]'}, + 'value': {'key': 'value', 'type': '[ExternalSecuritySolution]'}, 'next_link': {'key': 'nextLink', 'type': 'str'}, } @@ -4472,504 +4609,513 @@ def __init__( self, **kwargs ): - super(InformationProtectionPolicyList, self).__init__(**kwargs) + super(ExternalSecuritySolutionList, self).__init__(**kwargs) self.value = kwargs.get('value', None) self.next_link = None -class InformationType(msrest.serialization.Model): - """The information type. +class FailedLocalLoginsNotInAllowedRange(TimeWindowCustomAlertRule): + """Number of failed local logins is not in allowed range. - :param display_name: The name of the information type. - :type display_name: str - :param description: The description of the information type. - :type description: str - :param order: The order of the information type. - :type order: int - :param recommended_label_id: The recommended label id to be associated with this information - type. - :type recommended_label_id: str - :param enabled: Indicates whether the information type is enabled or not. - :type enabled: bool - :param custom: Indicates whether the information type is custom or not. - :type custom: bool - :param keywords: The information type keywords. - :type keywords: list[~azure.mgmt.security.models.InformationProtectionKeyword] + Variables are only populated by the server, and will be ignored when sending a request. + + All required parameters must be populated in order to send to Azure. + + :ivar display_name: The display name of the custom alert. + :vartype display_name: str + :ivar description: The description of the custom alert. + :vartype description: str + :param is_enabled: Required. Status of the custom alert. + :type is_enabled: bool + :param rule_type: Required. The type of the custom alert rule.Constant filled by server. + :type rule_type: str + :param min_threshold: Required. The minimum threshold. + :type min_threshold: int + :param max_threshold: Required. The maximum threshold. + :type max_threshold: int + :param time_window_size: Required. The time window size in iso8601 format. + :type time_window_size: ~datetime.timedelta """ + _validation = { + 'display_name': {'readonly': True}, + 'description': {'readonly': True}, + 'is_enabled': {'required': True}, + 'rule_type': {'required': True}, + 'min_threshold': {'required': True}, + 'max_threshold': {'required': True}, + 'time_window_size': {'required': True}, + } + _attribute_map = { 'display_name': {'key': 'displayName', 'type': 'str'}, 'description': {'key': 'description', 'type': 'str'}, - 'order': {'key': 'order', 'type': 'int'}, - 'recommended_label_id': {'key': 'recommendedLabelId', 'type': 'str'}, - 'enabled': {'key': 'enabled', 'type': 'bool'}, - 'custom': {'key': 'custom', 'type': 'bool'}, - 'keywords': {'key': 'keywords', 'type': '[InformationProtectionKeyword]'}, + 'is_enabled': {'key': 'isEnabled', 'type': 'bool'}, + 'rule_type': {'key': 'ruleType', 'type': 'str'}, + 'min_threshold': {'key': 'minThreshold', 'type': 'int'}, + 'max_threshold': {'key': 'maxThreshold', 'type': 'int'}, + 'time_window_size': {'key': 'timeWindowSize', 'type': 'duration'}, } def __init__( self, **kwargs ): - super(InformationType, self).__init__(**kwargs) - self.display_name = kwargs.get('display_name', None) - self.description = kwargs.get('description', None) - self.order = kwargs.get('order', None) - self.recommended_label_id = kwargs.get('recommended_label_id', None) - self.enabled = kwargs.get('enabled', None) - self.custom = kwargs.get('custom', None) - self.keywords = kwargs.get('keywords', None) + super(FailedLocalLoginsNotInAllowedRange, self).__init__(**kwargs) + self.rule_type = 'FailedLocalLoginsNotInAllowedRange' # type: str -class IngestionConnectionString(msrest.serialization.Model): - """Connection string for ingesting security data and logs. +class FileUploadsNotInAllowedRange(TimeWindowCustomAlertRule): + """Number of file uploads is not in allowed range. Variables are only populated by the server, and will be ignored when sending a request. - :ivar location: The region where ingested logs and data resides. - :vartype location: str - :ivar value: Connection string value. - :vartype value: str - """ - - _validation = { - 'location': {'readonly': True}, - 'value': {'readonly': True}, - } - - _attribute_map = { - 'location': {'key': 'location', 'type': 'str'}, - 'value': {'key': 'value', 'type': 'str'}, - } + All required parameters must be populated in order to send to Azure. - def __init__( - self, - **kwargs - ): - super(IngestionConnectionString, self).__init__(**kwargs) - self.location = None - self.value = None - - -class IngestionSetting(Resource): - """Configures how to correlate scan data and logs with resources associated with the subscription. - - Variables are only populated by the server, and will be ignored when sending a request. - - :ivar id: Resource Id. - :vartype id: str - :ivar name: Resource name. - :vartype name: str - :ivar type: Resource type. - :vartype type: str - :param properties: Ingestion setting data. - :type properties: any + :ivar display_name: The display name of the custom alert. + :vartype display_name: str + :ivar description: The description of the custom alert. + :vartype description: str + :param is_enabled: Required. Status of the custom alert. + :type is_enabled: bool + :param rule_type: Required. The type of the custom alert rule.Constant filled by server. + :type rule_type: str + :param min_threshold: Required. The minimum threshold. + :type min_threshold: int + :param max_threshold: Required. The maximum threshold. + :type max_threshold: int + :param time_window_size: Required. The time window size in iso8601 format. + :type time_window_size: ~datetime.timedelta """ _validation = { - 'id': {'readonly': True}, - 'name': {'readonly': True}, - 'type': {'readonly': True}, + 'display_name': {'readonly': True}, + 'description': {'readonly': True}, + 'is_enabled': {'required': True}, + 'rule_type': {'required': True}, + 'min_threshold': {'required': True}, + 'max_threshold': {'required': True}, + 'time_window_size': {'required': True}, } _attribute_map = { - 'id': {'key': 'id', 'type': 'str'}, - 'name': {'key': 'name', 'type': 'str'}, - 'type': {'key': 'type', 'type': 'str'}, - 'properties': {'key': 'properties', 'type': 'object'}, + 'display_name': {'key': 'displayName', 'type': 'str'}, + 'description': {'key': 'description', 'type': 'str'}, + 'is_enabled': {'key': 'isEnabled', 'type': 'bool'}, + 'rule_type': {'key': 'ruleType', 'type': 'str'}, + 'min_threshold': {'key': 'minThreshold', 'type': 'int'}, + 'max_threshold': {'key': 'maxThreshold', 'type': 'int'}, + 'time_window_size': {'key': 'timeWindowSize', 'type': 'duration'}, } def __init__( self, **kwargs ): - super(IngestionSetting, self).__init__(**kwargs) - self.properties = kwargs.get('properties', None) + super(FileUploadsNotInAllowedRange, self).__init__(**kwargs) + self.rule_type = 'FileUploadsNotInAllowedRange' # type: str -class IngestionSettingList(msrest.serialization.Model): - """List of ingestion settings. +class GcpCredentialsDetailsProperties(AuthenticationDetailsProperties): + """GCP cloud account connector based service to service credentials, the credentials are composed of the organization ID and a JSON API key (write only). Variables are only populated by the server, and will be ignored when sending a request. - :ivar value: List of ingestion settings. - :vartype value: list[~azure.mgmt.security.models.IngestionSetting] - :ivar next_link: The URI to fetch the next page. - :vartype next_link: str + All required parameters must be populated in order to send to Azure. + + :ivar authentication_provisioning_state: State of the multi-cloud connector. Possible values + include: "Valid", "Invalid", "Expired", "IncorrectPolicy". + :vartype authentication_provisioning_state: str or + ~azure.mgmt.security.models.AuthenticationProvisioningState + :ivar granted_permissions: The permissions detected in the cloud account. + :vartype granted_permissions: list[str or ~azure.mgmt.security.models.PermissionProperty] + :param authentication_type: Required. Connect to your cloud account, for AWS use either account + credentials or role-based authentication. For GCP use account organization credentials.Constant + filled by server. Possible values include: "awsCreds", "awsAssumeRole", "gcpCredentials". + :type authentication_type: str or ~azure.mgmt.security.models.AuthenticationType + :param organization_id: Required. The organization ID of the GCP cloud account. + :type organization_id: str + :param type: Required. Type field of the API key (write only). + :type type: str + :param project_id: Required. Project ID field of the API key (write only). + :type project_id: str + :param private_key_id: Required. Private key ID field of the API key (write only). + :type private_key_id: str + :param private_key: Required. Private key field of the API key (write only). + :type private_key: str + :param client_email: Required. Client email field of the API key (write only). + :type client_email: str + :param client_id: Required. Client ID field of the API key (write only). + :type client_id: str + :param auth_uri: Required. Auth URI field of the API key (write only). + :type auth_uri: str + :param token_uri: Required. Token URI field of the API key (write only). + :type token_uri: str + :param auth_provider_x509_cert_url: Required. Auth provider x509 certificate URL field of the + API key (write only). + :type auth_provider_x509_cert_url: str + :param client_x509_cert_url: Required. Client x509 certificate URL field of the API key (write + only). + :type client_x509_cert_url: str """ _validation = { - 'value': {'readonly': True}, - 'next_link': {'readonly': True}, + 'authentication_provisioning_state': {'readonly': True}, + 'granted_permissions': {'readonly': True}, + 'authentication_type': {'required': True}, + 'organization_id': {'required': True}, + 'type': {'required': True}, + 'project_id': {'required': True}, + 'private_key_id': {'required': True}, + 'private_key': {'required': True}, + 'client_email': {'required': True}, + 'client_id': {'required': True}, + 'auth_uri': {'required': True}, + 'token_uri': {'required': True}, + 'auth_provider_x509_cert_url': {'required': True}, + 'client_x509_cert_url': {'required': True}, } _attribute_map = { - 'value': {'key': 'value', 'type': '[IngestionSetting]'}, - 'next_link': {'key': 'nextLink', 'type': 'str'}, + 'authentication_provisioning_state': {'key': 'authenticationProvisioningState', 'type': 'str'}, + 'granted_permissions': {'key': 'grantedPermissions', 'type': '[str]'}, + 'authentication_type': {'key': 'authenticationType', 'type': 'str'}, + 'organization_id': {'key': 'organizationId', 'type': 'str'}, + 'type': {'key': 'type', 'type': 'str'}, + 'project_id': {'key': 'projectId', 'type': 'str'}, + 'private_key_id': {'key': 'privateKeyId', 'type': 'str'}, + 'private_key': {'key': 'privateKey', 'type': 'str'}, + 'client_email': {'key': 'clientEmail', 'type': 'str'}, + 'client_id': {'key': 'clientId', 'type': 'str'}, + 'auth_uri': {'key': 'authUri', 'type': 'str'}, + 'token_uri': {'key': 'tokenUri', 'type': 'str'}, + 'auth_provider_x509_cert_url': {'key': 'authProviderX509CertUrl', 'type': 'str'}, + 'client_x509_cert_url': {'key': 'clientX509CertUrl', 'type': 'str'}, } def __init__( self, **kwargs ): - super(IngestionSettingList, self).__init__(**kwargs) - self.value = None - self.next_link = None + super(GcpCredentialsDetailsProperties, self).__init__(**kwargs) + self.authentication_type = 'gcpCredentials' # type: str + self.organization_id = kwargs['organization_id'] + self.type = kwargs['type'] + self.project_id = kwargs['project_id'] + self.private_key_id = kwargs['private_key_id'] + self.private_key = kwargs['private_key'] + self.client_email = kwargs['client_email'] + self.client_id = kwargs['client_id'] + self.auth_uri = kwargs['auth_uri'] + self.token_uri = kwargs['token_uri'] + self.auth_provider_x509_cert_url = kwargs['auth_provider_x509_cert_url'] + self.client_x509_cert_url = kwargs['client_x509_cert_url'] -class IngestionSettingToken(msrest.serialization.Model): - """Configures how to correlate scan data and logs with resources associated with the subscription. +class HttpC2DMessagesNotInAllowedRange(TimeWindowCustomAlertRule): + """Number of cloud to device messages (HTTP protocol) is not in allowed range. Variables are only populated by the server, and will be ignored when sending a request. - :ivar token: The token is used for correlating security data and logs with the resources in the - subscription. - :vartype token: str + All required parameters must be populated in order to send to Azure. + + :ivar display_name: The display name of the custom alert. + :vartype display_name: str + :ivar description: The description of the custom alert. + :vartype description: str + :param is_enabled: Required. Status of the custom alert. + :type is_enabled: bool + :param rule_type: Required. The type of the custom alert rule.Constant filled by server. + :type rule_type: str + :param min_threshold: Required. The minimum threshold. + :type min_threshold: int + :param max_threshold: Required. The maximum threshold. + :type max_threshold: int + :param time_window_size: Required. The time window size in iso8601 format. + :type time_window_size: ~datetime.timedelta """ _validation = { - 'token': {'readonly': True}, + 'display_name': {'readonly': True}, + 'description': {'readonly': True}, + 'is_enabled': {'required': True}, + 'rule_type': {'required': True}, + 'min_threshold': {'required': True}, + 'max_threshold': {'required': True}, + 'time_window_size': {'required': True}, } _attribute_map = { - 'token': {'key': 'token', 'type': 'str'}, + 'display_name': {'key': 'displayName', 'type': 'str'}, + 'description': {'key': 'description', 'type': 'str'}, + 'is_enabled': {'key': 'isEnabled', 'type': 'bool'}, + 'rule_type': {'key': 'ruleType', 'type': 'str'}, + 'min_threshold': {'key': 'minThreshold', 'type': 'int'}, + 'max_threshold': {'key': 'maxThreshold', 'type': 'int'}, + 'time_window_size': {'key': 'timeWindowSize', 'type': 'duration'}, } def __init__( self, **kwargs ): - super(IngestionSettingToken, self).__init__(**kwargs) - self.token = None + super(HttpC2DMessagesNotInAllowedRange, self).__init__(**kwargs) + self.rule_type = 'HttpC2DMessagesNotInAllowedRange' # type: str -class TagsResource(msrest.serialization.Model): - """A container holding only the Tags for a resource, allowing the user to update the tags. +class HttpC2DRejectedMessagesNotInAllowedRange(TimeWindowCustomAlertRule): + """Number of rejected cloud to device messages (HTTP protocol) is not in allowed range. - :param tags: A set of tags. Resource tags. - :type tags: dict[str, str] + Variables are only populated by the server, and will be ignored when sending a request. + + All required parameters must be populated in order to send to Azure. + + :ivar display_name: The display name of the custom alert. + :vartype display_name: str + :ivar description: The description of the custom alert. + :vartype description: str + :param is_enabled: Required. Status of the custom alert. + :type is_enabled: bool + :param rule_type: Required. The type of the custom alert rule.Constant filled by server. + :type rule_type: str + :param min_threshold: Required. The minimum threshold. + :type min_threshold: int + :param max_threshold: Required. The maximum threshold. + :type max_threshold: int + :param time_window_size: Required. The time window size in iso8601 format. + :type time_window_size: ~datetime.timedelta """ + _validation = { + 'display_name': {'readonly': True}, + 'description': {'readonly': True}, + 'is_enabled': {'required': True}, + 'rule_type': {'required': True}, + 'min_threshold': {'required': True}, + 'max_threshold': {'required': True}, + 'time_window_size': {'required': True}, + } + _attribute_map = { - 'tags': {'key': 'tags', 'type': '{str}'}, + 'display_name': {'key': 'displayName', 'type': 'str'}, + 'description': {'key': 'description', 'type': 'str'}, + 'is_enabled': {'key': 'isEnabled', 'type': 'bool'}, + 'rule_type': {'key': 'ruleType', 'type': 'str'}, + 'min_threshold': {'key': 'minThreshold', 'type': 'int'}, + 'max_threshold': {'key': 'maxThreshold', 'type': 'int'}, + 'time_window_size': {'key': 'timeWindowSize', 'type': 'duration'}, } def __init__( self, **kwargs ): - super(TagsResource, self).__init__(**kwargs) - self.tags = kwargs.get('tags', None) + super(HttpC2DRejectedMessagesNotInAllowedRange, self).__init__(**kwargs) + self.rule_type = 'HttpC2DRejectedMessagesNotInAllowedRange' # type: str -class IoTSecurityAggregatedAlert(Resource, TagsResource): - """Security Solution Aggregated Alert information. +class HttpD2CMessagesNotInAllowedRange(TimeWindowCustomAlertRule): + """Number of device to cloud messages (HTTP protocol) is not in allowed range. Variables are only populated by the server, and will be ignored when sending a request. - :param tags: A set of tags. Resource tags. - :type tags: dict[str, str] - :ivar id: Resource Id. - :vartype id: str - :ivar name: Resource name. - :vartype name: str - :ivar type: Resource type. - :vartype type: str - :ivar alert_type: Name of the alert type. - :vartype alert_type: str - :ivar alert_display_name: Display name of the alert type. - :vartype alert_display_name: str - :ivar aggregated_date_utc: Date of detection. - :vartype aggregated_date_utc: ~datetime.date - :ivar vendor_name: Name of the organization that raised the alert. - :vartype vendor_name: str - :ivar reported_severity: Assessed alert severity. Possible values include: "Informational", - "Low", "Medium", "High". - :vartype reported_severity: str or ~azure.mgmt.security.models.ReportedSeverity - :ivar remediation_steps: Recommended steps for remediation. - :vartype remediation_steps: str - :ivar description: Description of the suspected vulnerability and meaning. + All required parameters must be populated in order to send to Azure. + + :ivar display_name: The display name of the custom alert. + :vartype display_name: str + :ivar description: The description of the custom alert. :vartype description: str - :ivar count: Number of alerts occurrences within the aggregated time window. - :vartype count: long - :ivar effected_resource_type: Azure resource ID of the resource that received the alerts. - :vartype effected_resource_type: str - :ivar system_source: The type of the alerted resource (Azure, Non-Azure). - :vartype system_source: str - :ivar action_taken: IoT Security solution alert response. - :vartype action_taken: str - :ivar log_analytics_query: Log analytics query for getting the list of affected devices/alerts. - :vartype log_analytics_query: str - :ivar top_devices_list: 10 devices with the highest number of occurrences of this alert type, - on this day. - :vartype top_devices_list: - list[~azure.mgmt.security.models.IoTSecurityAggregatedAlertPropertiesTopDevicesListItem] + :param is_enabled: Required. Status of the custom alert. + :type is_enabled: bool + :param rule_type: Required. The type of the custom alert rule.Constant filled by server. + :type rule_type: str + :param min_threshold: Required. The minimum threshold. + :type min_threshold: int + :param max_threshold: Required. The maximum threshold. + :type max_threshold: int + :param time_window_size: Required. The time window size in iso8601 format. + :type time_window_size: ~datetime.timedelta """ _validation = { - 'id': {'readonly': True}, - 'name': {'readonly': True}, - 'type': {'readonly': True}, - 'alert_type': {'readonly': True}, - 'alert_display_name': {'readonly': True}, - 'aggregated_date_utc': {'readonly': True}, - 'vendor_name': {'readonly': True}, - 'reported_severity': {'readonly': True}, - 'remediation_steps': {'readonly': True}, + 'display_name': {'readonly': True}, 'description': {'readonly': True}, - 'count': {'readonly': True}, - 'effected_resource_type': {'readonly': True}, - 'system_source': {'readonly': True}, - 'action_taken': {'readonly': True}, - 'log_analytics_query': {'readonly': True}, - 'top_devices_list': {'readonly': True}, + 'is_enabled': {'required': True}, + 'rule_type': {'required': True}, + 'min_threshold': {'required': True}, + 'max_threshold': {'required': True}, + 'time_window_size': {'required': True}, } _attribute_map = { - 'tags': {'key': 'tags', 'type': '{str}'}, - 'id': {'key': 'id', 'type': 'str'}, - 'name': {'key': 'name', 'type': 'str'}, - 'type': {'key': 'type', 'type': 'str'}, - 'alert_type': {'key': 'properties.alertType', 'type': 'str'}, - 'alert_display_name': {'key': 'properties.alertDisplayName', 'type': 'str'}, - 'aggregated_date_utc': {'key': 'properties.aggregatedDateUtc', 'type': 'date'}, - 'vendor_name': {'key': 'properties.vendorName', 'type': 'str'}, - 'reported_severity': {'key': 'properties.reportedSeverity', 'type': 'str'}, - 'remediation_steps': {'key': 'properties.remediationSteps', 'type': 'str'}, - 'description': {'key': 'properties.description', 'type': 'str'}, - 'count': {'key': 'properties.count', 'type': 'long'}, - 'effected_resource_type': {'key': 'properties.effectedResourceType', 'type': 'str'}, - 'system_source': {'key': 'properties.systemSource', 'type': 'str'}, - 'action_taken': {'key': 'properties.actionTaken', 'type': 'str'}, - 'log_analytics_query': {'key': 'properties.logAnalyticsQuery', 'type': 'str'}, - 'top_devices_list': {'key': 'properties.topDevicesList', 'type': '[IoTSecurityAggregatedAlertPropertiesTopDevicesListItem]'}, + 'display_name': {'key': 'displayName', 'type': 'str'}, + 'description': {'key': 'description', 'type': 'str'}, + 'is_enabled': {'key': 'isEnabled', 'type': 'bool'}, + 'rule_type': {'key': 'ruleType', 'type': 'str'}, + 'min_threshold': {'key': 'minThreshold', 'type': 'int'}, + 'max_threshold': {'key': 'maxThreshold', 'type': 'int'}, + 'time_window_size': {'key': 'timeWindowSize', 'type': 'duration'}, } def __init__( self, **kwargs ): - super(IoTSecurityAggregatedAlert, self).__init__(**kwargs) - self.tags = kwargs.get('tags', None) - self.alert_type = None - self.alert_display_name = None - self.aggregated_date_utc = None - self.vendor_name = None - self.reported_severity = None - self.remediation_steps = None - self.description = None - self.count = None - self.effected_resource_type = None - self.system_source = None - self.action_taken = None - self.log_analytics_query = None - self.top_devices_list = None - self.id = None - self.name = None - self.type = None - self.alert_type = None - self.alert_display_name = None - self.aggregated_date_utc = None - self.vendor_name = None - self.reported_severity = None - self.remediation_steps = None - self.description = None - self.count = None - self.effected_resource_type = None - self.system_source = None - self.action_taken = None - self.log_analytics_query = None - self.top_devices_list = None + super(HttpD2CMessagesNotInAllowedRange, self).__init__(**kwargs) + self.rule_type = 'HttpD2CMessagesNotInAllowedRange' # type: str -class IoTSecurityAggregatedAlertList(msrest.serialization.Model): - """List of IoT Security solution aggregated alert data. +class HybridComputeSettingsProperties(msrest.serialization.Model): + """Settings for hybrid compute management. Variables are only populated by the server, and will be ignored when sending a request. All required parameters must be populated in order to send to Azure. - :param value: Required. List of aggregated alerts data. - :type value: list[~azure.mgmt.security.models.IoTSecurityAggregatedAlert] - :ivar next_link: When there is too much alert data for one page, use this URI to fetch the next - page. - :vartype next_link: str + :ivar hybrid_compute_provisioning_state: State of the service principal and its secret. + Possible values include: "Valid", "Invalid", "Expired". + :vartype hybrid_compute_provisioning_state: str or + ~azure.mgmt.security.models.HybridComputeProvisioningState + :param auto_provision: Required. Whether or not to automatically install Azure Arc (hybrid + compute) agents on machines. Possible values include: "On", "Off". + :type auto_provision: str or ~azure.mgmt.security.models.AutoProvision + :param resource_group_name: The name of the resource group where Arc (Hybrid Compute) + connectors are connected. + :type resource_group_name: str + :param region: The location where the metadata of machines will be stored. + :type region: str + :param proxy_server: For a non-Azure machine that is not connected directly to the internet, + specify a proxy server that the non-Azure machine can use. + :type proxy_server: ~azure.mgmt.security.models.ProxyServerProperties + :param service_principal: An object to access resources that are secured by an Azure AD tenant. + :type service_principal: ~azure.mgmt.security.models.ServicePrincipalProperties """ _validation = { - 'value': {'required': True}, - 'next_link': {'readonly': True}, + 'hybrid_compute_provisioning_state': {'readonly': True}, + 'auto_provision': {'required': True}, } _attribute_map = { - 'value': {'key': 'value', 'type': '[IoTSecurityAggregatedAlert]'}, - 'next_link': {'key': 'nextLink', 'type': 'str'}, + 'hybrid_compute_provisioning_state': {'key': 'hybridComputeProvisioningState', 'type': 'str'}, + 'auto_provision': {'key': 'autoProvision', 'type': 'str'}, + 'resource_group_name': {'key': 'resourceGroupName', 'type': 'str'}, + 'region': {'key': 'region', 'type': 'str'}, + 'proxy_server': {'key': 'proxyServer', 'type': 'ProxyServerProperties'}, + 'service_principal': {'key': 'servicePrincipal', 'type': 'ServicePrincipalProperties'}, } def __init__( self, **kwargs ): - super(IoTSecurityAggregatedAlertList, self).__init__(**kwargs) - self.value = kwargs['value'] - self.next_link = None - + super(HybridComputeSettingsProperties, self).__init__(**kwargs) + self.hybrid_compute_provisioning_state = None + self.auto_provision = kwargs['auto_provision'] + self.resource_group_name = kwargs.get('resource_group_name', None) + self.region = kwargs.get('region', None) + self.proxy_server = kwargs.get('proxy_server', None) + self.service_principal = kwargs.get('service_principal', None) -class IoTSecurityAggregatedAlertPropertiesTopDevicesListItem(msrest.serialization.Model): - """IoTSecurityAggregatedAlertPropertiesTopDevicesListItem. - Variables are only populated by the server, and will be ignored when sending a request. +class InformationProtectionKeyword(msrest.serialization.Model): + """The information type keyword. - :ivar device_id: Name of the device. - :vartype device_id: str - :ivar alerts_count: Number of alerts raised for this device. - :vartype alerts_count: long - :ivar last_occurrence: Most recent time this alert was raised for this device, on this day. - :vartype last_occurrence: str + :param pattern: The keyword pattern. + :type pattern: str + :param custom: Indicates whether the keyword is custom or not. + :type custom: bool + :param can_be_numeric: Indicates whether the keyword can be applied on numeric types or not. + :type can_be_numeric: bool + :param excluded: Indicates whether the keyword is excluded or not. + :type excluded: bool """ - _validation = { - 'device_id': {'readonly': True}, - 'alerts_count': {'readonly': True}, - 'last_occurrence': {'readonly': True}, - } - _attribute_map = { - 'device_id': {'key': 'deviceId', 'type': 'str'}, - 'alerts_count': {'key': 'alertsCount', 'type': 'long'}, - 'last_occurrence': {'key': 'lastOccurrence', 'type': 'str'}, + 'pattern': {'key': 'pattern', 'type': 'str'}, + 'custom': {'key': 'custom', 'type': 'bool'}, + 'can_be_numeric': {'key': 'canBeNumeric', 'type': 'bool'}, + 'excluded': {'key': 'excluded', 'type': 'bool'}, } def __init__( self, **kwargs ): - super(IoTSecurityAggregatedAlertPropertiesTopDevicesListItem, self).__init__(**kwargs) - self.device_id = None - self.alerts_count = None - self.last_occurrence = None + super(InformationProtectionKeyword, self).__init__(**kwargs) + self.pattern = kwargs.get('pattern', None) + self.custom = kwargs.get('custom', None) + self.can_be_numeric = kwargs.get('can_be_numeric', None) + self.excluded = kwargs.get('excluded', None) -class IoTSecurityAggregatedRecommendation(Resource, TagsResource): - """IoT Security solution recommendation information. +class InformationProtectionPolicy(Resource): + """Information protection policy. Variables are only populated by the server, and will be ignored when sending a request. - :param tags: A set of tags. Resource tags. - :type tags: dict[str, str] :ivar id: Resource Id. :vartype id: str :ivar name: Resource name. :vartype name: str :ivar type: Resource type. :vartype type: str - :param recommendation_name: Name of the recommendation. - :type recommendation_name: str - :ivar recommendation_display_name: Display name of the recommendation type. - :vartype recommendation_display_name: str - :ivar description: Description of the suspected vulnerability and meaning. - :vartype description: str - :ivar recommendation_type_id: Recommendation-type GUID. - :vartype recommendation_type_id: str - :ivar detected_by: Name of the organization that made the recommendation. - :vartype detected_by: str - :ivar remediation_steps: Recommended steps for remediation. - :vartype remediation_steps: str - :ivar reported_severity: Assessed recommendation severity. Possible values include: - "Informational", "Low", "Medium", "High". - :vartype reported_severity: str or ~azure.mgmt.security.models.ReportedSeverity - :ivar healthy_devices: Number of healthy devices within the IoT Security solution. - :vartype healthy_devices: long - :ivar unhealthy_device_count: Number of unhealthy devices within the IoT Security solution. - :vartype unhealthy_device_count: long - :ivar log_analytics_query: Log analytics query for getting the list of affected devices/alerts. - :vartype log_analytics_query: str + :ivar last_modified_utc: Describes the last UTC time the policy was modified. + :vartype last_modified_utc: ~datetime.datetime + :ivar version: Describes the version of the policy. + :vartype version: str + :param labels: Dictionary of sensitivity labels. + :type labels: dict[str, ~azure.mgmt.security.models.SensitivityLabel] + :param information_types: The sensitivity information types. + :type information_types: dict[str, ~azure.mgmt.security.models.InformationType] """ _validation = { 'id': {'readonly': True}, 'name': {'readonly': True}, 'type': {'readonly': True}, - 'recommendation_display_name': {'readonly': True}, - 'description': {'readonly': True}, - 'recommendation_type_id': {'readonly': True}, - 'detected_by': {'readonly': True}, - 'remediation_steps': {'readonly': True}, - 'reported_severity': {'readonly': True}, - 'healthy_devices': {'readonly': True}, - 'unhealthy_device_count': {'readonly': True}, - 'log_analytics_query': {'readonly': True}, + 'last_modified_utc': {'readonly': True}, + 'version': {'readonly': True}, } _attribute_map = { - 'tags': {'key': 'tags', 'type': '{str}'}, 'id': {'key': 'id', 'type': 'str'}, 'name': {'key': 'name', 'type': 'str'}, 'type': {'key': 'type', 'type': 'str'}, - 'recommendation_name': {'key': 'properties.recommendationName', 'type': 'str'}, - 'recommendation_display_name': {'key': 'properties.recommendationDisplayName', 'type': 'str'}, - 'description': {'key': 'properties.description', 'type': 'str'}, - 'recommendation_type_id': {'key': 'properties.recommendationTypeId', 'type': 'str'}, - 'detected_by': {'key': 'properties.detectedBy', 'type': 'str'}, - 'remediation_steps': {'key': 'properties.remediationSteps', 'type': 'str'}, - 'reported_severity': {'key': 'properties.reportedSeverity', 'type': 'str'}, - 'healthy_devices': {'key': 'properties.healthyDevices', 'type': 'long'}, - 'unhealthy_device_count': {'key': 'properties.unhealthyDeviceCount', 'type': 'long'}, - 'log_analytics_query': {'key': 'properties.logAnalyticsQuery', 'type': 'str'}, + 'last_modified_utc': {'key': 'properties.lastModifiedUtc', 'type': 'iso-8601'}, + 'version': {'key': 'properties.version', 'type': 'str'}, + 'labels': {'key': 'properties.labels', 'type': '{SensitivityLabel}'}, + 'information_types': {'key': 'properties.informationTypes', 'type': '{InformationType}'}, } def __init__( self, **kwargs ): - super(IoTSecurityAggregatedRecommendation, self).__init__(**kwargs) - self.tags = kwargs.get('tags', None) - self.recommendation_name = kwargs.get('recommendation_name', None) - self.recommendation_display_name = None - self.description = None - self.recommendation_type_id = None - self.detected_by = None - self.remediation_steps = None - self.reported_severity = None - self.healthy_devices = None - self.unhealthy_device_count = None - self.log_analytics_query = None - self.id = None - self.name = None - self.type = None - self.recommendation_name = kwargs.get('recommendation_name', None) - self.recommendation_display_name = None - self.description = None - self.recommendation_type_id = None - self.detected_by = None - self.remediation_steps = None - self.reported_severity = None - self.healthy_devices = None - self.unhealthy_device_count = None - self.log_analytics_query = None + super(InformationProtectionPolicy, self).__init__(**kwargs) + self.last_modified_utc = None + self.version = None + self.labels = kwargs.get('labels', None) + self.information_types = kwargs.get('information_types', None) -class IoTSecurityAggregatedRecommendationList(msrest.serialization.Model): - """List of IoT Security solution aggregated recommendations. +class InformationProtectionPolicyList(msrest.serialization.Model): + """Information protection policies response. Variables are only populated by the server, and will be ignored when sending a request. - All required parameters must be populated in order to send to Azure. - - :param value: Required. List of aggregated recommendations data. - :type value: list[~azure.mgmt.security.models.IoTSecurityAggregatedRecommendation] - :ivar next_link: When there is too much alert data for one page, use this URI to fetch the next - page. + :param value: List of information protection policies. + :type value: list[~azure.mgmt.security.models.InformationProtectionPolicy] + :ivar next_link: The URI to fetch the next page. :vartype next_link: str """ _validation = { - 'value': {'required': True}, 'next_link': {'readonly': True}, } _attribute_map = { - 'value': {'key': 'value', 'type': '[IoTSecurityAggregatedRecommendation]'}, + 'value': {'key': 'value', 'type': '[InformationProtectionPolicy]'}, 'next_link': {'key': 'nextLink', 'type': 'str'}, } @@ -4977,115 +5123,87 @@ def __init__( self, **kwargs ): - super(IoTSecurityAggregatedRecommendationList, self).__init__(**kwargs) - self.value = kwargs['value'] + super(InformationProtectionPolicyList, self).__init__(**kwargs) + self.value = kwargs.get('value', None) self.next_link = None -class IoTSecurityAlertedDevice(msrest.serialization.Model): - """Statistical information about the number of alerts per device during last set number of days. - - Variables are only populated by the server, and will be ignored when sending a request. - - :ivar device_id: Device identifier. - :vartype device_id: str - :ivar alerts_count: Number of alerts raised for this device. - :vartype alerts_count: long - """ - - _validation = { - 'device_id': {'readonly': True}, - 'alerts_count': {'readonly': True}, - } - - _attribute_map = { - 'device_id': {'key': 'deviceId', 'type': 'str'}, - 'alerts_count': {'key': 'alertsCount', 'type': 'long'}, - } - - def __init__( - self, - **kwargs - ): - super(IoTSecurityAlertedDevice, self).__init__(**kwargs) - self.device_id = None - self.alerts_count = None - - -class IoTSecurityDeviceAlert(msrest.serialization.Model): - """Statistical information about the number of alerts per alert type during last set number of days. - - Variables are only populated by the server, and will be ignored when sending a request. +class InformationType(msrest.serialization.Model): + """The information type. - :ivar alert_display_name: Display name of the alert. - :vartype alert_display_name: str - :ivar reported_severity: Assessed Alert severity. Possible values include: "Informational", - "Low", "Medium", "High". - :vartype reported_severity: str or ~azure.mgmt.security.models.ReportedSeverity - :ivar alerts_count: Number of alerts raised for this alert type. - :vartype alerts_count: long + :param display_name: The name of the information type. + :type display_name: str + :param description: The description of the information type. + :type description: str + :param order: The order of the information type. + :type order: int + :param recommended_label_id: The recommended label id to be associated with this information + type. + :type recommended_label_id: str + :param enabled: Indicates whether the information type is enabled or not. + :type enabled: bool + :param custom: Indicates whether the information type is custom or not. + :type custom: bool + :param keywords: The information type keywords. + :type keywords: list[~azure.mgmt.security.models.InformationProtectionKeyword] """ - _validation = { - 'alert_display_name': {'readonly': True}, - 'reported_severity': {'readonly': True}, - 'alerts_count': {'readonly': True}, - } - _attribute_map = { - 'alert_display_name': {'key': 'alertDisplayName', 'type': 'str'}, - 'reported_severity': {'key': 'reportedSeverity', 'type': 'str'}, - 'alerts_count': {'key': 'alertsCount', 'type': 'long'}, + 'display_name': {'key': 'displayName', 'type': 'str'}, + 'description': {'key': 'description', 'type': 'str'}, + 'order': {'key': 'order', 'type': 'int'}, + 'recommended_label_id': {'key': 'recommendedLabelId', 'type': 'str'}, + 'enabled': {'key': 'enabled', 'type': 'bool'}, + 'custom': {'key': 'custom', 'type': 'bool'}, + 'keywords': {'key': 'keywords', 'type': '[InformationProtectionKeyword]'}, } def __init__( self, **kwargs ): - super(IoTSecurityDeviceAlert, self).__init__(**kwargs) - self.alert_display_name = None - self.reported_severity = None - self.alerts_count = None + super(InformationType, self).__init__(**kwargs) + self.display_name = kwargs.get('display_name', None) + self.description = kwargs.get('description', None) + self.order = kwargs.get('order', None) + self.recommended_label_id = kwargs.get('recommended_label_id', None) + self.enabled = kwargs.get('enabled', None) + self.custom = kwargs.get('custom', None) + self.keywords = kwargs.get('keywords', None) -class IoTSecurityDeviceRecommendation(msrest.serialization.Model): - """Statistical information about the number of recommendations per device, per recommendation type. +class IngestionConnectionString(msrest.serialization.Model): + """Connection string for ingesting security data and logs. Variables are only populated by the server, and will be ignored when sending a request. - :ivar recommendation_display_name: Display name of the recommendation. - :vartype recommendation_display_name: str - :ivar reported_severity: Assessed recommendation severity. Possible values include: - "Informational", "Low", "Medium", "High". - :vartype reported_severity: str or ~azure.mgmt.security.models.ReportedSeverity - :ivar devices_count: Number of devices with this recommendation. - :vartype devices_count: long + :ivar location: The region where ingested logs and data resides. + :vartype location: str + :ivar value: Connection string value. + :vartype value: str """ _validation = { - 'recommendation_display_name': {'readonly': True}, - 'reported_severity': {'readonly': True}, - 'devices_count': {'readonly': True}, + 'location': {'readonly': True}, + 'value': {'readonly': True}, } _attribute_map = { - 'recommendation_display_name': {'key': 'recommendationDisplayName', 'type': 'str'}, - 'reported_severity': {'key': 'reportedSeverity', 'type': 'str'}, - 'devices_count': {'key': 'devicesCount', 'type': 'long'}, + 'location': {'key': 'location', 'type': 'str'}, + 'value': {'key': 'value', 'type': 'str'}, } def __init__( self, **kwargs ): - super(IoTSecurityDeviceRecommendation, self).__init__(**kwargs) - self.recommendation_display_name = None - self.reported_severity = None - self.devices_count = None + super(IngestionConnectionString, self).__init__(**kwargs) + self.location = None + self.value = None -class IoTSecuritySolutionAnalyticsModel(Resource): - """Security analytics of your IoT Security solution. +class IngestionSetting(Resource): + """Configures how to correlate scan data and logs with resources associated with the subscription. Variables are only populated by the server, and will be ignored when sending a request. @@ -5095,78 +5213,49 @@ class IoTSecuritySolutionAnalyticsModel(Resource): :vartype name: str :ivar type: Resource type. :vartype type: str - :ivar metrics: Security analytics of your IoT Security solution. - :vartype metrics: ~azure.mgmt.security.models.IoTSeverityMetrics - :ivar unhealthy_device_count: Number of unhealthy devices within your IoT Security solution. - :vartype unhealthy_device_count: long - :ivar devices_metrics: List of device metrics by the aggregation date. - :vartype devices_metrics: - list[~azure.mgmt.security.models.IoTSecuritySolutionAnalyticsModelPropertiesDevicesMetricsItem] - :param top_alerted_devices: List of the 3 devices with the most alerts. - :type top_alerted_devices: list[~azure.mgmt.security.models.IoTSecurityAlertedDevice] - :param most_prevalent_device_alerts: List of the 3 most prevalent device alerts. - :type most_prevalent_device_alerts: list[~azure.mgmt.security.models.IoTSecurityDeviceAlert] - :param most_prevalent_device_recommendations: List of the 3 most prevalent device - recommendations. - :type most_prevalent_device_recommendations: - list[~azure.mgmt.security.models.IoTSecurityDeviceRecommendation] + :param properties: Ingestion setting data. + :type properties: any """ _validation = { 'id': {'readonly': True}, 'name': {'readonly': True}, 'type': {'readonly': True}, - 'metrics': {'readonly': True}, - 'unhealthy_device_count': {'readonly': True}, - 'devices_metrics': {'readonly': True}, } _attribute_map = { 'id': {'key': 'id', 'type': 'str'}, 'name': {'key': 'name', 'type': 'str'}, 'type': {'key': 'type', 'type': 'str'}, - 'metrics': {'key': 'properties.metrics', 'type': 'IoTSeverityMetrics'}, - 'unhealthy_device_count': {'key': 'properties.unhealthyDeviceCount', 'type': 'long'}, - 'devices_metrics': {'key': 'properties.devicesMetrics', 'type': '[IoTSecuritySolutionAnalyticsModelPropertiesDevicesMetricsItem]'}, - 'top_alerted_devices': {'key': 'properties.topAlertedDevices', 'type': '[IoTSecurityAlertedDevice]'}, - 'most_prevalent_device_alerts': {'key': 'properties.mostPrevalentDeviceAlerts', 'type': '[IoTSecurityDeviceAlert]'}, - 'most_prevalent_device_recommendations': {'key': 'properties.mostPrevalentDeviceRecommendations', 'type': '[IoTSecurityDeviceRecommendation]'}, + 'properties': {'key': 'properties', 'type': 'object'}, } def __init__( self, **kwargs ): - super(IoTSecuritySolutionAnalyticsModel, self).__init__(**kwargs) - self.metrics = None - self.unhealthy_device_count = None - self.devices_metrics = None - self.top_alerted_devices = kwargs.get('top_alerted_devices', None) - self.most_prevalent_device_alerts = kwargs.get('most_prevalent_device_alerts', None) - self.most_prevalent_device_recommendations = kwargs.get('most_prevalent_device_recommendations', None) + super(IngestionSetting, self).__init__(**kwargs) + self.properties = kwargs.get('properties', None) -class IoTSecuritySolutionAnalyticsModelList(msrest.serialization.Model): - """List of Security analytics of your IoT Security solution. +class IngestionSettingList(msrest.serialization.Model): + """List of ingestion settings. Variables are only populated by the server, and will be ignored when sending a request. - All required parameters must be populated in order to send to Azure. - - :param value: Required. List of Security analytics of your IoT Security solution. - :type value: list[~azure.mgmt.security.models.IoTSecuritySolutionAnalyticsModel] - :ivar next_link: When there is too much alert data for one page, use this URI to fetch the next - page. + :ivar value: List of ingestion settings. + :vartype value: list[~azure.mgmt.security.models.IngestionSetting] + :ivar next_link: The URI to fetch the next page. :vartype next_link: str """ _validation = { - 'value': {'required': True}, + 'value': {'readonly': True}, 'next_link': {'readonly': True}, } _attribute_map = { - 'value': {'key': 'value', 'type': '[IoTSecuritySolutionAnalyticsModel]'}, + 'value': {'key': 'value', 'type': '[IngestionSetting]'}, 'next_link': {'key': 'nextLink', 'type': 'str'}, } @@ -5174,36 +5263,58 @@ def __init__( self, **kwargs ): - super(IoTSecuritySolutionAnalyticsModelList, self).__init__(**kwargs) - self.value = kwargs['value'] + super(IngestionSettingList, self).__init__(**kwargs) + self.value = None self.next_link = None -class IoTSecuritySolutionAnalyticsModelPropertiesDevicesMetricsItem(msrest.serialization.Model): - """IoTSecuritySolutionAnalyticsModelPropertiesDevicesMetricsItem. +class IngestionSettingToken(msrest.serialization.Model): + """Configures how to correlate scan data and logs with resources associated with the subscription. - :param date: Aggregation of IoT Security solution device alert metrics by date. - :type date: ~datetime.datetime - :param devices_metrics: Device alert count by severity. - :type devices_metrics: ~azure.mgmt.security.models.IoTSeverityMetrics + Variables are only populated by the server, and will be ignored when sending a request. + + :ivar token: The token is used for correlating security data and logs with the resources in the + subscription. + :vartype token: str """ - _attribute_map = { - 'date': {'key': 'date', 'type': 'iso-8601'}, - 'devices_metrics': {'key': 'devicesMetrics', 'type': 'IoTSeverityMetrics'}, + _validation = { + 'token': {'readonly': True}, + } + + _attribute_map = { + 'token': {'key': 'token', 'type': 'str'}, } def __init__( self, **kwargs ): - super(IoTSecuritySolutionAnalyticsModelPropertiesDevicesMetricsItem, self).__init__(**kwargs) - self.date = kwargs.get('date', None) - self.devices_metrics = kwargs.get('devices_metrics', None) + super(IngestionSettingToken, self).__init__(**kwargs) + self.token = None -class IoTSecuritySolutionModel(Resource, TagsResource): - """IoT Security solution configuration and resource information. +class TagsResource(msrest.serialization.Model): + """A container holding only the Tags for a resource, allowing the user to update the tags. + + :param tags: A set of tags. Resource tags. + :type tags: dict[str, str] + """ + + _attribute_map = { + 'tags': {'key': 'tags', 'type': '{str}'}, + } + + def __init__( + self, + **kwargs + ): + super(TagsResource, self).__init__(**kwargs) + self.tags = kwargs.get('tags', None) + + +class IoTSecurityAggregatedAlert(Resource, TagsResource): + """Security Solution Aggregated Alert information. Variables are only populated by the server, and will be ignored when sending a request. @@ -5215,48 +5326,54 @@ class IoTSecuritySolutionModel(Resource, TagsResource): :vartype name: str :ivar type: Resource type. :vartype type: str - :param location: The resource location. - :type location: str - :ivar system_data: Azure Resource Manager metadata containing createdBy and modifiedBy - information. - :vartype system_data: ~azure.mgmt.security.models.SystemData - :param workspace: Workspace resource ID. - :type workspace: str - :param display_name: Resource display name. - :type display_name: str - :param status: Status of the IoT Security solution. Possible values include: "Enabled", - "Disabled". Default value: "Enabled". - :type status: str or ~azure.mgmt.security.models.SecuritySolutionStatus - :param export: List of additional options for exporting to workspace data. - :type export: list[str or ~azure.mgmt.security.models.ExportData] - :param disabled_data_sources: Disabled data sources. Disabling these data sources compromises - the system. - :type disabled_data_sources: list[str or ~azure.mgmt.security.models.DataSource] - :param iot_hubs: IoT Hub resource IDs. - :type iot_hubs: list[str] - :param user_defined_resources: Properties of the IoT Security solution's user defined - resources. - :type user_defined_resources: ~azure.mgmt.security.models.UserDefinedResourcesProperties - :ivar auto_discovered_resources: List of resources that were automatically discovered as - relevant to the security solution. - :vartype auto_discovered_resources: list[str] - :param recommendations_configuration: List of the configuration status for each recommendation - type. - :type recommendations_configuration: - list[~azure.mgmt.security.models.RecommendationConfigurationProperties] - :param unmasked_ip_logging_status: Unmasked IP address logging status. Possible values include: - "Disabled", "Enabled". Default value: "Disabled". - :type unmasked_ip_logging_status: str or ~azure.mgmt.security.models.UnmaskedIpLoggingStatus - :param additional_workspaces: List of additional workspaces. - :type additional_workspaces: list[~azure.mgmt.security.models.AdditionalWorkspacesProperties] + :ivar alert_type: Name of the alert type. + :vartype alert_type: str + :ivar alert_display_name: Display name of the alert type. + :vartype alert_display_name: str + :ivar aggregated_date_utc: Date of detection. + :vartype aggregated_date_utc: ~datetime.date + :ivar vendor_name: Name of the organization that raised the alert. + :vartype vendor_name: str + :ivar reported_severity: Assessed alert severity. Possible values include: "Informational", + "Low", "Medium", "High". + :vartype reported_severity: str or ~azure.mgmt.security.models.ReportedSeverity + :ivar remediation_steps: Recommended steps for remediation. + :vartype remediation_steps: str + :ivar description: Description of the suspected vulnerability and meaning. + :vartype description: str + :ivar count: Number of alerts occurrences within the aggregated time window. + :vartype count: long + :ivar effected_resource_type: Azure resource ID of the resource that received the alerts. + :vartype effected_resource_type: str + :ivar system_source: The type of the alerted resource (Azure, Non-Azure). + :vartype system_source: str + :ivar action_taken: IoT Security solution alert response. + :vartype action_taken: str + :ivar log_analytics_query: Log analytics query for getting the list of affected devices/alerts. + :vartype log_analytics_query: str + :ivar top_devices_list: 10 devices with the highest number of occurrences of this alert type, + on this day. + :vartype top_devices_list: + list[~azure.mgmt.security.models.IoTSecurityAggregatedAlertPropertiesTopDevicesListItem] """ _validation = { 'id': {'readonly': True}, 'name': {'readonly': True}, 'type': {'readonly': True}, - 'system_data': {'readonly': True}, - 'auto_discovered_resources': {'readonly': True}, + 'alert_type': {'readonly': True}, + 'alert_display_name': {'readonly': True}, + 'aggregated_date_utc': {'readonly': True}, + 'vendor_name': {'readonly': True}, + 'reported_severity': {'readonly': True}, + 'remediation_steps': {'readonly': True}, + 'description': {'readonly': True}, + 'count': {'readonly': True}, + 'effected_resource_type': {'readonly': True}, + 'system_source': {'readonly': True}, + 'action_taken': {'readonly': True}, + 'log_analytics_query': {'readonly': True}, + 'top_devices_list': {'readonly': True}, } _attribute_map = { @@ -5264,68 +5381,69 @@ class IoTSecuritySolutionModel(Resource, TagsResource): 'id': {'key': 'id', 'type': 'str'}, 'name': {'key': 'name', 'type': 'str'}, 'type': {'key': 'type', 'type': 'str'}, - 'location': {'key': 'location', 'type': 'str'}, - 'system_data': {'key': 'systemData', 'type': 'SystemData'}, - 'workspace': {'key': 'properties.workspace', 'type': 'str'}, - 'display_name': {'key': 'properties.displayName', 'type': 'str'}, - 'status': {'key': 'properties.status', 'type': 'str'}, - 'export': {'key': 'properties.export', 'type': '[str]'}, - 'disabled_data_sources': {'key': 'properties.disabledDataSources', 'type': '[str]'}, - 'iot_hubs': {'key': 'properties.iotHubs', 'type': '[str]'}, - 'user_defined_resources': {'key': 'properties.userDefinedResources', 'type': 'UserDefinedResourcesProperties'}, - 'auto_discovered_resources': {'key': 'properties.autoDiscoveredResources', 'type': '[str]'}, - 'recommendations_configuration': {'key': 'properties.recommendationsConfiguration', 'type': '[RecommendationConfigurationProperties]'}, - 'unmasked_ip_logging_status': {'key': 'properties.unmaskedIpLoggingStatus', 'type': 'str'}, - 'additional_workspaces': {'key': 'properties.additionalWorkspaces', 'type': '[AdditionalWorkspacesProperties]'}, + 'alert_type': {'key': 'properties.alertType', 'type': 'str'}, + 'alert_display_name': {'key': 'properties.alertDisplayName', 'type': 'str'}, + 'aggregated_date_utc': {'key': 'properties.aggregatedDateUtc', 'type': 'date'}, + 'vendor_name': {'key': 'properties.vendorName', 'type': 'str'}, + 'reported_severity': {'key': 'properties.reportedSeverity', 'type': 'str'}, + 'remediation_steps': {'key': 'properties.remediationSteps', 'type': 'str'}, + 'description': {'key': 'properties.description', 'type': 'str'}, + 'count': {'key': 'properties.count', 'type': 'long'}, + 'effected_resource_type': {'key': 'properties.effectedResourceType', 'type': 'str'}, + 'system_source': {'key': 'properties.systemSource', 'type': 'str'}, + 'action_taken': {'key': 'properties.actionTaken', 'type': 'str'}, + 'log_analytics_query': {'key': 'properties.logAnalyticsQuery', 'type': 'str'}, + 'top_devices_list': {'key': 'properties.topDevicesList', 'type': '[IoTSecurityAggregatedAlertPropertiesTopDevicesListItem]'}, } def __init__( self, **kwargs ): - super(IoTSecuritySolutionModel, self).__init__(**kwargs) + super(IoTSecurityAggregatedAlert, self).__init__(**kwargs) self.tags = kwargs.get('tags', None) - self.location = kwargs.get('location', None) - self.system_data = None - self.workspace = kwargs.get('workspace', None) - self.display_name = kwargs.get('display_name', None) - self.status = kwargs.get('status', "Enabled") - self.export = kwargs.get('export', None) - self.disabled_data_sources = kwargs.get('disabled_data_sources', None) - self.iot_hubs = kwargs.get('iot_hubs', None) - self.user_defined_resources = kwargs.get('user_defined_resources', None) - self.auto_discovered_resources = None - self.recommendations_configuration = kwargs.get('recommendations_configuration', None) - self.unmasked_ip_logging_status = kwargs.get('unmasked_ip_logging_status', "Disabled") - self.additional_workspaces = kwargs.get('additional_workspaces', None) + self.alert_type = None + self.alert_display_name = None + self.aggregated_date_utc = None + self.vendor_name = None + self.reported_severity = None + self.remediation_steps = None + self.description = None + self.count = None + self.effected_resource_type = None + self.system_source = None + self.action_taken = None + self.log_analytics_query = None + self.top_devices_list = None self.id = None self.name = None self.type = None - self.location = kwargs.get('location', None) - self.system_data = None - self.workspace = kwargs.get('workspace', None) - self.display_name = kwargs.get('display_name', None) - self.status = kwargs.get('status', "Enabled") - self.export = kwargs.get('export', None) - self.disabled_data_sources = kwargs.get('disabled_data_sources', None) - self.iot_hubs = kwargs.get('iot_hubs', None) - self.user_defined_resources = kwargs.get('user_defined_resources', None) - self.auto_discovered_resources = None - self.recommendations_configuration = kwargs.get('recommendations_configuration', None) - self.unmasked_ip_logging_status = kwargs.get('unmasked_ip_logging_status', "Disabled") - self.additional_workspaces = kwargs.get('additional_workspaces', None) + self.alert_type = None + self.alert_display_name = None + self.aggregated_date_utc = None + self.vendor_name = None + self.reported_severity = None + self.remediation_steps = None + self.description = None + self.count = None + self.effected_resource_type = None + self.system_source = None + self.action_taken = None + self.log_analytics_query = None + self.top_devices_list = None -class IoTSecuritySolutionsList(msrest.serialization.Model): - """List of IoT Security solutions. +class IoTSecurityAggregatedAlertList(msrest.serialization.Model): + """List of IoT Security solution aggregated alert data. Variables are only populated by the server, and will be ignored when sending a request. All required parameters must be populated in order to send to Azure. - :param value: Required. List of IoT Security solutions. - :type value: list[~azure.mgmt.security.models.IoTSecuritySolutionModel] - :ivar next_link: The URI to fetch the next page. + :param value: Required. List of aggregated alerts data. + :type value: list[~azure.mgmt.security.models.IoTSecurityAggregatedAlert] + :ivar next_link: When there is too much alert data for one page, use this URI to fetch the next + page. :vartype next_link: str """ @@ -5335,7 +5453,7 @@ class IoTSecuritySolutionsList(msrest.serialization.Model): } _attribute_map = { - 'value': {'key': 'value', 'type': '[IoTSecuritySolutionModel]'}, + 'value': {'key': 'value', 'type': '[IoTSecurityAggregatedAlert]'}, 'next_link': {'key': 'nextLink', 'type': 'str'}, } @@ -5343,1037 +5461,978 @@ def __init__( self, **kwargs ): - super(IoTSecuritySolutionsList, self).__init__(**kwargs) + super(IoTSecurityAggregatedAlertList, self).__init__(**kwargs) self.value = kwargs['value'] self.next_link = None -class IoTSeverityMetrics(msrest.serialization.Model): - """IoT Security solution analytics severity metrics. +class IoTSecurityAggregatedAlertPropertiesTopDevicesListItem(msrest.serialization.Model): + """IoTSecurityAggregatedAlertPropertiesTopDevicesListItem. - :param high: Count of high severity alerts/recommendations. - :type high: long - :param medium: Count of medium severity alerts/recommendations. - :type medium: long - :param low: Count of low severity alerts/recommendations. - :type low: long + Variables are only populated by the server, and will be ignored when sending a request. + + :ivar device_id: Name of the device. + :vartype device_id: str + :ivar alerts_count: Number of alerts raised for this device. + :vartype alerts_count: long + :ivar last_occurrence: Most recent time this alert was raised for this device, on this day. + :vartype last_occurrence: str """ + _validation = { + 'device_id': {'readonly': True}, + 'alerts_count': {'readonly': True}, + 'last_occurrence': {'readonly': True}, + } + _attribute_map = { - 'high': {'key': 'high', 'type': 'long'}, - 'medium': {'key': 'medium', 'type': 'long'}, - 'low': {'key': 'low', 'type': 'long'}, + 'device_id': {'key': 'deviceId', 'type': 'str'}, + 'alerts_count': {'key': 'alertsCount', 'type': 'long'}, + 'last_occurrence': {'key': 'lastOccurrence', 'type': 'str'}, } def __init__( self, **kwargs ): - super(IoTSeverityMetrics, self).__init__(**kwargs) - self.high = kwargs.get('high', None) - self.medium = kwargs.get('medium', None) - self.low = kwargs.get('low', None) + super(IoTSecurityAggregatedAlertPropertiesTopDevicesListItem, self).__init__(**kwargs) + self.device_id = None + self.alerts_count = None + self.last_occurrence = None -class JitNetworkAccessPoliciesList(msrest.serialization.Model): - """JitNetworkAccessPoliciesList. +class IoTSecurityAggregatedRecommendation(Resource, TagsResource): + """IoT Security solution recommendation information. Variables are only populated by the server, and will be ignored when sending a request. - :param value: - :type value: list[~azure.mgmt.security.models.JitNetworkAccessPolicy] - :ivar next_link: The URI to fetch the next page. - :vartype next_link: str - """ - - _validation = { - 'next_link': {'readonly': True}, - } - - _attribute_map = { - 'value': {'key': 'value', 'type': '[JitNetworkAccessPolicy]'}, - 'next_link': {'key': 'nextLink', 'type': 'str'}, - } - - def __init__( - self, - **kwargs - ): - super(JitNetworkAccessPoliciesList, self).__init__(**kwargs) - self.value = kwargs.get('value', None) - self.next_link = None - - -class JitNetworkAccessPolicy(Resource, Kind, Location): - """JitNetworkAccessPolicy. - - Variables are only populated by the server, and will be ignored when sending a request. - - All required parameters must be populated in order to send to Azure. - - :ivar location: Location where the resource is stored. - :vartype location: str - :param kind: Kind of the resource. - :type kind: str + :param tags: A set of tags. Resource tags. + :type tags: dict[str, str] :ivar id: Resource Id. :vartype id: str :ivar name: Resource name. :vartype name: str :ivar type: Resource type. :vartype type: str - :param virtual_machines: Required. Configurations for Microsoft.Compute/virtualMachines - resource type. - :type virtual_machines: list[~azure.mgmt.security.models.JitNetworkAccessPolicyVirtualMachine] - :param requests: - :type requests: list[~azure.mgmt.security.models.JitNetworkAccessRequest] - :ivar provisioning_state: Gets the provisioning state of the Just-in-Time policy. - :vartype provisioning_state: str + :param recommendation_name: Name of the recommendation. + :type recommendation_name: str + :ivar recommendation_display_name: Display name of the recommendation type. + :vartype recommendation_display_name: str + :ivar description: Description of the suspected vulnerability and meaning. + :vartype description: str + :ivar recommendation_type_id: Recommendation-type GUID. + :vartype recommendation_type_id: str + :ivar detected_by: Name of the organization that made the recommendation. + :vartype detected_by: str + :ivar remediation_steps: Recommended steps for remediation. + :vartype remediation_steps: str + :ivar reported_severity: Assessed recommendation severity. Possible values include: + "Informational", "Low", "Medium", "High". + :vartype reported_severity: str or ~azure.mgmt.security.models.ReportedSeverity + :ivar healthy_devices: Number of healthy devices within the IoT Security solution. + :vartype healthy_devices: long + :ivar unhealthy_device_count: Number of unhealthy devices within the IoT Security solution. + :vartype unhealthy_device_count: long + :ivar log_analytics_query: Log analytics query for getting the list of affected devices/alerts. + :vartype log_analytics_query: str """ _validation = { - 'location': {'readonly': True}, 'id': {'readonly': True}, 'name': {'readonly': True}, 'type': {'readonly': True}, - 'virtual_machines': {'required': True}, - 'provisioning_state': {'readonly': True}, + 'recommendation_display_name': {'readonly': True}, + 'description': {'readonly': True}, + 'recommendation_type_id': {'readonly': True}, + 'detected_by': {'readonly': True}, + 'remediation_steps': {'readonly': True}, + 'reported_severity': {'readonly': True}, + 'healthy_devices': {'readonly': True}, + 'unhealthy_device_count': {'readonly': True}, + 'log_analytics_query': {'readonly': True}, } _attribute_map = { - 'location': {'key': 'location', 'type': 'str'}, - 'kind': {'key': 'kind', 'type': 'str'}, + 'tags': {'key': 'tags', 'type': '{str}'}, 'id': {'key': 'id', 'type': 'str'}, 'name': {'key': 'name', 'type': 'str'}, 'type': {'key': 'type', 'type': 'str'}, - 'virtual_machines': {'key': 'properties.virtualMachines', 'type': '[JitNetworkAccessPolicyVirtualMachine]'}, - 'requests': {'key': 'properties.requests', 'type': '[JitNetworkAccessRequest]'}, - 'provisioning_state': {'key': 'properties.provisioningState', 'type': 'str'}, + 'recommendation_name': {'key': 'properties.recommendationName', 'type': 'str'}, + 'recommendation_display_name': {'key': 'properties.recommendationDisplayName', 'type': 'str'}, + 'description': {'key': 'properties.description', 'type': 'str'}, + 'recommendation_type_id': {'key': 'properties.recommendationTypeId', 'type': 'str'}, + 'detected_by': {'key': 'properties.detectedBy', 'type': 'str'}, + 'remediation_steps': {'key': 'properties.remediationSteps', 'type': 'str'}, + 'reported_severity': {'key': 'properties.reportedSeverity', 'type': 'str'}, + 'healthy_devices': {'key': 'properties.healthyDevices', 'type': 'long'}, + 'unhealthy_device_count': {'key': 'properties.unhealthyDeviceCount', 'type': 'long'}, + 'log_analytics_query': {'key': 'properties.logAnalyticsQuery', 'type': 'str'}, } def __init__( self, **kwargs ): - super(JitNetworkAccessPolicy, self).__init__(**kwargs) - self.location = None - self.kind = kwargs.get('kind', None) - self.virtual_machines = kwargs['virtual_machines'] - self.requests = kwargs.get('requests', None) - self.provisioning_state = None - self.location = None - self.id = None - self.name = None - self.type = None - self.virtual_machines = kwargs['virtual_machines'] - self.requests = kwargs.get('requests', None) - self.provisioning_state = None - self.kind = kwargs.get('kind', None) + super(IoTSecurityAggregatedRecommendation, self).__init__(**kwargs) + self.tags = kwargs.get('tags', None) + self.recommendation_name = kwargs.get('recommendation_name', None) + self.recommendation_display_name = None + self.description = None + self.recommendation_type_id = None + self.detected_by = None + self.remediation_steps = None + self.reported_severity = None + self.healthy_devices = None + self.unhealthy_device_count = None + self.log_analytics_query = None self.id = None self.name = None self.type = None - self.virtual_machines = kwargs['virtual_machines'] - self.requests = kwargs.get('requests', None) - self.provisioning_state = None + self.recommendation_name = kwargs.get('recommendation_name', None) + self.recommendation_display_name = None + self.description = None + self.recommendation_type_id = None + self.detected_by = None + self.remediation_steps = None + self.reported_severity = None + self.healthy_devices = None + self.unhealthy_device_count = None + self.log_analytics_query = None -class JitNetworkAccessPolicyInitiatePort(msrest.serialization.Model): - """JitNetworkAccessPolicyInitiatePort. +class IoTSecurityAggregatedRecommendationList(msrest.serialization.Model): + """List of IoT Security solution aggregated recommendations. + + Variables are only populated by the server, and will be ignored when sending a request. All required parameters must be populated in order to send to Azure. - :param number: Required. - :type number: int - :param allowed_source_address_prefix: Source of the allowed traffic. If omitted, the request - will be for the source IP address of the initiate request. - :type allowed_source_address_prefix: str - :param end_time_utc: Required. The time to close the request in UTC. - :type end_time_utc: ~datetime.datetime + :param value: Required. List of aggregated recommendations data. + :type value: list[~azure.mgmt.security.models.IoTSecurityAggregatedRecommendation] + :ivar next_link: When there is too much alert data for one page, use this URI to fetch the next + page. + :vartype next_link: str """ _validation = { - 'number': {'required': True, 'maximum': 65535, 'minimum': 0}, - 'end_time_utc': {'required': True}, + 'value': {'required': True}, + 'next_link': {'readonly': True}, } _attribute_map = { - 'number': {'key': 'number', 'type': 'int'}, - 'allowed_source_address_prefix': {'key': 'allowedSourceAddressPrefix', 'type': 'str'}, - 'end_time_utc': {'key': 'endTimeUtc', 'type': 'iso-8601'}, + 'value': {'key': 'value', 'type': '[IoTSecurityAggregatedRecommendation]'}, + 'next_link': {'key': 'nextLink', 'type': 'str'}, } def __init__( self, **kwargs ): - super(JitNetworkAccessPolicyInitiatePort, self).__init__(**kwargs) - self.number = kwargs['number'] - self.allowed_source_address_prefix = kwargs.get('allowed_source_address_prefix', None) - self.end_time_utc = kwargs['end_time_utc'] + super(IoTSecurityAggregatedRecommendationList, self).__init__(**kwargs) + self.value = kwargs['value'] + self.next_link = None -class JitNetworkAccessPolicyInitiateRequest(msrest.serialization.Model): - """JitNetworkAccessPolicyInitiateRequest. +class IoTSecurityAlertedDevice(msrest.serialization.Model): + """Statistical information about the number of alerts per device during last set number of days. - All required parameters must be populated in order to send to Azure. + Variables are only populated by the server, and will be ignored when sending a request. - :param virtual_machines: Required. A list of virtual machines & ports to open access for. - :type virtual_machines: - list[~azure.mgmt.security.models.JitNetworkAccessPolicyInitiateVirtualMachine] - :param justification: The justification for making the initiate request. - :type justification: str + :ivar device_id: Device identifier. + :vartype device_id: str + :ivar alerts_count: Number of alerts raised for this device. + :vartype alerts_count: long """ _validation = { - 'virtual_machines': {'required': True}, + 'device_id': {'readonly': True}, + 'alerts_count': {'readonly': True}, } _attribute_map = { - 'virtual_machines': {'key': 'virtualMachines', 'type': '[JitNetworkAccessPolicyInitiateVirtualMachine]'}, - 'justification': {'key': 'justification', 'type': 'str'}, + 'device_id': {'key': 'deviceId', 'type': 'str'}, + 'alerts_count': {'key': 'alertsCount', 'type': 'long'}, } def __init__( self, **kwargs ): - super(JitNetworkAccessPolicyInitiateRequest, self).__init__(**kwargs) - self.virtual_machines = kwargs['virtual_machines'] - self.justification = kwargs.get('justification', None) + super(IoTSecurityAlertedDevice, self).__init__(**kwargs) + self.device_id = None + self.alerts_count = None -class JitNetworkAccessPolicyInitiateVirtualMachine(msrest.serialization.Model): - """JitNetworkAccessPolicyInitiateVirtualMachine. +class IoTSecurityDeviceAlert(msrest.serialization.Model): + """Statistical information about the number of alerts per alert type during last set number of days. - All required parameters must be populated in order to send to Azure. + Variables are only populated by the server, and will be ignored when sending a request. - :param id: Required. Resource ID of the virtual machine that is linked to this policy. - :type id: str - :param ports: Required. The ports to open for the resource with the ``id``. - :type ports: list[~azure.mgmt.security.models.JitNetworkAccessPolicyInitiatePort] + :ivar alert_display_name: Display name of the alert. + :vartype alert_display_name: str + :ivar reported_severity: Assessed Alert severity. Possible values include: "Informational", + "Low", "Medium", "High". + :vartype reported_severity: str or ~azure.mgmt.security.models.ReportedSeverity + :ivar alerts_count: Number of alerts raised for this alert type. + :vartype alerts_count: long """ _validation = { - 'id': {'required': True}, - 'ports': {'required': True}, + 'alert_display_name': {'readonly': True}, + 'reported_severity': {'readonly': True}, + 'alerts_count': {'readonly': True}, } _attribute_map = { - 'id': {'key': 'id', 'type': 'str'}, - 'ports': {'key': 'ports', 'type': '[JitNetworkAccessPolicyInitiatePort]'}, + 'alert_display_name': {'key': 'alertDisplayName', 'type': 'str'}, + 'reported_severity': {'key': 'reportedSeverity', 'type': 'str'}, + 'alerts_count': {'key': 'alertsCount', 'type': 'long'}, } def __init__( self, **kwargs ): - super(JitNetworkAccessPolicyInitiateVirtualMachine, self).__init__(**kwargs) - self.id = kwargs['id'] - self.ports = kwargs['ports'] + super(IoTSecurityDeviceAlert, self).__init__(**kwargs) + self.alert_display_name = None + self.reported_severity = None + self.alerts_count = None -class JitNetworkAccessPolicyVirtualMachine(msrest.serialization.Model): - """JitNetworkAccessPolicyVirtualMachine. +class IoTSecurityDeviceRecommendation(msrest.serialization.Model): + """Statistical information about the number of recommendations per device, per recommendation type. - All required parameters must be populated in order to send to Azure. + Variables are only populated by the server, and will be ignored when sending a request. - :param id: Required. Resource ID of the virtual machine that is linked to this policy. - :type id: str - :param ports: Required. Port configurations for the virtual machine. - :type ports: list[~azure.mgmt.security.models.JitNetworkAccessPortRule] - :param public_ip_address: Public IP address of the Azure Firewall that is linked to this - policy, if applicable. - :type public_ip_address: str + :ivar recommendation_display_name: Display name of the recommendation. + :vartype recommendation_display_name: str + :ivar reported_severity: Assessed recommendation severity. Possible values include: + "Informational", "Low", "Medium", "High". + :vartype reported_severity: str or ~azure.mgmt.security.models.ReportedSeverity + :ivar devices_count: Number of devices with this recommendation. + :vartype devices_count: long """ _validation = { - 'id': {'required': True}, - 'ports': {'required': True}, + 'recommendation_display_name': {'readonly': True}, + 'reported_severity': {'readonly': True}, + 'devices_count': {'readonly': True}, } _attribute_map = { - 'id': {'key': 'id', 'type': 'str'}, - 'ports': {'key': 'ports', 'type': '[JitNetworkAccessPortRule]'}, - 'public_ip_address': {'key': 'publicIpAddress', 'type': 'str'}, + 'recommendation_display_name': {'key': 'recommendationDisplayName', 'type': 'str'}, + 'reported_severity': {'key': 'reportedSeverity', 'type': 'str'}, + 'devices_count': {'key': 'devicesCount', 'type': 'long'}, } def __init__( self, **kwargs ): - super(JitNetworkAccessPolicyVirtualMachine, self).__init__(**kwargs) - self.id = kwargs['id'] - self.ports = kwargs['ports'] - self.public_ip_address = kwargs.get('public_ip_address', None) + super(IoTSecurityDeviceRecommendation, self).__init__(**kwargs) + self.recommendation_display_name = None + self.reported_severity = None + self.devices_count = None -class JitNetworkAccessPortRule(msrest.serialization.Model): - """JitNetworkAccessPortRule. +class IoTSecuritySolutionAnalyticsModel(Resource): + """Security analytics of your IoT Security solution. - All required parameters must be populated in order to send to Azure. + Variables are only populated by the server, and will be ignored when sending a request. - :param number: Required. - :type number: int - :param protocol: Required. Possible values include: "TCP", "UDP", "*". - :type protocol: str or ~azure.mgmt.security.models.ProtocolEnum - :param allowed_source_address_prefix: Mutually exclusive with the - "allowedSourceAddressPrefixes" parameter. Should be an IP address or CIDR, for example - "192.168.0.3" or "192.168.0.0/16". - :type allowed_source_address_prefix: str - :param allowed_source_address_prefixes: Mutually exclusive with the - "allowedSourceAddressPrefix" parameter. - :type allowed_source_address_prefixes: list[str] - :param max_request_access_duration: Required. Maximum duration requests can be made for. In ISO - 8601 duration format. Minimum 5 minutes, maximum 1 day. - :type max_request_access_duration: str + :ivar id: Resource Id. + :vartype id: str + :ivar name: Resource name. + :vartype name: str + :ivar type: Resource type. + :vartype type: str + :ivar metrics: Security analytics of your IoT Security solution. + :vartype metrics: ~azure.mgmt.security.models.IoTSeverityMetrics + :ivar unhealthy_device_count: Number of unhealthy devices within your IoT Security solution. + :vartype unhealthy_device_count: long + :ivar devices_metrics: List of device metrics by the aggregation date. + :vartype devices_metrics: + list[~azure.mgmt.security.models.IoTSecuritySolutionAnalyticsModelPropertiesDevicesMetricsItem] + :param top_alerted_devices: List of the 3 devices with the most alerts. + :type top_alerted_devices: list[~azure.mgmt.security.models.IoTSecurityAlertedDevice] + :param most_prevalent_device_alerts: List of the 3 most prevalent device alerts. + :type most_prevalent_device_alerts: list[~azure.mgmt.security.models.IoTSecurityDeviceAlert] + :param most_prevalent_device_recommendations: List of the 3 most prevalent device + recommendations. + :type most_prevalent_device_recommendations: + list[~azure.mgmt.security.models.IoTSecurityDeviceRecommendation] """ _validation = { - 'number': {'required': True, 'maximum': 65535, 'minimum': 0}, - 'protocol': {'required': True}, - 'max_request_access_duration': {'required': True}, + 'id': {'readonly': True}, + 'name': {'readonly': True}, + 'type': {'readonly': True}, + 'metrics': {'readonly': True}, + 'unhealthy_device_count': {'readonly': True}, + 'devices_metrics': {'readonly': True}, } _attribute_map = { - 'number': {'key': 'number', 'type': 'int'}, - 'protocol': {'key': 'protocol', 'type': 'str'}, - 'allowed_source_address_prefix': {'key': 'allowedSourceAddressPrefix', 'type': 'str'}, - 'allowed_source_address_prefixes': {'key': 'allowedSourceAddressPrefixes', 'type': '[str]'}, - 'max_request_access_duration': {'key': 'maxRequestAccessDuration', 'type': 'str'}, + 'id': {'key': 'id', 'type': 'str'}, + 'name': {'key': 'name', 'type': 'str'}, + 'type': {'key': 'type', 'type': 'str'}, + 'metrics': {'key': 'properties.metrics', 'type': 'IoTSeverityMetrics'}, + 'unhealthy_device_count': {'key': 'properties.unhealthyDeviceCount', 'type': 'long'}, + 'devices_metrics': {'key': 'properties.devicesMetrics', 'type': '[IoTSecuritySolutionAnalyticsModelPropertiesDevicesMetricsItem]'}, + 'top_alerted_devices': {'key': 'properties.topAlertedDevices', 'type': '[IoTSecurityAlertedDevice]'}, + 'most_prevalent_device_alerts': {'key': 'properties.mostPrevalentDeviceAlerts', 'type': '[IoTSecurityDeviceAlert]'}, + 'most_prevalent_device_recommendations': {'key': 'properties.mostPrevalentDeviceRecommendations', 'type': '[IoTSecurityDeviceRecommendation]'}, } def __init__( self, **kwargs ): - super(JitNetworkAccessPortRule, self).__init__(**kwargs) - self.number = kwargs['number'] - self.protocol = kwargs['protocol'] - self.allowed_source_address_prefix = kwargs.get('allowed_source_address_prefix', None) - self.allowed_source_address_prefixes = kwargs.get('allowed_source_address_prefixes', None) - self.max_request_access_duration = kwargs['max_request_access_duration'] + super(IoTSecuritySolutionAnalyticsModel, self).__init__(**kwargs) + self.metrics = None + self.unhealthy_device_count = None + self.devices_metrics = None + self.top_alerted_devices = kwargs.get('top_alerted_devices', None) + self.most_prevalent_device_alerts = kwargs.get('most_prevalent_device_alerts', None) + self.most_prevalent_device_recommendations = kwargs.get('most_prevalent_device_recommendations', None) -class JitNetworkAccessRequest(msrest.serialization.Model): - """JitNetworkAccessRequest. +class IoTSecuritySolutionAnalyticsModelList(msrest.serialization.Model): + """List of Security analytics of your IoT Security solution. + + Variables are only populated by the server, and will be ignored when sending a request. All required parameters must be populated in order to send to Azure. - :param virtual_machines: Required. - :type virtual_machines: list[~azure.mgmt.security.models.JitNetworkAccessRequestVirtualMachine] - :param start_time_utc: Required. The start time of the request in UTC. - :type start_time_utc: ~datetime.datetime - :param requestor: Required. The identity of the person who made the request. - :type requestor: str - :param justification: The justification for making the initiate request. - :type justification: str + :param value: Required. List of Security analytics of your IoT Security solution. + :type value: list[~azure.mgmt.security.models.IoTSecuritySolutionAnalyticsModel] + :ivar next_link: When there is too much alert data for one page, use this URI to fetch the next + page. + :vartype next_link: str """ _validation = { - 'virtual_machines': {'required': True}, - 'start_time_utc': {'required': True}, - 'requestor': {'required': True}, + 'value': {'required': True}, + 'next_link': {'readonly': True}, } _attribute_map = { - 'virtual_machines': {'key': 'virtualMachines', 'type': '[JitNetworkAccessRequestVirtualMachine]'}, - 'start_time_utc': {'key': 'startTimeUtc', 'type': 'iso-8601'}, - 'requestor': {'key': 'requestor', 'type': 'str'}, - 'justification': {'key': 'justification', 'type': 'str'}, + 'value': {'key': 'value', 'type': '[IoTSecuritySolutionAnalyticsModel]'}, + 'next_link': {'key': 'nextLink', 'type': 'str'}, } def __init__( self, **kwargs ): - super(JitNetworkAccessRequest, self).__init__(**kwargs) - self.virtual_machines = kwargs['virtual_machines'] - self.start_time_utc = kwargs['start_time_utc'] - self.requestor = kwargs['requestor'] - self.justification = kwargs.get('justification', None) - + super(IoTSecuritySolutionAnalyticsModelList, self).__init__(**kwargs) + self.value = kwargs['value'] + self.next_link = None -class JitNetworkAccessRequestPort(msrest.serialization.Model): - """JitNetworkAccessRequestPort. - All required parameters must be populated in order to send to Azure. +class IoTSecuritySolutionAnalyticsModelPropertiesDevicesMetricsItem(msrest.serialization.Model): + """IoTSecuritySolutionAnalyticsModelPropertiesDevicesMetricsItem. - :param number: Required. - :type number: int - :param allowed_source_address_prefix: Mutually exclusive with the - "allowedSourceAddressPrefixes" parameter. Should be an IP address or CIDR, for example - "192.168.0.3" or "192.168.0.0/16". - :type allowed_source_address_prefix: str - :param allowed_source_address_prefixes: Mutually exclusive with the - "allowedSourceAddressPrefix" parameter. - :type allowed_source_address_prefixes: list[str] - :param end_time_utc: Required. The date & time at which the request ends in UTC. - :type end_time_utc: ~datetime.datetime - :param status: Required. The status of the port. Possible values include: "Revoked", - "Initiated". - :type status: str or ~azure.mgmt.security.models.Status - :param status_reason: Required. A description of why the ``status`` has its value. Possible - values include: "Expired", "UserRequested", "NewerRequestInitiated". - :type status_reason: str or ~azure.mgmt.security.models.StatusReason - :param mapped_port: The port which is mapped to this port's ``number`` in the Azure Firewall, - if applicable. - :type mapped_port: int + :param date: Aggregation of IoT Security solution device alert metrics by date. + :type date: ~datetime.datetime + :param devices_metrics: Device alert count by severity. + :type devices_metrics: ~azure.mgmt.security.models.IoTSeverityMetrics """ - _validation = { - 'number': {'required': True, 'maximum': 65535, 'minimum': 0}, - 'end_time_utc': {'required': True}, - 'status': {'required': True}, - 'status_reason': {'required': True}, - } - _attribute_map = { - 'number': {'key': 'number', 'type': 'int'}, - 'allowed_source_address_prefix': {'key': 'allowedSourceAddressPrefix', 'type': 'str'}, - 'allowed_source_address_prefixes': {'key': 'allowedSourceAddressPrefixes', 'type': '[str]'}, - 'end_time_utc': {'key': 'endTimeUtc', 'type': 'iso-8601'}, - 'status': {'key': 'status', 'type': 'str'}, - 'status_reason': {'key': 'statusReason', 'type': 'str'}, - 'mapped_port': {'key': 'mappedPort', 'type': 'int'}, + 'date': {'key': 'date', 'type': 'iso-8601'}, + 'devices_metrics': {'key': 'devicesMetrics', 'type': 'IoTSeverityMetrics'}, } def __init__( self, **kwargs ): - super(JitNetworkAccessRequestPort, self).__init__(**kwargs) - self.number = kwargs['number'] - self.allowed_source_address_prefix = kwargs.get('allowed_source_address_prefix', None) - self.allowed_source_address_prefixes = kwargs.get('allowed_source_address_prefixes', None) - self.end_time_utc = kwargs['end_time_utc'] - self.status = kwargs['status'] - self.status_reason = kwargs['status_reason'] - self.mapped_port = kwargs.get('mapped_port', None) + super(IoTSecuritySolutionAnalyticsModelPropertiesDevicesMetricsItem, self).__init__(**kwargs) + self.date = kwargs.get('date', None) + self.devices_metrics = kwargs.get('devices_metrics', None) -class JitNetworkAccessRequestVirtualMachine(msrest.serialization.Model): - """JitNetworkAccessRequestVirtualMachine. +class IoTSecuritySolutionModel(Resource, TagsResource): + """IoT Security solution configuration and resource information. - All required parameters must be populated in order to send to Azure. + Variables are only populated by the server, and will be ignored when sending a request. - :param id: Required. Resource ID of the virtual machine that is linked to this policy. - :type id: str - :param ports: Required. The ports that were opened for the virtual machine. - :type ports: list[~azure.mgmt.security.models.JitNetworkAccessRequestPort] + :param tags: A set of tags. Resource tags. + :type tags: dict[str, str] + :ivar id: Resource Id. + :vartype id: str + :ivar name: Resource name. + :vartype name: str + :ivar type: Resource type. + :vartype type: str + :param location: The resource location. + :type location: str + :ivar system_data: Azure Resource Manager metadata containing createdBy and modifiedBy + information. + :vartype system_data: ~azure.mgmt.security.models.SystemData + :param workspace: Workspace resource ID. + :type workspace: str + :param display_name: Resource display name. + :type display_name: str + :param status: Status of the IoT Security solution. Possible values include: "Enabled", + "Disabled". Default value: "Enabled". + :type status: str or ~azure.mgmt.security.models.SecuritySolutionStatus + :param export: List of additional options for exporting to workspace data. + :type export: list[str or ~azure.mgmt.security.models.ExportData] + :param disabled_data_sources: Disabled data sources. Disabling these data sources compromises + the system. + :type disabled_data_sources: list[str or ~azure.mgmt.security.models.DataSource] + :param iot_hubs: IoT Hub resource IDs. + :type iot_hubs: list[str] + :param user_defined_resources: Properties of the IoT Security solution's user defined + resources. + :type user_defined_resources: ~azure.mgmt.security.models.UserDefinedResourcesProperties + :ivar auto_discovered_resources: List of resources that were automatically discovered as + relevant to the security solution. + :vartype auto_discovered_resources: list[str] + :param recommendations_configuration: List of the configuration status for each recommendation + type. + :type recommendations_configuration: + list[~azure.mgmt.security.models.RecommendationConfigurationProperties] + :param unmasked_ip_logging_status: Unmasked IP address logging status. Possible values include: + "Disabled", "Enabled". Default value: "Disabled". + :type unmasked_ip_logging_status: str or ~azure.mgmt.security.models.UnmaskedIpLoggingStatus + :param additional_workspaces: List of additional workspaces. + :type additional_workspaces: list[~azure.mgmt.security.models.AdditionalWorkspacesProperties] """ _validation = { - 'id': {'required': True}, - 'ports': {'required': True}, + 'id': {'readonly': True}, + 'name': {'readonly': True}, + 'type': {'readonly': True}, + 'system_data': {'readonly': True}, + 'auto_discovered_resources': {'readonly': True}, } _attribute_map = { + 'tags': {'key': 'tags', 'type': '{str}'}, 'id': {'key': 'id', 'type': 'str'}, - 'ports': {'key': 'ports', 'type': '[JitNetworkAccessRequestPort]'}, + 'name': {'key': 'name', 'type': 'str'}, + 'type': {'key': 'type', 'type': 'str'}, + 'location': {'key': 'location', 'type': 'str'}, + 'system_data': {'key': 'systemData', 'type': 'SystemData'}, + 'workspace': {'key': 'properties.workspace', 'type': 'str'}, + 'display_name': {'key': 'properties.displayName', 'type': 'str'}, + 'status': {'key': 'properties.status', 'type': 'str'}, + 'export': {'key': 'properties.export', 'type': '[str]'}, + 'disabled_data_sources': {'key': 'properties.disabledDataSources', 'type': '[str]'}, + 'iot_hubs': {'key': 'properties.iotHubs', 'type': '[str]'}, + 'user_defined_resources': {'key': 'properties.userDefinedResources', 'type': 'UserDefinedResourcesProperties'}, + 'auto_discovered_resources': {'key': 'properties.autoDiscoveredResources', 'type': '[str]'}, + 'recommendations_configuration': {'key': 'properties.recommendationsConfiguration', 'type': '[RecommendationConfigurationProperties]'}, + 'unmasked_ip_logging_status': {'key': 'properties.unmaskedIpLoggingStatus', 'type': 'str'}, + 'additional_workspaces': {'key': 'properties.additionalWorkspaces', 'type': '[AdditionalWorkspacesProperties]'}, } def __init__( self, **kwargs ): - super(JitNetworkAccessRequestVirtualMachine, self).__init__(**kwargs) - self.id = kwargs['id'] - self.ports = kwargs['ports'] + super(IoTSecuritySolutionModel, self).__init__(**kwargs) + self.tags = kwargs.get('tags', None) + self.location = kwargs.get('location', None) + self.system_data = None + self.workspace = kwargs.get('workspace', None) + self.display_name = kwargs.get('display_name', None) + self.status = kwargs.get('status', "Enabled") + self.export = kwargs.get('export', None) + self.disabled_data_sources = kwargs.get('disabled_data_sources', None) + self.iot_hubs = kwargs.get('iot_hubs', None) + self.user_defined_resources = kwargs.get('user_defined_resources', None) + self.auto_discovered_resources = None + self.recommendations_configuration = kwargs.get('recommendations_configuration', None) + self.unmasked_ip_logging_status = kwargs.get('unmasked_ip_logging_status', "Disabled") + self.additional_workspaces = kwargs.get('additional_workspaces', None) + self.id = None + self.name = None + self.type = None + self.location = kwargs.get('location', None) + self.system_data = None + self.workspace = kwargs.get('workspace', None) + self.display_name = kwargs.get('display_name', None) + self.status = kwargs.get('status', "Enabled") + self.export = kwargs.get('export', None) + self.disabled_data_sources = kwargs.get('disabled_data_sources', None) + self.iot_hubs = kwargs.get('iot_hubs', None) + self.user_defined_resources = kwargs.get('user_defined_resources', None) + self.auto_discovered_resources = None + self.recommendations_configuration = kwargs.get('recommendations_configuration', None) + self.unmasked_ip_logging_status = kwargs.get('unmasked_ip_logging_status', "Disabled") + self.additional_workspaces = kwargs.get('additional_workspaces', None) -class LocalUserNotAllowed(AllowlistCustomAlertRule): - """Login by a local user that isn't allowed. Allow list consists of login names to allow. +class IoTSecuritySolutionsList(msrest.serialization.Model): + """List of IoT Security solutions. Variables are only populated by the server, and will be ignored when sending a request. All required parameters must be populated in order to send to Azure. - :ivar display_name: The display name of the custom alert. - :vartype display_name: str - :ivar description: The description of the custom alert. - :vartype description: str - :param is_enabled: Required. Status of the custom alert. - :type is_enabled: bool - :param rule_type: Required. The type of the custom alert rule.Constant filled by server. - :type rule_type: str - :ivar value_type: The value type of the items in the list. Possible values include: "IpCidr", - "String". - :vartype value_type: str or ~azure.mgmt.security.models.ValueType - :param allowlist_values: Required. The values to allow. The format of the values depends on the - rule type. - :type allowlist_values: list[str] + :param value: Required. List of IoT Security solutions. + :type value: list[~azure.mgmt.security.models.IoTSecuritySolutionModel] + :ivar next_link: The URI to fetch the next page. + :vartype next_link: str """ _validation = { - 'display_name': {'readonly': True}, - 'description': {'readonly': True}, - 'is_enabled': {'required': True}, - 'rule_type': {'required': True}, - 'value_type': {'readonly': True}, - 'allowlist_values': {'required': True}, + 'value': {'required': True}, + 'next_link': {'readonly': True}, } _attribute_map = { - 'display_name': {'key': 'displayName', 'type': 'str'}, - 'description': {'key': 'description', 'type': 'str'}, - 'is_enabled': {'key': 'isEnabled', 'type': 'bool'}, - 'rule_type': {'key': 'ruleType', 'type': 'str'}, - 'value_type': {'key': 'valueType', 'type': 'str'}, - 'allowlist_values': {'key': 'allowlistValues', 'type': '[str]'}, + 'value': {'key': 'value', 'type': '[IoTSecuritySolutionModel]'}, + 'next_link': {'key': 'nextLink', 'type': 'str'}, } def __init__( self, **kwargs ): - super(LocalUserNotAllowed, self).__init__(**kwargs) - self.rule_type = 'LocalUserNotAllowed' # type: str - - -class LogAnalyticsIdentifier(ResourceIdentifier): - """Represents a Log Analytics workspace scope identifier. + super(IoTSecuritySolutionsList, self).__init__(**kwargs) + self.value = kwargs['value'] + self.next_link = None - Variables are only populated by the server, and will be ignored when sending a request. - All required parameters must be populated in order to send to Azure. +class IoTSeverityMetrics(msrest.serialization.Model): + """IoT Security solution analytics severity metrics. - :param type: Required. There can be multiple identifiers of different type per alert, this - field specify the identifier type.Constant filled by server. Possible values include: - "AzureResource", "LogAnalytics". - :type type: str or ~azure.mgmt.security.models.ResourceIdentifierType - :ivar workspace_id: The LogAnalytics workspace id that stores this alert. - :vartype workspace_id: str - :ivar workspace_subscription_id: The azure subscription id for the LogAnalytics workspace - storing this alert. - :vartype workspace_subscription_id: str - :ivar workspace_resource_group: The azure resource group for the LogAnalytics workspace storing - this alert. - :vartype workspace_resource_group: str - :ivar agent_id: (optional) The LogAnalytics agent id reporting the event that this alert is - based on. - :vartype agent_id: str + :param high: Count of high severity alerts/recommendations. + :type high: long + :param medium: Count of medium severity alerts/recommendations. + :type medium: long + :param low: Count of low severity alerts/recommendations. + :type low: long """ - _validation = { - 'type': {'required': True}, - 'workspace_id': {'readonly': True}, - 'workspace_subscription_id': {'readonly': True, 'pattern': r'^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$'}, - 'workspace_resource_group': {'readonly': True}, - 'agent_id': {'readonly': True}, - } - _attribute_map = { - 'type': {'key': 'type', 'type': 'str'}, - 'workspace_id': {'key': 'workspaceId', 'type': 'str'}, - 'workspace_subscription_id': {'key': 'workspaceSubscriptionId', 'type': 'str'}, - 'workspace_resource_group': {'key': 'workspaceResourceGroup', 'type': 'str'}, - 'agent_id': {'key': 'agentId', 'type': 'str'}, + 'high': {'key': 'high', 'type': 'long'}, + 'medium': {'key': 'medium', 'type': 'long'}, + 'low': {'key': 'low', 'type': 'long'}, } def __init__( self, **kwargs ): - super(LogAnalyticsIdentifier, self).__init__(**kwargs) - self.type = 'LogAnalytics' # type: str - self.workspace_id = None - self.workspace_subscription_id = None - self.workspace_resource_group = None - self.agent_id = None + super(IoTSeverityMetrics, self).__init__(**kwargs) + self.high = kwargs.get('high', None) + self.medium = kwargs.get('medium', None) + self.low = kwargs.get('low', None) -class MqttC2DMessagesNotInAllowedRange(TimeWindowCustomAlertRule): - """Number of cloud to device messages (MQTT protocol) is not in allowed range. +class JitNetworkAccessPoliciesList(msrest.serialization.Model): + """JitNetworkAccessPoliciesList. Variables are only populated by the server, and will be ignored when sending a request. - All required parameters must be populated in order to send to Azure. - - :ivar display_name: The display name of the custom alert. - :vartype display_name: str - :ivar description: The description of the custom alert. - :vartype description: str - :param is_enabled: Required. Status of the custom alert. - :type is_enabled: bool - :param rule_type: Required. The type of the custom alert rule.Constant filled by server. - :type rule_type: str - :param min_threshold: Required. The minimum threshold. - :type min_threshold: int - :param max_threshold: Required. The maximum threshold. - :type max_threshold: int - :param time_window_size: Required. The time window size in iso8601 format. - :type time_window_size: ~datetime.timedelta + :param value: + :type value: list[~azure.mgmt.security.models.JitNetworkAccessPolicy] + :ivar next_link: The URI to fetch the next page. + :vartype next_link: str """ _validation = { - 'display_name': {'readonly': True}, - 'description': {'readonly': True}, - 'is_enabled': {'required': True}, - 'rule_type': {'required': True}, - 'min_threshold': {'required': True}, - 'max_threshold': {'required': True}, - 'time_window_size': {'required': True}, + 'next_link': {'readonly': True}, } _attribute_map = { - 'display_name': {'key': 'displayName', 'type': 'str'}, - 'description': {'key': 'description', 'type': 'str'}, - 'is_enabled': {'key': 'isEnabled', 'type': 'bool'}, - 'rule_type': {'key': 'ruleType', 'type': 'str'}, - 'min_threshold': {'key': 'minThreshold', 'type': 'int'}, - 'max_threshold': {'key': 'maxThreshold', 'type': 'int'}, - 'time_window_size': {'key': 'timeWindowSize', 'type': 'duration'}, + 'value': {'key': 'value', 'type': '[JitNetworkAccessPolicy]'}, + 'next_link': {'key': 'nextLink', 'type': 'str'}, } def __init__( self, **kwargs ): - super(MqttC2DMessagesNotInAllowedRange, self).__init__(**kwargs) - self.rule_type = 'MqttC2DMessagesNotInAllowedRange' # type: str + super(JitNetworkAccessPoliciesList, self).__init__(**kwargs) + self.value = kwargs.get('value', None) + self.next_link = None -class MqttC2DRejectedMessagesNotInAllowedRange(TimeWindowCustomAlertRule): - """Number of rejected cloud to device messages (MQTT protocol) is not in allowed range. +class JitNetworkAccessPolicy(Resource, Kind, Location): + """JitNetworkAccessPolicy. Variables are only populated by the server, and will be ignored when sending a request. All required parameters must be populated in order to send to Azure. - :ivar display_name: The display name of the custom alert. - :vartype display_name: str - :ivar description: The description of the custom alert. - :vartype description: str - :param is_enabled: Required. Status of the custom alert. - :type is_enabled: bool - :param rule_type: Required. The type of the custom alert rule.Constant filled by server. - :type rule_type: str - :param min_threshold: Required. The minimum threshold. - :type min_threshold: int - :param max_threshold: Required. The maximum threshold. - :type max_threshold: int - :param time_window_size: Required. The time window size in iso8601 format. - :type time_window_size: ~datetime.timedelta + :ivar location: Location where the resource is stored. + :vartype location: str + :param kind: Kind of the resource. + :type kind: str + :ivar id: Resource Id. + :vartype id: str + :ivar name: Resource name. + :vartype name: str + :ivar type: Resource type. + :vartype type: str + :param virtual_machines: Required. Configurations for Microsoft.Compute/virtualMachines + resource type. + :type virtual_machines: list[~azure.mgmt.security.models.JitNetworkAccessPolicyVirtualMachine] + :param requests: + :type requests: list[~azure.mgmt.security.models.JitNetworkAccessRequest] + :ivar provisioning_state: Gets the provisioning state of the Just-in-Time policy. + :vartype provisioning_state: str """ _validation = { - 'display_name': {'readonly': True}, - 'description': {'readonly': True}, - 'is_enabled': {'required': True}, - 'rule_type': {'required': True}, - 'min_threshold': {'required': True}, - 'max_threshold': {'required': True}, - 'time_window_size': {'required': True}, + 'location': {'readonly': True}, + 'id': {'readonly': True}, + 'name': {'readonly': True}, + 'type': {'readonly': True}, + 'virtual_machines': {'required': True}, + 'provisioning_state': {'readonly': True}, } _attribute_map = { - 'display_name': {'key': 'displayName', 'type': 'str'}, - 'description': {'key': 'description', 'type': 'str'}, - 'is_enabled': {'key': 'isEnabled', 'type': 'bool'}, - 'rule_type': {'key': 'ruleType', 'type': 'str'}, - 'min_threshold': {'key': 'minThreshold', 'type': 'int'}, - 'max_threshold': {'key': 'maxThreshold', 'type': 'int'}, - 'time_window_size': {'key': 'timeWindowSize', 'type': 'duration'}, + 'location': {'key': 'location', 'type': 'str'}, + 'kind': {'key': 'kind', 'type': 'str'}, + 'id': {'key': 'id', 'type': 'str'}, + 'name': {'key': 'name', 'type': 'str'}, + 'type': {'key': 'type', 'type': 'str'}, + 'virtual_machines': {'key': 'properties.virtualMachines', 'type': '[JitNetworkAccessPolicyVirtualMachine]'}, + 'requests': {'key': 'properties.requests', 'type': '[JitNetworkAccessRequest]'}, + 'provisioning_state': {'key': 'properties.provisioningState', 'type': 'str'}, } def __init__( self, **kwargs ): - super(MqttC2DRejectedMessagesNotInAllowedRange, self).__init__(**kwargs) - self.rule_type = 'MqttC2DRejectedMessagesNotInAllowedRange' # type: str - - -class MqttD2CMessagesNotInAllowedRange(TimeWindowCustomAlertRule): - """Number of device to cloud messages (MQTT protocol) is not in allowed range. - - Variables are only populated by the server, and will be ignored when sending a request. - - All required parameters must be populated in order to send to Azure. - - :ivar display_name: The display name of the custom alert. - :vartype display_name: str - :ivar description: The description of the custom alert. - :vartype description: str - :param is_enabled: Required. Status of the custom alert. - :type is_enabled: bool - :param rule_type: Required. The type of the custom alert rule.Constant filled by server. - :type rule_type: str - :param min_threshold: Required. The minimum threshold. - :type min_threshold: int - :param max_threshold: Required. The maximum threshold. - :type max_threshold: int - :param time_window_size: Required. The time window size in iso8601 format. - :type time_window_size: ~datetime.timedelta + super(JitNetworkAccessPolicy, self).__init__(**kwargs) + self.location = None + self.kind = kwargs.get('kind', None) + self.virtual_machines = kwargs['virtual_machines'] + self.requests = kwargs.get('requests', None) + self.provisioning_state = None + self.location = None + self.id = None + self.name = None + self.type = None + self.virtual_machines = kwargs['virtual_machines'] + self.requests = kwargs.get('requests', None) + self.provisioning_state = None + self.kind = kwargs.get('kind', None) + self.id = None + self.name = None + self.type = None + self.virtual_machines = kwargs['virtual_machines'] + self.requests = kwargs.get('requests', None) + self.provisioning_state = None + + +class JitNetworkAccessPolicyInitiatePort(msrest.serialization.Model): + """JitNetworkAccessPolicyInitiatePort. + + All required parameters must be populated in order to send to Azure. + + :param number: Required. + :type number: int + :param allowed_source_address_prefix: Source of the allowed traffic. If omitted, the request + will be for the source IP address of the initiate request. + :type allowed_source_address_prefix: str + :param end_time_utc: Required. The time to close the request in UTC. + :type end_time_utc: ~datetime.datetime """ _validation = { - 'display_name': {'readonly': True}, - 'description': {'readonly': True}, - 'is_enabled': {'required': True}, - 'rule_type': {'required': True}, - 'min_threshold': {'required': True}, - 'max_threshold': {'required': True}, - 'time_window_size': {'required': True}, + 'number': {'required': True, 'maximum': 65535, 'minimum': 0}, + 'end_time_utc': {'required': True}, } _attribute_map = { - 'display_name': {'key': 'displayName', 'type': 'str'}, - 'description': {'key': 'description', 'type': 'str'}, - 'is_enabled': {'key': 'isEnabled', 'type': 'bool'}, - 'rule_type': {'key': 'ruleType', 'type': 'str'}, - 'min_threshold': {'key': 'minThreshold', 'type': 'int'}, - 'max_threshold': {'key': 'maxThreshold', 'type': 'int'}, - 'time_window_size': {'key': 'timeWindowSize', 'type': 'duration'}, + 'number': {'key': 'number', 'type': 'int'}, + 'allowed_source_address_prefix': {'key': 'allowedSourceAddressPrefix', 'type': 'str'}, + 'end_time_utc': {'key': 'endTimeUtc', 'type': 'iso-8601'}, } def __init__( self, **kwargs ): - super(MqttD2CMessagesNotInAllowedRange, self).__init__(**kwargs) - self.rule_type = 'MqttD2CMessagesNotInAllowedRange' # type: str - + super(JitNetworkAccessPolicyInitiatePort, self).__init__(**kwargs) + self.number = kwargs['number'] + self.allowed_source_address_prefix = kwargs.get('allowed_source_address_prefix', None) + self.end_time_utc = kwargs['end_time_utc'] -class OnPremiseResourceDetails(ResourceDetails): - """Details of the On Premise resource that was assessed. - You probably want to use the sub-classes and not this class directly. Known - sub-classes are: OnPremiseSqlResourceDetails. +class JitNetworkAccessPolicyInitiateRequest(msrest.serialization.Model): + """JitNetworkAccessPolicyInitiateRequest. All required parameters must be populated in order to send to Azure. - :param source: Required. The platform where the assessed resource resides.Constant filled by - server. Possible values include: "Azure", "OnPremise", "OnPremiseSql". - :type source: str or ~azure.mgmt.security.models.Source - :param workspace_id: Required. Azure resource Id of the workspace the machine is attached to. - :type workspace_id: str - :param vmuuid: Required. The unique Id of the machine. - :type vmuuid: str - :param source_computer_id: Required. The oms agent Id installed on the machine. - :type source_computer_id: str - :param machine_name: Required. The name of the machine. - :type machine_name: str + :param virtual_machines: Required. A list of virtual machines & ports to open access for. + :type virtual_machines: + list[~azure.mgmt.security.models.JitNetworkAccessPolicyInitiateVirtualMachine] + :param justification: The justification for making the initiate request. + :type justification: str """ _validation = { - 'source': {'required': True}, - 'workspace_id': {'required': True}, - 'vmuuid': {'required': True}, - 'source_computer_id': {'required': True}, - 'machine_name': {'required': True}, + 'virtual_machines': {'required': True}, } _attribute_map = { - 'source': {'key': 'source', 'type': 'str'}, - 'workspace_id': {'key': 'workspaceId', 'type': 'str'}, - 'vmuuid': {'key': 'vmuuid', 'type': 'str'}, - 'source_computer_id': {'key': 'sourceComputerId', 'type': 'str'}, - 'machine_name': {'key': 'machineName', 'type': 'str'}, - } - - _subtype_map = { - 'source': {'OnPremiseSql': 'OnPremiseSqlResourceDetails'} + 'virtual_machines': {'key': 'virtualMachines', 'type': '[JitNetworkAccessPolicyInitiateVirtualMachine]'}, + 'justification': {'key': 'justification', 'type': 'str'}, } def __init__( self, **kwargs ): - super(OnPremiseResourceDetails, self).__init__(**kwargs) - self.source = 'OnPremise' # type: str - self.workspace_id = kwargs['workspace_id'] - self.vmuuid = kwargs['vmuuid'] - self.source_computer_id = kwargs['source_computer_id'] - self.machine_name = kwargs['machine_name'] + super(JitNetworkAccessPolicyInitiateRequest, self).__init__(**kwargs) + self.virtual_machines = kwargs['virtual_machines'] + self.justification = kwargs.get('justification', None) -class OnPremiseSqlResourceDetails(OnPremiseResourceDetails): - """Details of the On Premise Sql resource that was assessed. +class JitNetworkAccessPolicyInitiateVirtualMachine(msrest.serialization.Model): + """JitNetworkAccessPolicyInitiateVirtualMachine. All required parameters must be populated in order to send to Azure. - :param source: Required. The platform where the assessed resource resides.Constant filled by - server. Possible values include: "Azure", "OnPremise", "OnPremiseSql". - :type source: str or ~azure.mgmt.security.models.Source - :param workspace_id: Required. Azure resource Id of the workspace the machine is attached to. - :type workspace_id: str - :param vmuuid: Required. The unique Id of the machine. - :type vmuuid: str - :param source_computer_id: Required. The oms agent Id installed on the machine. - :type source_computer_id: str - :param machine_name: Required. The name of the machine. - :type machine_name: str - :param server_name: Required. The Sql server name installed on the machine. - :type server_name: str - :param database_name: Required. The Sql database name installed on the machine. - :type database_name: str + :param id: Required. Resource ID of the virtual machine that is linked to this policy. + :type id: str + :param ports: Required. The ports to open for the resource with the ``id``. + :type ports: list[~azure.mgmt.security.models.JitNetworkAccessPolicyInitiatePort] """ _validation = { - 'source': {'required': True}, - 'workspace_id': {'required': True}, - 'vmuuid': {'required': True}, - 'source_computer_id': {'required': True}, - 'machine_name': {'required': True}, - 'server_name': {'required': True}, - 'database_name': {'required': True}, + 'id': {'required': True}, + 'ports': {'required': True}, } _attribute_map = { - 'source': {'key': 'source', 'type': 'str'}, - 'workspace_id': {'key': 'workspaceId', 'type': 'str'}, - 'vmuuid': {'key': 'vmuuid', 'type': 'str'}, - 'source_computer_id': {'key': 'sourceComputerId', 'type': 'str'}, - 'machine_name': {'key': 'machineName', 'type': 'str'}, - 'server_name': {'key': 'serverName', 'type': 'str'}, - 'database_name': {'key': 'databaseName', 'type': 'str'}, + 'id': {'key': 'id', 'type': 'str'}, + 'ports': {'key': 'ports', 'type': '[JitNetworkAccessPolicyInitiatePort]'}, } def __init__( self, **kwargs ): - super(OnPremiseSqlResourceDetails, self).__init__(**kwargs) - self.source = 'OnPremiseSql' # type: str - self.server_name = kwargs['server_name'] - self.database_name = kwargs['database_name'] + super(JitNetworkAccessPolicyInitiateVirtualMachine, self).__init__(**kwargs) + self.id = kwargs['id'] + self.ports = kwargs['ports'] -class Operation(msrest.serialization.Model): - """Possible operation in the REST API of Microsoft.Security. +class JitNetworkAccessPolicyVirtualMachine(msrest.serialization.Model): + """JitNetworkAccessPolicyVirtualMachine. - Variables are only populated by the server, and will be ignored when sending a request. + All required parameters must be populated in order to send to Azure. - :ivar name: Name of the operation. - :vartype name: str - :ivar origin: Where the operation is originated. - :vartype origin: str - :param display: Security operation display. - :type display: ~azure.mgmt.security.models.OperationDisplay + :param id: Required. Resource ID of the virtual machine that is linked to this policy. + :type id: str + :param ports: Required. Port configurations for the virtual machine. + :type ports: list[~azure.mgmt.security.models.JitNetworkAccessPortRule] + :param public_ip_address: Public IP address of the Azure Firewall that is linked to this + policy, if applicable. + :type public_ip_address: str """ _validation = { - 'name': {'readonly': True}, - 'origin': {'readonly': True}, + 'id': {'required': True}, + 'ports': {'required': True}, } _attribute_map = { - 'name': {'key': 'name', 'type': 'str'}, - 'origin': {'key': 'origin', 'type': 'str'}, - 'display': {'key': 'display', 'type': 'OperationDisplay'}, + 'id': {'key': 'id', 'type': 'str'}, + 'ports': {'key': 'ports', 'type': '[JitNetworkAccessPortRule]'}, + 'public_ip_address': {'key': 'publicIpAddress', 'type': 'str'}, } def __init__( self, **kwargs ): - super(Operation, self).__init__(**kwargs) - self.name = None - self.origin = None - self.display = kwargs.get('display', None) + super(JitNetworkAccessPolicyVirtualMachine, self).__init__(**kwargs) + self.id = kwargs['id'] + self.ports = kwargs['ports'] + self.public_ip_address = kwargs.get('public_ip_address', None) -class OperationDisplay(msrest.serialization.Model): - """Security operation display. +class JitNetworkAccessPortRule(msrest.serialization.Model): + """JitNetworkAccessPortRule. - Variables are only populated by the server, and will be ignored when sending a request. + All required parameters must be populated in order to send to Azure. - :ivar provider: The resource provider for the operation. - :vartype provider: str - :ivar resource: The display name of the resource the operation applies to. - :vartype resource: str - :ivar operation: The display name of the security operation. - :vartype operation: str - :ivar description: The description of the operation. - :vartype description: str + :param number: Required. + :type number: int + :param protocol: Required. Possible values include: "TCP", "UDP", "*". + :type protocol: str or ~azure.mgmt.security.models.ProtocolEnum + :param allowed_source_address_prefix: Mutually exclusive with the + "allowedSourceAddressPrefixes" parameter. Should be an IP address or CIDR, for example + "192.168.0.3" or "192.168.0.0/16". + :type allowed_source_address_prefix: str + :param allowed_source_address_prefixes: Mutually exclusive with the + "allowedSourceAddressPrefix" parameter. + :type allowed_source_address_prefixes: list[str] + :param max_request_access_duration: Required. Maximum duration requests can be made for. In ISO + 8601 duration format. Minimum 5 minutes, maximum 1 day. + :type max_request_access_duration: str """ _validation = { - 'provider': {'readonly': True}, - 'resource': {'readonly': True}, - 'operation': {'readonly': True}, - 'description': {'readonly': True}, + 'number': {'required': True, 'maximum': 65535, 'minimum': 0}, + 'protocol': {'required': True}, + 'max_request_access_duration': {'required': True}, } _attribute_map = { - 'provider': {'key': 'provider', 'type': 'str'}, - 'resource': {'key': 'resource', 'type': 'str'}, - 'operation': {'key': 'operation', 'type': 'str'}, - 'description': {'key': 'description', 'type': 'str'}, + 'number': {'key': 'number', 'type': 'int'}, + 'protocol': {'key': 'protocol', 'type': 'str'}, + 'allowed_source_address_prefix': {'key': 'allowedSourceAddressPrefix', 'type': 'str'}, + 'allowed_source_address_prefixes': {'key': 'allowedSourceAddressPrefixes', 'type': '[str]'}, + 'max_request_access_duration': {'key': 'maxRequestAccessDuration', 'type': 'str'}, } def __init__( self, **kwargs ): - super(OperationDisplay, self).__init__(**kwargs) - self.provider = None - self.resource = None - self.operation = None - self.description = None + super(JitNetworkAccessPortRule, self).__init__(**kwargs) + self.number = kwargs['number'] + self.protocol = kwargs['protocol'] + self.allowed_source_address_prefix = kwargs.get('allowed_source_address_prefix', None) + self.allowed_source_address_prefixes = kwargs.get('allowed_source_address_prefixes', None) + self.max_request_access_duration = kwargs['max_request_access_duration'] -class OperationList(msrest.serialization.Model): - """List of possible operations for Microsoft.Security resource provider. +class JitNetworkAccessRequest(msrest.serialization.Model): + """JitNetworkAccessRequest. - Variables are only populated by the server, and will be ignored when sending a request. + All required parameters must be populated in order to send to Azure. - :param value: List of Security operations. - :type value: list[~azure.mgmt.security.models.Operation] - :ivar next_link: The URI to fetch the next page. - :vartype next_link: str + :param virtual_machines: Required. + :type virtual_machines: list[~azure.mgmt.security.models.JitNetworkAccessRequestVirtualMachine] + :param start_time_utc: Required. The start time of the request in UTC. + :type start_time_utc: ~datetime.datetime + :param requestor: Required. The identity of the person who made the request. + :type requestor: str + :param justification: The justification for making the initiate request. + :type justification: str """ _validation = { - 'next_link': {'readonly': True}, - } - - _attribute_map = { - 'value': {'key': 'value', 'type': '[Operation]'}, - 'next_link': {'key': 'nextLink', 'type': 'str'}, + 'virtual_machines': {'required': True}, + 'start_time_utc': {'required': True}, + 'requestor': {'required': True}, } - def __init__( - self, - **kwargs - ): - super(OperationList, self).__init__(**kwargs) - self.value = kwargs.get('value', None) - self.next_link = None - - -class PathRecommendation(msrest.serialization.Model): - """Represents a path that is recommended to be allowed and its properties. - - :param path: The full path of the file, or an identifier of the application. - :type path: str - :param action: The recommendation action of the machine or rule. Possible values include: - "Recommended", "Add", "Remove". - :type action: str or ~azure.mgmt.security.models.RecommendationAction - :param type: The type of IoT Security recommendation. Possible values include: - "IoT_ACRAuthentication", "IoT_AgentSendsUnutilizedMessages", "IoT_Baseline", - "IoT_EdgeHubMemOptimize", "IoT_EdgeLoggingOptions", "IoT_InconsistentModuleSettings", - "IoT_InstallAgent", "IoT_IPFilter_DenyAll", "IoT_IPFilter_PermissiveRule", "IoT_OpenPorts", - "IoT_PermissiveFirewallPolicy", "IoT_PermissiveInputFirewallRules", - "IoT_PermissiveOutputFirewallRules", "IoT_PrivilegedDockerOptions", "IoT_SharedCredentials", - "IoT_VulnerableTLSCipherSuite". - :type type: str or ~azure.mgmt.security.models.RecommendationType - :param publisher_info: Represents the publisher information of a process/rule. - :type publisher_info: ~azure.mgmt.security.models.PublisherInfo - :param common: Whether the application is commonly run on the machine. - :type common: bool - :param user_sids: - :type user_sids: list[str] - :param usernames: - :type usernames: list[~azure.mgmt.security.models.UserRecommendation] - :param file_type: The type of the file (for Linux files - Executable is used). Possible values - include: "Exe", "Dll", "Msi", "Script", "Executable", "Unknown". - :type file_type: str or ~azure.mgmt.security.models.FileType - :param configuration_status: The configuration status of the machines group or machine or rule. - Possible values include: "Configured", "NotConfigured", "InProgress", "Failed", "NoStatus". - :type configuration_status: str or ~azure.mgmt.security.models.ConfigurationStatus - """ - _attribute_map = { - 'path': {'key': 'path', 'type': 'str'}, - 'action': {'key': 'action', 'type': 'str'}, - 'type': {'key': 'type', 'type': 'str'}, - 'publisher_info': {'key': 'publisherInfo', 'type': 'PublisherInfo'}, - 'common': {'key': 'common', 'type': 'bool'}, - 'user_sids': {'key': 'userSids', 'type': '[str]'}, - 'usernames': {'key': 'usernames', 'type': '[UserRecommendation]'}, - 'file_type': {'key': 'fileType', 'type': 'str'}, - 'configuration_status': {'key': 'configurationStatus', 'type': 'str'}, + 'virtual_machines': {'key': 'virtualMachines', 'type': '[JitNetworkAccessRequestVirtualMachine]'}, + 'start_time_utc': {'key': 'startTimeUtc', 'type': 'iso-8601'}, + 'requestor': {'key': 'requestor', 'type': 'str'}, + 'justification': {'key': 'justification', 'type': 'str'}, } def __init__( self, **kwargs ): - super(PathRecommendation, self).__init__(**kwargs) - self.path = kwargs.get('path', None) - self.action = kwargs.get('action', None) - self.type = kwargs.get('type', None) - self.publisher_info = kwargs.get('publisher_info', None) - self.common = kwargs.get('common', None) - self.user_sids = kwargs.get('user_sids', None) - self.usernames = kwargs.get('usernames', None) - self.file_type = kwargs.get('file_type', None) - self.configuration_status = kwargs.get('configuration_status', None) + super(JitNetworkAccessRequest, self).__init__(**kwargs) + self.virtual_machines = kwargs['virtual_machines'] + self.start_time_utc = kwargs['start_time_utc'] + self.requestor = kwargs['requestor'] + self.justification = kwargs.get('justification', None) -class Pricing(Resource): - """Azure Security Center is provided in two pricing tiers: free and standard, with the standard tier available with a trial period. The standard tier offers advanced security capabilities, while the free tier offers basic security features. +class JitNetworkAccessRequestPort(msrest.serialization.Model): + """JitNetworkAccessRequestPort. - Variables are only populated by the server, and will be ignored when sending a request. + All required parameters must be populated in order to send to Azure. - :ivar id: Resource Id. - :vartype id: str - :ivar name: Resource name. - :vartype name: str - :ivar type: Resource type. - :vartype type: str - :param pricing_tier: The pricing tier value. Azure Security Center is provided in two pricing - tiers: free and standard, with the standard tier available with a trial period. The standard - tier offers advanced security capabilities, while the free tier offers basic security features. - Possible values include: "Free", "Standard". - :type pricing_tier: str or ~azure.mgmt.security.models.PricingTier - :ivar free_trial_remaining_time: The duration left for the subscriptions free trial period - in - ISO 8601 format (e.g. P3Y6M4DT12H30M5S). - :vartype free_trial_remaining_time: ~datetime.timedelta + :param number: Required. + :type number: int + :param allowed_source_address_prefix: Mutually exclusive with the + "allowedSourceAddressPrefixes" parameter. Should be an IP address or CIDR, for example + "192.168.0.3" or "192.168.0.0/16". + :type allowed_source_address_prefix: str + :param allowed_source_address_prefixes: Mutually exclusive with the + "allowedSourceAddressPrefix" parameter. + :type allowed_source_address_prefixes: list[str] + :param end_time_utc: Required. The date & time at which the request ends in UTC. + :type end_time_utc: ~datetime.datetime + :param status: Required. The status of the port. Possible values include: "Revoked", + "Initiated". + :type status: str or ~azure.mgmt.security.models.Status + :param status_reason: Required. A description of why the ``status`` has its value. Possible + values include: "Expired", "UserRequested", "NewerRequestInitiated". + :type status_reason: str or ~azure.mgmt.security.models.StatusReason + :param mapped_port: The port which is mapped to this port's ``number`` in the Azure Firewall, + if applicable. + :type mapped_port: int """ _validation = { - 'id': {'readonly': True}, - 'name': {'readonly': True}, - 'type': {'readonly': True}, - 'free_trial_remaining_time': {'readonly': True}, + 'number': {'required': True, 'maximum': 65535, 'minimum': 0}, + 'end_time_utc': {'required': True}, + 'status': {'required': True}, + 'status_reason': {'required': True}, } _attribute_map = { - 'id': {'key': 'id', 'type': 'str'}, - 'name': {'key': 'name', 'type': 'str'}, - 'type': {'key': 'type', 'type': 'str'}, - 'pricing_tier': {'key': 'properties.pricingTier', 'type': 'str'}, - 'free_trial_remaining_time': {'key': 'properties.freeTrialRemainingTime', 'type': 'duration'}, + 'number': {'key': 'number', 'type': 'int'}, + 'allowed_source_address_prefix': {'key': 'allowedSourceAddressPrefix', 'type': 'str'}, + 'allowed_source_address_prefixes': {'key': 'allowedSourceAddressPrefixes', 'type': '[str]'}, + 'end_time_utc': {'key': 'endTimeUtc', 'type': 'iso-8601'}, + 'status': {'key': 'status', 'type': 'str'}, + 'status_reason': {'key': 'statusReason', 'type': 'str'}, + 'mapped_port': {'key': 'mappedPort', 'type': 'int'}, } def __init__( self, **kwargs ): - super(Pricing, self).__init__(**kwargs) - self.pricing_tier = kwargs.get('pricing_tier', None) - self.free_trial_remaining_time = None + super(JitNetworkAccessRequestPort, self).__init__(**kwargs) + self.number = kwargs['number'] + self.allowed_source_address_prefix = kwargs.get('allowed_source_address_prefix', None) + self.allowed_source_address_prefixes = kwargs.get('allowed_source_address_prefixes', None) + self.end_time_utc = kwargs['end_time_utc'] + self.status = kwargs['status'] + self.status_reason = kwargs['status_reason'] + self.mapped_port = kwargs.get('mapped_port', None) -class PricingList(msrest.serialization.Model): - """List of pricing configurations response. +class JitNetworkAccessRequestVirtualMachine(msrest.serialization.Model): + """JitNetworkAccessRequestVirtualMachine. All required parameters must be populated in order to send to Azure. - :param value: Required. List of pricing configurations. - :type value: list[~azure.mgmt.security.models.Pricing] + :param id: Required. Resource ID of the virtual machine that is linked to this policy. + :type id: str + :param ports: Required. The ports that were opened for the virtual machine. + :type ports: list[~azure.mgmt.security.models.JitNetworkAccessRequestPort] """ _validation = { - 'value': {'required': True}, + 'id': {'required': True}, + 'ports': {'required': True}, } _attribute_map = { - 'value': {'key': 'value', 'type': '[Pricing]'}, + 'id': {'key': 'id', 'type': 'str'}, + 'ports': {'key': 'ports', 'type': '[JitNetworkAccessRequestPort]'}, } def __init__( self, **kwargs ): - super(PricingList, self).__init__(**kwargs) - self.value = kwargs['value'] + super(JitNetworkAccessRequestVirtualMachine, self).__init__(**kwargs) + self.id = kwargs['id'] + self.ports = kwargs['ports'] -class ProcessNotAllowed(AllowlistCustomAlertRule): - """Execution of a process that isn't allowed. Allow list consists of process names to allow. +class LocalUserNotAllowed(AllowlistCustomAlertRule): + """Login by a local user that isn't allowed. Allow list consists of login names to allow. Variables are only populated by the server, and will be ignored when sending a request. @@ -6417,129 +6476,126 @@ def __init__( self, **kwargs ): - super(ProcessNotAllowed, self).__init__(**kwargs) - self.rule_type = 'ProcessNotAllowed' # type: str + super(LocalUserNotAllowed, self).__init__(**kwargs) + self.rule_type = 'LocalUserNotAllowed' # type: str -class ProtectionMode(msrest.serialization.Model): - """The protection mode of the collection/file types. Exe/Msi/Script are used for Windows, Executable is used for Linux. +class LogAnalyticsIdentifier(ResourceIdentifier): + """Represents a Log Analytics workspace scope identifier. - :param exe: The application control policy enforcement/protection mode of the machine group. - Possible values include: "Audit", "Enforce", "None". - :type exe: str or ~azure.mgmt.security.models.EnforcementMode - :param msi: The application control policy enforcement/protection mode of the machine group. - Possible values include: "Audit", "Enforce", "None". - :type msi: str or ~azure.mgmt.security.models.EnforcementMode - :param script: The application control policy enforcement/protection mode of the machine group. - Possible values include: "Audit", "Enforce", "None". - :type script: str or ~azure.mgmt.security.models.EnforcementMode - :param executable: The application control policy enforcement/protection mode of the machine - group. Possible values include: "Audit", "Enforce", "None". - :type executable: str or ~azure.mgmt.security.models.EnforcementMode + Variables are only populated by the server, and will be ignored when sending a request. + + All required parameters must be populated in order to send to Azure. + + :param type: Required. There can be multiple identifiers of different type per alert, this + field specify the identifier type.Constant filled by server. Possible values include: + "AzureResource", "LogAnalytics". + :type type: str or ~azure.mgmt.security.models.ResourceIdentifierType + :ivar workspace_id: The LogAnalytics workspace id that stores this alert. + :vartype workspace_id: str + :ivar workspace_subscription_id: The azure subscription id for the LogAnalytics workspace + storing this alert. + :vartype workspace_subscription_id: str + :ivar workspace_resource_group: The azure resource group for the LogAnalytics workspace storing + this alert. + :vartype workspace_resource_group: str + :ivar agent_id: (optional) The LogAnalytics agent id reporting the event that this alert is + based on. + :vartype agent_id: str """ + _validation = { + 'type': {'required': True}, + 'workspace_id': {'readonly': True}, + 'workspace_subscription_id': {'readonly': True, 'pattern': r'^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$'}, + 'workspace_resource_group': {'readonly': True}, + 'agent_id': {'readonly': True}, + } + _attribute_map = { - 'exe': {'key': 'exe', 'type': 'str'}, - 'msi': {'key': 'msi', 'type': 'str'}, - 'script': {'key': 'script', 'type': 'str'}, - 'executable': {'key': 'executable', 'type': 'str'}, + 'type': {'key': 'type', 'type': 'str'}, + 'workspace_id': {'key': 'workspaceId', 'type': 'str'}, + 'workspace_subscription_id': {'key': 'workspaceSubscriptionId', 'type': 'str'}, + 'workspace_resource_group': {'key': 'workspaceResourceGroup', 'type': 'str'}, + 'agent_id': {'key': 'agentId', 'type': 'str'}, } def __init__( self, **kwargs ): - super(ProtectionMode, self).__init__(**kwargs) - self.exe = kwargs.get('exe', None) - self.msi = kwargs.get('msi', None) - self.script = kwargs.get('script', None) - self.executable = kwargs.get('executable', None) - - -class ProxyServerProperties(msrest.serialization.Model): - """For a non-Azure machine that is not connected directly to the internet, specify a proxy server that the non-Azure machine can use. - - :param ip: Proxy server IP. - :type ip: str - :param port: Proxy server port. - :type port: str - """ - - _attribute_map = { - 'ip': {'key': 'ip', 'type': 'str'}, - 'port': {'key': 'port', 'type': 'str'}, - } + super(LogAnalyticsIdentifier, self).__init__(**kwargs) + self.type = 'LogAnalytics' # type: str + self.workspace_id = None + self.workspace_subscription_id = None + self.workspace_resource_group = None + self.agent_id = None - def __init__( - self, - **kwargs - ): - super(ProxyServerProperties, self).__init__(**kwargs) - self.ip = kwargs.get('ip', None) - self.port = kwargs.get('port', None) +class MdeOnboardingData(Resource): + """The resource of the configuration or data needed to onboard the machine to MDE. -class PublisherInfo(msrest.serialization.Model): - """Represents the publisher information of a process/rule. + Variables are only populated by the server, and will be ignored when sending a request. - :param publisher_name: The Subject field of the x.509 certificate used to sign the code, using - the following fields - O = Organization, L = Locality, S = State or Province, and C = Country. - :type publisher_name: str - :param product_name: The product name taken from the file's version resource. - :type product_name: str - :param binary_name: The "OriginalName" field taken from the file's version resource. - :type binary_name: str - :param version: The binary file version taken from the file's version resource. - :type version: str + :ivar id: Resource Id. + :vartype id: str + :ivar name: Resource name. + :vartype name: str + :ivar type: Resource type. + :vartype type: str + :param onboarding_package_windows: The onboarding package used to onboard Windows machines to + MDE, coded in base64. This can also be used for onboarding using the dedicated VM Extension. + :type onboarding_package_windows: bytearray + :param onboarding_package_linux: The onboarding package used to onboard Linux machines to MDE, + coded in base64. This can also be used for onboarding using the dedicated VM Extension. + :type onboarding_package_linux: bytearray """ + _validation = { + 'id': {'readonly': True}, + 'name': {'readonly': True}, + 'type': {'readonly': True}, + } + _attribute_map = { - 'publisher_name': {'key': 'publisherName', 'type': 'str'}, - 'product_name': {'key': 'productName', 'type': 'str'}, - 'binary_name': {'key': 'binaryName', 'type': 'str'}, - 'version': {'key': 'version', 'type': 'str'}, + 'id': {'key': 'id', 'type': 'str'}, + 'name': {'key': 'name', 'type': 'str'}, + 'type': {'key': 'type', 'type': 'str'}, + 'onboarding_package_windows': {'key': 'properties.onboardingPackageWindows', 'type': 'bytearray'}, + 'onboarding_package_linux': {'key': 'properties.onboardingPackageLinux', 'type': 'bytearray'}, } def __init__( self, **kwargs ): - super(PublisherInfo, self).__init__(**kwargs) - self.publisher_name = kwargs.get('publisher_name', None) - self.product_name = kwargs.get('product_name', None) - self.binary_name = kwargs.get('binary_name', None) - self.version = kwargs.get('version', None) + super(MdeOnboardingData, self).__init__(**kwargs) + self.onboarding_package_windows = kwargs.get('onboarding_package_windows', None) + self.onboarding_package_linux = kwargs.get('onboarding_package_linux', None) -class QueryCheck(msrest.serialization.Model): - """The rule query details. +class MdeOnboardingDataList(msrest.serialization.Model): + """List of all MDE onboarding data resources. - :param query: The rule query. - :type query: str - :param expected_result: Expected result. - :type expected_result: list[list[str]] - :param column_names: Column names of expected result. - :type column_names: list[str] + :param value: List of the resources of the configuration or data needed to onboard the machine + to MDE. + :type value: list[~azure.mgmt.security.models.MdeOnboardingData] """ _attribute_map = { - 'query': {'key': 'query', 'type': 'str'}, - 'expected_result': {'key': 'expectedResult', 'type': '[[str]]'}, - 'column_names': {'key': 'columnNames', 'type': '[str]'}, + 'value': {'key': 'value', 'type': '[MdeOnboardingData]'}, } def __init__( self, **kwargs ): - super(QueryCheck, self).__init__(**kwargs) - self.query = kwargs.get('query', None) - self.expected_result = kwargs.get('expected_result', None) - self.column_names = kwargs.get('column_names', None) + super(MdeOnboardingDataList, self).__init__(**kwargs) + self.value = kwargs.get('value', None) -class QueuePurgesNotInAllowedRange(TimeWindowCustomAlertRule): - """Number of device queue purges is not in allowed range. +class MqttC2DMessagesNotInAllowedRange(TimeWindowCustomAlertRule): + """Number of cloud to device messages (MQTT protocol) is not in allowed range. Variables are only populated by the server, and will be ignored when sending a request. @@ -6585,334 +6641,308 @@ def __init__( self, **kwargs ): - super(QueuePurgesNotInAllowedRange, self).__init__(**kwargs) - self.rule_type = 'QueuePurgesNotInAllowedRange' # type: str + super(MqttC2DMessagesNotInAllowedRange, self).__init__(**kwargs) + self.rule_type = 'MqttC2DMessagesNotInAllowedRange' # type: str -class RecommendationConfigurationProperties(msrest.serialization.Model): - """The type of IoT Security recommendation. +class MqttC2DRejectedMessagesNotInAllowedRange(TimeWindowCustomAlertRule): + """Number of rejected cloud to device messages (MQTT protocol) is not in allowed range. Variables are only populated by the server, and will be ignored when sending a request. All required parameters must be populated in order to send to Azure. - :param recommendation_type: Required. The type of IoT Security recommendation. Possible values - include: "IoT_ACRAuthentication", "IoT_AgentSendsUnutilizedMessages", "IoT_Baseline", - "IoT_EdgeHubMemOptimize", "IoT_EdgeLoggingOptions", "IoT_InconsistentModuleSettings", - "IoT_InstallAgent", "IoT_IPFilter_DenyAll", "IoT_IPFilter_PermissiveRule", "IoT_OpenPorts", - "IoT_PermissiveFirewallPolicy", "IoT_PermissiveInputFirewallRules", - "IoT_PermissiveOutputFirewallRules", "IoT_PrivilegedDockerOptions", "IoT_SharedCredentials", - "IoT_VulnerableTLSCipherSuite". - :type recommendation_type: str or ~azure.mgmt.security.models.RecommendationType - :ivar name: - :vartype name: str - :param status: Required. Recommendation status. When the recommendation status is disabled - recommendations are not generated. Possible values include: "Disabled", "Enabled". Default - value: "Enabled". - :type status: str or ~azure.mgmt.security.models.RecommendationConfigStatus + :ivar display_name: The display name of the custom alert. + :vartype display_name: str + :ivar description: The description of the custom alert. + :vartype description: str + :param is_enabled: Required. Status of the custom alert. + :type is_enabled: bool + :param rule_type: Required. The type of the custom alert rule.Constant filled by server. + :type rule_type: str + :param min_threshold: Required. The minimum threshold. + :type min_threshold: int + :param max_threshold: Required. The maximum threshold. + :type max_threshold: int + :param time_window_size: Required. The time window size in iso8601 format. + :type time_window_size: ~datetime.timedelta """ _validation = { - 'recommendation_type': {'required': True}, - 'name': {'readonly': True}, - 'status': {'required': True}, + 'display_name': {'readonly': True}, + 'description': {'readonly': True}, + 'is_enabled': {'required': True}, + 'rule_type': {'required': True}, + 'min_threshold': {'required': True}, + 'max_threshold': {'required': True}, + 'time_window_size': {'required': True}, } _attribute_map = { - 'recommendation_type': {'key': 'recommendationType', 'type': 'str'}, - 'name': {'key': 'name', 'type': 'str'}, - 'status': {'key': 'status', 'type': 'str'}, + 'display_name': {'key': 'displayName', 'type': 'str'}, + 'description': {'key': 'description', 'type': 'str'}, + 'is_enabled': {'key': 'isEnabled', 'type': 'bool'}, + 'rule_type': {'key': 'ruleType', 'type': 'str'}, + 'min_threshold': {'key': 'minThreshold', 'type': 'int'}, + 'max_threshold': {'key': 'maxThreshold', 'type': 'int'}, + 'time_window_size': {'key': 'timeWindowSize', 'type': 'duration'}, } def __init__( self, **kwargs ): - super(RecommendationConfigurationProperties, self).__init__(**kwargs) - self.recommendation_type = kwargs['recommendation_type'] - self.name = None - self.status = kwargs.get('status', "Enabled") + super(MqttC2DRejectedMessagesNotInAllowedRange, self).__init__(**kwargs) + self.rule_type = 'MqttC2DRejectedMessagesNotInAllowedRange' # type: str -class RegulatoryComplianceAssessment(Resource): - """Regulatory compliance assessment details and state. +class MqttD2CMessagesNotInAllowedRange(TimeWindowCustomAlertRule): + """Number of device to cloud messages (MQTT protocol) is not in allowed range. Variables are only populated by the server, and will be ignored when sending a request. - :ivar id: Resource Id. - :vartype id: str - :ivar name: Resource name. - :vartype name: str - :ivar type: Resource type. - :vartype type: str - :ivar description: The description of the regulatory compliance assessment. + All required parameters must be populated in order to send to Azure. + + :ivar display_name: The display name of the custom alert. + :vartype display_name: str + :ivar description: The description of the custom alert. :vartype description: str - :ivar assessment_type: The expected type of assessment contained in the AssessmentDetailsLink. - :vartype assessment_type: str - :ivar assessment_details_link: Link to more detailed assessment results data. The response type - will be according to the assessmentType field. - :vartype assessment_details_link: str - :param state: Aggregative state based on the assessment's scanned resources states. Possible - values include: "Passed", "Failed", "Skipped", "Unsupported". - :type state: str or ~azure.mgmt.security.models.State - :ivar passed_resources: The given assessment's related resources count with passed state. - :vartype passed_resources: int - :ivar failed_resources: The given assessment's related resources count with failed state. - :vartype failed_resources: int - :ivar skipped_resources: The given assessment's related resources count with skipped state. - :vartype skipped_resources: int - :ivar unsupported_resources: The given assessment's related resources count with unsupported - state. - :vartype unsupported_resources: int + :param is_enabled: Required. Status of the custom alert. + :type is_enabled: bool + :param rule_type: Required. The type of the custom alert rule.Constant filled by server. + :type rule_type: str + :param min_threshold: Required. The minimum threshold. + :type min_threshold: int + :param max_threshold: Required. The maximum threshold. + :type max_threshold: int + :param time_window_size: Required. The time window size in iso8601 format. + :type time_window_size: ~datetime.timedelta """ _validation = { - 'id': {'readonly': True}, - 'name': {'readonly': True}, - 'type': {'readonly': True}, + 'display_name': {'readonly': True}, 'description': {'readonly': True}, - 'assessment_type': {'readonly': True}, - 'assessment_details_link': {'readonly': True}, - 'passed_resources': {'readonly': True}, - 'failed_resources': {'readonly': True}, - 'skipped_resources': {'readonly': True}, - 'unsupported_resources': {'readonly': True}, + 'is_enabled': {'required': True}, + 'rule_type': {'required': True}, + 'min_threshold': {'required': True}, + 'max_threshold': {'required': True}, + 'time_window_size': {'required': True}, } _attribute_map = { - 'id': {'key': 'id', 'type': 'str'}, - 'name': {'key': 'name', 'type': 'str'}, - 'type': {'key': 'type', 'type': 'str'}, - 'description': {'key': 'properties.description', 'type': 'str'}, - 'assessment_type': {'key': 'properties.assessmentType', 'type': 'str'}, - 'assessment_details_link': {'key': 'properties.assessmentDetailsLink', 'type': 'str'}, - 'state': {'key': 'properties.state', 'type': 'str'}, - 'passed_resources': {'key': 'properties.passedResources', 'type': 'int'}, - 'failed_resources': {'key': 'properties.failedResources', 'type': 'int'}, - 'skipped_resources': {'key': 'properties.skippedResources', 'type': 'int'}, - 'unsupported_resources': {'key': 'properties.unsupportedResources', 'type': 'int'}, + 'display_name': {'key': 'displayName', 'type': 'str'}, + 'description': {'key': 'description', 'type': 'str'}, + 'is_enabled': {'key': 'isEnabled', 'type': 'bool'}, + 'rule_type': {'key': 'ruleType', 'type': 'str'}, + 'min_threshold': {'key': 'minThreshold', 'type': 'int'}, + 'max_threshold': {'key': 'maxThreshold', 'type': 'int'}, + 'time_window_size': {'key': 'timeWindowSize', 'type': 'duration'}, } def __init__( self, **kwargs ): - super(RegulatoryComplianceAssessment, self).__init__(**kwargs) - self.description = None - self.assessment_type = None - self.assessment_details_link = None - self.state = kwargs.get('state', None) - self.passed_resources = None - self.failed_resources = None - self.skipped_resources = None - self.unsupported_resources = None + super(MqttD2CMessagesNotInAllowedRange, self).__init__(**kwargs) + self.rule_type = 'MqttD2CMessagesNotInAllowedRange' # type: str -class RegulatoryComplianceAssessmentList(msrest.serialization.Model): - """List of regulatory compliance assessment response. +class OnPremiseResourceDetails(ResourceDetails): + """Details of the On Premise resource that was assessed. - Variables are only populated by the server, and will be ignored when sending a request. + You probably want to use the sub-classes and not this class directly. Known + sub-classes are: OnPremiseSqlResourceDetails. All required parameters must be populated in order to send to Azure. - :param value: Required. - :type value: list[~azure.mgmt.security.models.RegulatoryComplianceAssessment] - :ivar next_link: The URI to fetch the next page. - :vartype next_link: str + :param source: Required. The platform where the assessed resource resides.Constant filled by + server. Possible values include: "Azure", "OnPremise", "OnPremiseSql". + :type source: str or ~azure.mgmt.security.models.Source + :param workspace_id: Required. Azure resource Id of the workspace the machine is attached to. + :type workspace_id: str + :param vmuuid: Required. The unique Id of the machine. + :type vmuuid: str + :param source_computer_id: Required. The oms agent Id installed on the machine. + :type source_computer_id: str + :param machine_name: Required. The name of the machine. + :type machine_name: str """ _validation = { - 'value': {'required': True}, - 'next_link': {'readonly': True}, - } - - _attribute_map = { - 'value': {'key': 'value', 'type': '[RegulatoryComplianceAssessment]'}, - 'next_link': {'key': 'nextLink', 'type': 'str'}, + 'source': {'required': True}, + 'workspace_id': {'required': True}, + 'vmuuid': {'required': True}, + 'source_computer_id': {'required': True}, + 'machine_name': {'required': True}, + } + + _attribute_map = { + 'source': {'key': 'source', 'type': 'str'}, + 'workspace_id': {'key': 'workspaceId', 'type': 'str'}, + 'vmuuid': {'key': 'vmuuid', 'type': 'str'}, + 'source_computer_id': {'key': 'sourceComputerId', 'type': 'str'}, + 'machine_name': {'key': 'machineName', 'type': 'str'}, + } + + _subtype_map = { + 'source': {'OnPremiseSql': 'OnPremiseSqlResourceDetails'} } def __init__( self, **kwargs ): - super(RegulatoryComplianceAssessmentList, self).__init__(**kwargs) - self.value = kwargs['value'] - self.next_link = None + super(OnPremiseResourceDetails, self).__init__(**kwargs) + self.source = 'OnPremise' # type: str + self.workspace_id = kwargs['workspace_id'] + self.vmuuid = kwargs['vmuuid'] + self.source_computer_id = kwargs['source_computer_id'] + self.machine_name = kwargs['machine_name'] -class RegulatoryComplianceControl(Resource): - """Regulatory compliance control details and state. +class OnPremiseSqlResourceDetails(OnPremiseResourceDetails): + """Details of the On Premise Sql resource that was assessed. - Variables are only populated by the server, and will be ignored when sending a request. + All required parameters must be populated in order to send to Azure. - :ivar id: Resource Id. - :vartype id: str - :ivar name: Resource name. - :vartype name: str - :ivar type: Resource type. - :vartype type: str - :ivar description: The description of the regulatory compliance control. - :vartype description: str - :param state: Aggregative state based on the control's supported assessments states. Possible - values include: "Passed", "Failed", "Skipped", "Unsupported". - :type state: str or ~azure.mgmt.security.models.State - :ivar passed_assessments: The number of supported regulatory compliance assessments of the - given control with a passed state. - :vartype passed_assessments: int - :ivar failed_assessments: The number of supported regulatory compliance assessments of the - given control with a failed state. - :vartype failed_assessments: int - :ivar skipped_assessments: The number of supported regulatory compliance assessments of the - given control with a skipped state. - :vartype skipped_assessments: int + :param source: Required. The platform where the assessed resource resides.Constant filled by + server. Possible values include: "Azure", "OnPremise", "OnPremiseSql". + :type source: str or ~azure.mgmt.security.models.Source + :param workspace_id: Required. Azure resource Id of the workspace the machine is attached to. + :type workspace_id: str + :param vmuuid: Required. The unique Id of the machine. + :type vmuuid: str + :param source_computer_id: Required. The oms agent Id installed on the machine. + :type source_computer_id: str + :param machine_name: Required. The name of the machine. + :type machine_name: str + :param server_name: Required. The Sql server name installed on the machine. + :type server_name: str + :param database_name: Required. The Sql database name installed on the machine. + :type database_name: str """ _validation = { - 'id': {'readonly': True}, - 'name': {'readonly': True}, - 'type': {'readonly': True}, - 'description': {'readonly': True}, - 'passed_assessments': {'readonly': True}, - 'failed_assessments': {'readonly': True}, - 'skipped_assessments': {'readonly': True}, + 'source': {'required': True}, + 'workspace_id': {'required': True}, + 'vmuuid': {'required': True}, + 'source_computer_id': {'required': True}, + 'machine_name': {'required': True}, + 'server_name': {'required': True}, + 'database_name': {'required': True}, } _attribute_map = { - 'id': {'key': 'id', 'type': 'str'}, - 'name': {'key': 'name', 'type': 'str'}, - 'type': {'key': 'type', 'type': 'str'}, - 'description': {'key': 'properties.description', 'type': 'str'}, - 'state': {'key': 'properties.state', 'type': 'str'}, - 'passed_assessments': {'key': 'properties.passedAssessments', 'type': 'int'}, - 'failed_assessments': {'key': 'properties.failedAssessments', 'type': 'int'}, - 'skipped_assessments': {'key': 'properties.skippedAssessments', 'type': 'int'}, + 'source': {'key': 'source', 'type': 'str'}, + 'workspace_id': {'key': 'workspaceId', 'type': 'str'}, + 'vmuuid': {'key': 'vmuuid', 'type': 'str'}, + 'source_computer_id': {'key': 'sourceComputerId', 'type': 'str'}, + 'machine_name': {'key': 'machineName', 'type': 'str'}, + 'server_name': {'key': 'serverName', 'type': 'str'}, + 'database_name': {'key': 'databaseName', 'type': 'str'}, } def __init__( self, **kwargs ): - super(RegulatoryComplianceControl, self).__init__(**kwargs) - self.description = None - self.state = kwargs.get('state', None) - self.passed_assessments = None - self.failed_assessments = None - self.skipped_assessments = None + super(OnPremiseSqlResourceDetails, self).__init__(**kwargs) + self.source = 'OnPremiseSql' # type: str + self.server_name = kwargs['server_name'] + self.database_name = kwargs['database_name'] -class RegulatoryComplianceControlList(msrest.serialization.Model): - """List of regulatory compliance controls response. +class Operation(msrest.serialization.Model): + """Possible operation in the REST API of Microsoft.Security. Variables are only populated by the server, and will be ignored when sending a request. - All required parameters must be populated in order to send to Azure. - - :param value: Required. List of regulatory compliance controls. - :type value: list[~azure.mgmt.security.models.RegulatoryComplianceControl] - :ivar next_link: The URI to fetch the next page. - :vartype next_link: str + :ivar name: Name of the operation. + :vartype name: str + :ivar origin: Where the operation is originated. + :vartype origin: str + :param display: Security operation display. + :type display: ~azure.mgmt.security.models.OperationDisplay """ _validation = { - 'value': {'required': True}, - 'next_link': {'readonly': True}, + 'name': {'readonly': True}, + 'origin': {'readonly': True}, } _attribute_map = { - 'value': {'key': 'value', 'type': '[RegulatoryComplianceControl]'}, - 'next_link': {'key': 'nextLink', 'type': 'str'}, + 'name': {'key': 'name', 'type': 'str'}, + 'origin': {'key': 'origin', 'type': 'str'}, + 'display': {'key': 'display', 'type': 'OperationDisplay'}, } def __init__( self, **kwargs ): - super(RegulatoryComplianceControlList, self).__init__(**kwargs) - self.value = kwargs['value'] - self.next_link = None + super(Operation, self).__init__(**kwargs) + self.name = None + self.origin = None + self.display = kwargs.get('display', None) -class RegulatoryComplianceStandard(Resource): - """Regulatory compliance standard details and state. +class OperationDisplay(msrest.serialization.Model): + """Security operation display. Variables are only populated by the server, and will be ignored when sending a request. - :ivar id: Resource Id. - :vartype id: str - :ivar name: Resource name. - :vartype name: str - :ivar type: Resource type. - :vartype type: str - :param state: Aggregative state based on the standard's supported controls states. Possible - values include: "Passed", "Failed", "Skipped", "Unsupported". - :type state: str or ~azure.mgmt.security.models.State - :ivar passed_controls: The number of supported regulatory compliance controls of the given - standard with a passed state. - :vartype passed_controls: int - :ivar failed_controls: The number of supported regulatory compliance controls of the given - standard with a failed state. - :vartype failed_controls: int - :ivar skipped_controls: The number of supported regulatory compliance controls of the given - standard with a skipped state. - :vartype skipped_controls: int - :ivar unsupported_controls: The number of regulatory compliance controls of the given standard - which are unsupported by automated assessments. - :vartype unsupported_controls: int + :ivar provider: The resource provider for the operation. + :vartype provider: str + :ivar resource: The display name of the resource the operation applies to. + :vartype resource: str + :ivar operation: The display name of the security operation. + :vartype operation: str + :ivar description: The description of the operation. + :vartype description: str """ _validation = { - 'id': {'readonly': True}, - 'name': {'readonly': True}, - 'type': {'readonly': True}, - 'passed_controls': {'readonly': True}, - 'failed_controls': {'readonly': True}, - 'skipped_controls': {'readonly': True}, - 'unsupported_controls': {'readonly': True}, + 'provider': {'readonly': True}, + 'resource': {'readonly': True}, + 'operation': {'readonly': True}, + 'description': {'readonly': True}, } _attribute_map = { - 'id': {'key': 'id', 'type': 'str'}, - 'name': {'key': 'name', 'type': 'str'}, - 'type': {'key': 'type', 'type': 'str'}, - 'state': {'key': 'properties.state', 'type': 'str'}, - 'passed_controls': {'key': 'properties.passedControls', 'type': 'int'}, - 'failed_controls': {'key': 'properties.failedControls', 'type': 'int'}, - 'skipped_controls': {'key': 'properties.skippedControls', 'type': 'int'}, - 'unsupported_controls': {'key': 'properties.unsupportedControls', 'type': 'int'}, + 'provider': {'key': 'provider', 'type': 'str'}, + 'resource': {'key': 'resource', 'type': 'str'}, + 'operation': {'key': 'operation', 'type': 'str'}, + 'description': {'key': 'description', 'type': 'str'}, } def __init__( self, **kwargs ): - super(RegulatoryComplianceStandard, self).__init__(**kwargs) - self.state = kwargs.get('state', None) - self.passed_controls = None - self.failed_controls = None - self.skipped_controls = None - self.unsupported_controls = None + super(OperationDisplay, self).__init__(**kwargs) + self.provider = None + self.resource = None + self.operation = None + self.description = None -class RegulatoryComplianceStandardList(msrest.serialization.Model): - """List of regulatory compliance standards response. +class OperationList(msrest.serialization.Model): + """List of possible operations for Microsoft.Security resource provider. Variables are only populated by the server, and will be ignored when sending a request. - All required parameters must be populated in order to send to Azure. - - :param value: Required. - :type value: list[~azure.mgmt.security.models.RegulatoryComplianceStandard] + :param value: List of Security operations. + :type value: list[~azure.mgmt.security.models.Operation] :ivar next_link: The URI to fetch the next page. :vartype next_link: str """ _validation = { - 'value': {'required': True}, 'next_link': {'readonly': True}, } _attribute_map = { - 'value': {'key': 'value', 'type': '[RegulatoryComplianceStandard]'}, + 'value': {'key': 'value', 'type': '[Operation]'}, 'next_link': {'key': 'nextLink', 'type': 'str'}, } @@ -6920,84 +6950,73 @@ def __init__( self, **kwargs ): - super(RegulatoryComplianceStandardList, self).__init__(**kwargs) - self.value = kwargs['value'] + super(OperationList, self).__init__(**kwargs) + self.value = kwargs.get('value', None) self.next_link = None -class Remediation(msrest.serialization.Model): - """Remediation details. - - :param description: Remediation description. - :type description: str - :param scripts: Remediation script. - :type scripts: list[str] - :param automated: Is remediation automated. - :type automated: bool - :param portal_link: Optional link to remediate in Azure Portal. - :type portal_link: str - """ - - _attribute_map = { - 'description': {'key': 'description', 'type': 'str'}, - 'scripts': {'key': 'scripts', 'type': '[str]'}, - 'automated': {'key': 'automated', 'type': 'bool'}, - 'portal_link': {'key': 'portalLink', 'type': 'str'}, - } - - def __init__( - self, - **kwargs - ): - super(Remediation, self).__init__(**kwargs) - self.description = kwargs.get('description', None) - self.scripts = kwargs.get('scripts', None) - self.automated = kwargs.get('automated', None) - self.portal_link = kwargs.get('portal_link', None) - +class PathRecommendation(msrest.serialization.Model): + """Represents a path that is recommended to be allowed and its properties. -class Rule(msrest.serialization.Model): - """Describes remote addresses that is recommended to communicate with the Azure resource on some (Protocol, Port, Direction). All other remote addresses are recommended to be blocked. - - :param name: The name of the rule. - :type name: str - :param direction: The rule's direction. Possible values include: "Inbound", "Outbound". - :type direction: str or ~azure.mgmt.security.models.Direction - :param destination_port: The rule's destination port. - :type destination_port: int - :param protocols: The rule's transport protocols. - :type protocols: list[str or ~azure.mgmt.security.models.TransportProtocol] - :param ip_addresses: The remote IP addresses that should be able to communicate with the Azure - resource on the rule's destination port and protocol. - :type ip_addresses: list[str] + :param path: The full path of the file, or an identifier of the application. + :type path: str + :param action: The recommendation action of the machine or rule. Possible values include: + "Recommended", "Add", "Remove". + :type action: str or ~azure.mgmt.security.models.RecommendationAction + :param type: The type of IoT Security recommendation. Possible values include: + "IoT_ACRAuthentication", "IoT_AgentSendsUnutilizedMessages", "IoT_Baseline", + "IoT_EdgeHubMemOptimize", "IoT_EdgeLoggingOptions", "IoT_InconsistentModuleSettings", + "IoT_InstallAgent", "IoT_IPFilter_DenyAll", "IoT_IPFilter_PermissiveRule", "IoT_OpenPorts", + "IoT_PermissiveFirewallPolicy", "IoT_PermissiveInputFirewallRules", + "IoT_PermissiveOutputFirewallRules", "IoT_PrivilegedDockerOptions", "IoT_SharedCredentials", + "IoT_VulnerableTLSCipherSuite". + :type type: str or ~azure.mgmt.security.models.RecommendationType + :param publisher_info: Represents the publisher information of a process/rule. + :type publisher_info: ~azure.mgmt.security.models.PublisherInfo + :param common: Whether the application is commonly run on the machine. + :type common: bool + :param user_sids: + :type user_sids: list[str] + :param usernames: + :type usernames: list[~azure.mgmt.security.models.UserRecommendation] + :param file_type: The type of the file (for Linux files - Executable is used). Possible values + include: "Exe", "Dll", "Msi", "Script", "Executable", "Unknown". + :type file_type: str or ~azure.mgmt.security.models.FileType + :param configuration_status: The configuration status of the machines group or machine or rule. + Possible values include: "Configured", "NotConfigured", "InProgress", "Failed", "NoStatus". + :type configuration_status: str or ~azure.mgmt.security.models.ConfigurationStatus """ - _validation = { - 'destination_port': {'maximum': 65535, 'minimum': 0}, - } - _attribute_map = { - 'name': {'key': 'name', 'type': 'str'}, - 'direction': {'key': 'direction', 'type': 'str'}, - 'destination_port': {'key': 'destinationPort', 'type': 'int'}, - 'protocols': {'key': 'protocols', 'type': '[str]'}, - 'ip_addresses': {'key': 'ipAddresses', 'type': '[str]'}, + 'path': {'key': 'path', 'type': 'str'}, + 'action': {'key': 'action', 'type': 'str'}, + 'type': {'key': 'type', 'type': 'str'}, + 'publisher_info': {'key': 'publisherInfo', 'type': 'PublisherInfo'}, + 'common': {'key': 'common', 'type': 'bool'}, + 'user_sids': {'key': 'userSids', 'type': '[str]'}, + 'usernames': {'key': 'usernames', 'type': '[UserRecommendation]'}, + 'file_type': {'key': 'fileType', 'type': 'str'}, + 'configuration_status': {'key': 'configurationStatus', 'type': 'str'}, } def __init__( self, **kwargs ): - super(Rule, self).__init__(**kwargs) - self.name = kwargs.get('name', None) - self.direction = kwargs.get('direction', None) - self.destination_port = kwargs.get('destination_port', None) - self.protocols = kwargs.get('protocols', None) - self.ip_addresses = kwargs.get('ip_addresses', None) + super(PathRecommendation, self).__init__(**kwargs) + self.path = kwargs.get('path', None) + self.action = kwargs.get('action', None) + self.type = kwargs.get('type', None) + self.publisher_info = kwargs.get('publisher_info', None) + self.common = kwargs.get('common', None) + self.user_sids = kwargs.get('user_sids', None) + self.usernames = kwargs.get('usernames', None) + self.file_type = kwargs.get('file_type', None) + self.configuration_status = kwargs.get('configuration_status', None) -class RuleResults(Resource): - """Rule results. +class Pricing(Resource): + """Azure Security Center is provided in two pricing tiers: free and standard, with the standard tier available with a trial period. The standard tier offers advanced security capabilities, while the free tier offers basic security features. Variables are only populated by the server, and will be ignored when sending a request. @@ -7007,142 +7026,836 @@ class RuleResults(Resource): :vartype name: str :ivar type: Resource type. :vartype type: str - :param properties: Rule results properties. - :type properties: ~azure.mgmt.security.models.RuleResultsProperties + :param pricing_tier: The pricing tier value. Azure Security Center is provided in two pricing + tiers: free and standard, with the standard tier available with a trial period. The standard + tier offers advanced security capabilities, while the free tier offers basic security features. + Possible values include: "Free", "Standard". + :type pricing_tier: str or ~azure.mgmt.security.models.PricingTier + :ivar free_trial_remaining_time: The duration left for the subscriptions free trial period - in + ISO 8601 format (e.g. P3Y6M4DT12H30M5S). + :vartype free_trial_remaining_time: ~datetime.timedelta """ _validation = { 'id': {'readonly': True}, 'name': {'readonly': True}, 'type': {'readonly': True}, + 'free_trial_remaining_time': {'readonly': True}, } _attribute_map = { 'id': {'key': 'id', 'type': 'str'}, 'name': {'key': 'name', 'type': 'str'}, 'type': {'key': 'type', 'type': 'str'}, - 'properties': {'key': 'properties', 'type': 'RuleResultsProperties'}, + 'pricing_tier': {'key': 'properties.pricingTier', 'type': 'str'}, + 'free_trial_remaining_time': {'key': 'properties.freeTrialRemainingTime', 'type': 'duration'}, } def __init__( self, **kwargs ): - super(RuleResults, self).__init__(**kwargs) - self.properties = kwargs.get('properties', None) + super(Pricing, self).__init__(**kwargs) + self.pricing_tier = kwargs.get('pricing_tier', None) + self.free_trial_remaining_time = None -class RuleResultsInput(msrest.serialization.Model): - """Rule results input. +class PricingList(msrest.serialization.Model): + """List of pricing configurations response. - :param latest_scan: Take results from latest scan. - :type latest_scan: bool - :param results: Expected results to be inserted into the baseline. - Leave this field empty it LatestScan == true. - :type results: list[list[str]] + All required parameters must be populated in order to send to Azure. + + :param value: Required. List of pricing configurations. + :type value: list[~azure.mgmt.security.models.Pricing] """ + _validation = { + 'value': {'required': True}, + } + _attribute_map = { - 'latest_scan': {'key': 'latestScan', 'type': 'bool'}, - 'results': {'key': 'results', 'type': '[[str]]'}, + 'value': {'key': 'value', 'type': '[Pricing]'}, } def __init__( self, **kwargs ): - super(RuleResultsInput, self).__init__(**kwargs) - self.latest_scan = kwargs.get('latest_scan', None) - self.results = kwargs.get('results', None) + super(PricingList, self).__init__(**kwargs) + self.value = kwargs['value'] -class RuleResultsProperties(msrest.serialization.Model): - """Rule results properties. +class ProcessNotAllowed(AllowlistCustomAlertRule): + """Execution of a process that isn't allowed. Allow list consists of process names to allow. - :param results: Expected results in the baseline. - :type results: list[list[str]] + Variables are only populated by the server, and will be ignored when sending a request. + + All required parameters must be populated in order to send to Azure. + + :ivar display_name: The display name of the custom alert. + :vartype display_name: str + :ivar description: The description of the custom alert. + :vartype description: str + :param is_enabled: Required. Status of the custom alert. + :type is_enabled: bool + :param rule_type: Required. The type of the custom alert rule.Constant filled by server. + :type rule_type: str + :ivar value_type: The value type of the items in the list. Possible values include: "IpCidr", + "String". + :vartype value_type: str or ~azure.mgmt.security.models.ValueType + :param allowlist_values: Required. The values to allow. The format of the values depends on the + rule type. + :type allowlist_values: list[str] """ + _validation = { + 'display_name': {'readonly': True}, + 'description': {'readonly': True}, + 'is_enabled': {'required': True}, + 'rule_type': {'required': True}, + 'value_type': {'readonly': True}, + 'allowlist_values': {'required': True}, + } + _attribute_map = { - 'results': {'key': 'results', 'type': '[[str]]'}, + 'display_name': {'key': 'displayName', 'type': 'str'}, + 'description': {'key': 'description', 'type': 'str'}, + 'is_enabled': {'key': 'isEnabled', 'type': 'bool'}, + 'rule_type': {'key': 'ruleType', 'type': 'str'}, + 'value_type': {'key': 'valueType', 'type': 'str'}, + 'allowlist_values': {'key': 'allowlistValues', 'type': '[str]'}, } def __init__( self, **kwargs ): - super(RuleResultsProperties, self).__init__(**kwargs) - self.results = kwargs.get('results', None) + super(ProcessNotAllowed, self).__init__(**kwargs) + self.rule_type = 'ProcessNotAllowed' # type: str -class RulesResults(msrest.serialization.Model): - """A list of rules results. +class ProtectionMode(msrest.serialization.Model): + """The protection mode of the collection/file types. Exe/Msi/Script are used for Windows, Executable is used for Linux. - :param value: List of rule results. - :type value: list[~azure.mgmt.security.models.RuleResults] + :param exe: The application control policy enforcement/protection mode of the machine group. + Possible values include: "Audit", "Enforce", "None". + :type exe: str or ~azure.mgmt.security.models.EnforcementMode + :param msi: The application control policy enforcement/protection mode of the machine group. + Possible values include: "Audit", "Enforce", "None". + :type msi: str or ~azure.mgmt.security.models.EnforcementMode + :param script: The application control policy enforcement/protection mode of the machine group. + Possible values include: "Audit", "Enforce", "None". + :type script: str or ~azure.mgmt.security.models.EnforcementMode + :param executable: The application control policy enforcement/protection mode of the machine + group. Possible values include: "Audit", "Enforce", "None". + :type executable: str or ~azure.mgmt.security.models.EnforcementMode """ _attribute_map = { - 'value': {'key': 'value', 'type': '[RuleResults]'}, + 'exe': {'key': 'exe', 'type': 'str'}, + 'msi': {'key': 'msi', 'type': 'str'}, + 'script': {'key': 'script', 'type': 'str'}, + 'executable': {'key': 'executable', 'type': 'str'}, } def __init__( self, **kwargs ): - super(RulesResults, self).__init__(**kwargs) - self.value = kwargs.get('value', None) + super(ProtectionMode, self).__init__(**kwargs) + self.exe = kwargs.get('exe', None) + self.msi = kwargs.get('msi', None) + self.script = kwargs.get('script', None) + self.executable = kwargs.get('executable', None) -class RulesResultsInput(msrest.serialization.Model): - """Rules results input. +class ProxyServerProperties(msrest.serialization.Model): + """For a non-Azure machine that is not connected directly to the internet, specify a proxy server that the non-Azure machine can use. - :param latest_scan: Take results from latest scan. - :type latest_scan: bool - :param results: Expected results to be inserted into the baseline. - Leave this field empty it LatestScan == true. - :type results: dict[str, list[list[str]]] + :param ip: Proxy server IP. + :type ip: str + :param port: Proxy server port. + :type port: str """ _attribute_map = { - 'latest_scan': {'key': 'latestScan', 'type': 'bool'}, - 'results': {'key': 'results', 'type': '{[[str]]}'}, + 'ip': {'key': 'ip', 'type': 'str'}, + 'port': {'key': 'port', 'type': 'str'}, } def __init__( self, **kwargs ): - super(RulesResultsInput, self).__init__(**kwargs) - self.latest_scan = kwargs.get('latest_scan', None) - self.results = kwargs.get('results', None) - + super(ProxyServerProperties, self).__init__(**kwargs) + self.ip = kwargs.get('ip', None) + self.port = kwargs.get('port', None) -class Scan(Resource): - """A vulnerability assessment scan record. - Variables are only populated by the server, and will be ignored when sending a request. +class PublisherInfo(msrest.serialization.Model): + """Represents the publisher information of a process/rule. - :ivar id: Resource Id. - :vartype id: str - :ivar name: Resource name. - :vartype name: str - :ivar type: Resource type. - :vartype type: str - :param properties: A vulnerability assessment scan record properties. - :type properties: ~azure.mgmt.security.models.ScanProperties + :param publisher_name: The Subject field of the x.509 certificate used to sign the code, using + the following fields - O = Organization, L = Locality, S = State or Province, and C = Country. + :type publisher_name: str + :param product_name: The product name taken from the file's version resource. + :type product_name: str + :param binary_name: The "OriginalName" field taken from the file's version resource. + :type binary_name: str + :param version: The binary file version taken from the file's version resource. + :type version: str """ - _validation = { - 'id': {'readonly': True}, - 'name': {'readonly': True}, - 'type': {'readonly': True}, + _attribute_map = { + 'publisher_name': {'key': 'publisherName', 'type': 'str'}, + 'product_name': {'key': 'productName', 'type': 'str'}, + 'binary_name': {'key': 'binaryName', 'type': 'str'}, + 'version': {'key': 'version', 'type': 'str'}, } - _attribute_map = { - 'id': {'key': 'id', 'type': 'str'}, - 'name': {'key': 'name', 'type': 'str'}, - 'type': {'key': 'type', 'type': 'str'}, + def __init__( + self, + **kwargs + ): + super(PublisherInfo, self).__init__(**kwargs) + self.publisher_name = kwargs.get('publisher_name', None) + self.product_name = kwargs.get('product_name', None) + self.binary_name = kwargs.get('binary_name', None) + self.version = kwargs.get('version', None) + + +class QueryCheck(msrest.serialization.Model): + """The rule query details. + + :param query: The rule query. + :type query: str + :param expected_result: Expected result. + :type expected_result: list[list[str]] + :param column_names: Column names of expected result. + :type column_names: list[str] + """ + + _attribute_map = { + 'query': {'key': 'query', 'type': 'str'}, + 'expected_result': {'key': 'expectedResult', 'type': '[[str]]'}, + 'column_names': {'key': 'columnNames', 'type': '[str]'}, + } + + def __init__( + self, + **kwargs + ): + super(QueryCheck, self).__init__(**kwargs) + self.query = kwargs.get('query', None) + self.expected_result = kwargs.get('expected_result', None) + self.column_names = kwargs.get('column_names', None) + + +class QueuePurgesNotInAllowedRange(TimeWindowCustomAlertRule): + """Number of device queue purges is not in allowed range. + + Variables are only populated by the server, and will be ignored when sending a request. + + All required parameters must be populated in order to send to Azure. + + :ivar display_name: The display name of the custom alert. + :vartype display_name: str + :ivar description: The description of the custom alert. + :vartype description: str + :param is_enabled: Required. Status of the custom alert. + :type is_enabled: bool + :param rule_type: Required. The type of the custom alert rule.Constant filled by server. + :type rule_type: str + :param min_threshold: Required. The minimum threshold. + :type min_threshold: int + :param max_threshold: Required. The maximum threshold. + :type max_threshold: int + :param time_window_size: Required. The time window size in iso8601 format. + :type time_window_size: ~datetime.timedelta + """ + + _validation = { + 'display_name': {'readonly': True}, + 'description': {'readonly': True}, + 'is_enabled': {'required': True}, + 'rule_type': {'required': True}, + 'min_threshold': {'required': True}, + 'max_threshold': {'required': True}, + 'time_window_size': {'required': True}, + } + + _attribute_map = { + 'display_name': {'key': 'displayName', 'type': 'str'}, + 'description': {'key': 'description', 'type': 'str'}, + 'is_enabled': {'key': 'isEnabled', 'type': 'bool'}, + 'rule_type': {'key': 'ruleType', 'type': 'str'}, + 'min_threshold': {'key': 'minThreshold', 'type': 'int'}, + 'max_threshold': {'key': 'maxThreshold', 'type': 'int'}, + 'time_window_size': {'key': 'timeWindowSize', 'type': 'duration'}, + } + + def __init__( + self, + **kwargs + ): + super(QueuePurgesNotInAllowedRange, self).__init__(**kwargs) + self.rule_type = 'QueuePurgesNotInAllowedRange' # type: str + + +class RecommendationConfigurationProperties(msrest.serialization.Model): + """The type of IoT Security recommendation. + + Variables are only populated by the server, and will be ignored when sending a request. + + All required parameters must be populated in order to send to Azure. + + :param recommendation_type: Required. The type of IoT Security recommendation. Possible values + include: "IoT_ACRAuthentication", "IoT_AgentSendsUnutilizedMessages", "IoT_Baseline", + "IoT_EdgeHubMemOptimize", "IoT_EdgeLoggingOptions", "IoT_InconsistentModuleSettings", + "IoT_InstallAgent", "IoT_IPFilter_DenyAll", "IoT_IPFilter_PermissiveRule", "IoT_OpenPorts", + "IoT_PermissiveFirewallPolicy", "IoT_PermissiveInputFirewallRules", + "IoT_PermissiveOutputFirewallRules", "IoT_PrivilegedDockerOptions", "IoT_SharedCredentials", + "IoT_VulnerableTLSCipherSuite". + :type recommendation_type: str or ~azure.mgmt.security.models.RecommendationType + :ivar name: + :vartype name: str + :param status: Required. Recommendation status. When the recommendation status is disabled + recommendations are not generated. Possible values include: "Disabled", "Enabled". Default + value: "Enabled". + :type status: str or ~azure.mgmt.security.models.RecommendationConfigStatus + """ + + _validation = { + 'recommendation_type': {'required': True}, + 'name': {'readonly': True}, + 'status': {'required': True}, + } + + _attribute_map = { + 'recommendation_type': {'key': 'recommendationType', 'type': 'str'}, + 'name': {'key': 'name', 'type': 'str'}, + 'status': {'key': 'status', 'type': 'str'}, + } + + def __init__( + self, + **kwargs + ): + super(RecommendationConfigurationProperties, self).__init__(**kwargs) + self.recommendation_type = kwargs['recommendation_type'] + self.name = None + self.status = kwargs.get('status', "Enabled") + + +class RegulatoryComplianceAssessment(Resource): + """Regulatory compliance assessment details and state. + + Variables are only populated by the server, and will be ignored when sending a request. + + :ivar id: Resource Id. + :vartype id: str + :ivar name: Resource name. + :vartype name: str + :ivar type: Resource type. + :vartype type: str + :ivar description: The description of the regulatory compliance assessment. + :vartype description: str + :ivar assessment_type: The expected type of assessment contained in the AssessmentDetailsLink. + :vartype assessment_type: str + :ivar assessment_details_link: Link to more detailed assessment results data. The response type + will be according to the assessmentType field. + :vartype assessment_details_link: str + :param state: Aggregative state based on the assessment's scanned resources states. Possible + values include: "Passed", "Failed", "Skipped", "Unsupported". + :type state: str or ~azure.mgmt.security.models.State + :ivar passed_resources: The given assessment's related resources count with passed state. + :vartype passed_resources: int + :ivar failed_resources: The given assessment's related resources count with failed state. + :vartype failed_resources: int + :ivar skipped_resources: The given assessment's related resources count with skipped state. + :vartype skipped_resources: int + :ivar unsupported_resources: The given assessment's related resources count with unsupported + state. + :vartype unsupported_resources: int + """ + + _validation = { + 'id': {'readonly': True}, + 'name': {'readonly': True}, + 'type': {'readonly': True}, + 'description': {'readonly': True}, + 'assessment_type': {'readonly': True}, + 'assessment_details_link': {'readonly': True}, + 'passed_resources': {'readonly': True}, + 'failed_resources': {'readonly': True}, + 'skipped_resources': {'readonly': True}, + 'unsupported_resources': {'readonly': True}, + } + + _attribute_map = { + 'id': {'key': 'id', 'type': 'str'}, + 'name': {'key': 'name', 'type': 'str'}, + 'type': {'key': 'type', 'type': 'str'}, + 'description': {'key': 'properties.description', 'type': 'str'}, + 'assessment_type': {'key': 'properties.assessmentType', 'type': 'str'}, + 'assessment_details_link': {'key': 'properties.assessmentDetailsLink', 'type': 'str'}, + 'state': {'key': 'properties.state', 'type': 'str'}, + 'passed_resources': {'key': 'properties.passedResources', 'type': 'int'}, + 'failed_resources': {'key': 'properties.failedResources', 'type': 'int'}, + 'skipped_resources': {'key': 'properties.skippedResources', 'type': 'int'}, + 'unsupported_resources': {'key': 'properties.unsupportedResources', 'type': 'int'}, + } + + def __init__( + self, + **kwargs + ): + super(RegulatoryComplianceAssessment, self).__init__(**kwargs) + self.description = None + self.assessment_type = None + self.assessment_details_link = None + self.state = kwargs.get('state', None) + self.passed_resources = None + self.failed_resources = None + self.skipped_resources = None + self.unsupported_resources = None + + +class RegulatoryComplianceAssessmentList(msrest.serialization.Model): + """List of regulatory compliance assessment response. + + Variables are only populated by the server, and will be ignored when sending a request. + + All required parameters must be populated in order to send to Azure. + + :param value: Required. + :type value: list[~azure.mgmt.security.models.RegulatoryComplianceAssessment] + :ivar next_link: The URI to fetch the next page. + :vartype next_link: str + """ + + _validation = { + 'value': {'required': True}, + 'next_link': {'readonly': True}, + } + + _attribute_map = { + 'value': {'key': 'value', 'type': '[RegulatoryComplianceAssessment]'}, + 'next_link': {'key': 'nextLink', 'type': 'str'}, + } + + def __init__( + self, + **kwargs + ): + super(RegulatoryComplianceAssessmentList, self).__init__(**kwargs) + self.value = kwargs['value'] + self.next_link = None + + +class RegulatoryComplianceControl(Resource): + """Regulatory compliance control details and state. + + Variables are only populated by the server, and will be ignored when sending a request. + + :ivar id: Resource Id. + :vartype id: str + :ivar name: Resource name. + :vartype name: str + :ivar type: Resource type. + :vartype type: str + :ivar description: The description of the regulatory compliance control. + :vartype description: str + :param state: Aggregative state based on the control's supported assessments states. Possible + values include: "Passed", "Failed", "Skipped", "Unsupported". + :type state: str or ~azure.mgmt.security.models.State + :ivar passed_assessments: The number of supported regulatory compliance assessments of the + given control with a passed state. + :vartype passed_assessments: int + :ivar failed_assessments: The number of supported regulatory compliance assessments of the + given control with a failed state. + :vartype failed_assessments: int + :ivar skipped_assessments: The number of supported regulatory compliance assessments of the + given control with a skipped state. + :vartype skipped_assessments: int + """ + + _validation = { + 'id': {'readonly': True}, + 'name': {'readonly': True}, + 'type': {'readonly': True}, + 'description': {'readonly': True}, + 'passed_assessments': {'readonly': True}, + 'failed_assessments': {'readonly': True}, + 'skipped_assessments': {'readonly': True}, + } + + _attribute_map = { + 'id': {'key': 'id', 'type': 'str'}, + 'name': {'key': 'name', 'type': 'str'}, + 'type': {'key': 'type', 'type': 'str'}, + 'description': {'key': 'properties.description', 'type': 'str'}, + 'state': {'key': 'properties.state', 'type': 'str'}, + 'passed_assessments': {'key': 'properties.passedAssessments', 'type': 'int'}, + 'failed_assessments': {'key': 'properties.failedAssessments', 'type': 'int'}, + 'skipped_assessments': {'key': 'properties.skippedAssessments', 'type': 'int'}, + } + + def __init__( + self, + **kwargs + ): + super(RegulatoryComplianceControl, self).__init__(**kwargs) + self.description = None + self.state = kwargs.get('state', None) + self.passed_assessments = None + self.failed_assessments = None + self.skipped_assessments = None + + +class RegulatoryComplianceControlList(msrest.serialization.Model): + """List of regulatory compliance controls response. + + Variables are only populated by the server, and will be ignored when sending a request. + + All required parameters must be populated in order to send to Azure. + + :param value: Required. List of regulatory compliance controls. + :type value: list[~azure.mgmt.security.models.RegulatoryComplianceControl] + :ivar next_link: The URI to fetch the next page. + :vartype next_link: str + """ + + _validation = { + 'value': {'required': True}, + 'next_link': {'readonly': True}, + } + + _attribute_map = { + 'value': {'key': 'value', 'type': '[RegulatoryComplianceControl]'}, + 'next_link': {'key': 'nextLink', 'type': 'str'}, + } + + def __init__( + self, + **kwargs + ): + super(RegulatoryComplianceControlList, self).__init__(**kwargs) + self.value = kwargs['value'] + self.next_link = None + + +class RegulatoryComplianceStandard(Resource): + """Regulatory compliance standard details and state. + + Variables are only populated by the server, and will be ignored when sending a request. + + :ivar id: Resource Id. + :vartype id: str + :ivar name: Resource name. + :vartype name: str + :ivar type: Resource type. + :vartype type: str + :param state: Aggregative state based on the standard's supported controls states. Possible + values include: "Passed", "Failed", "Skipped", "Unsupported". + :type state: str or ~azure.mgmt.security.models.State + :ivar passed_controls: The number of supported regulatory compliance controls of the given + standard with a passed state. + :vartype passed_controls: int + :ivar failed_controls: The number of supported regulatory compliance controls of the given + standard with a failed state. + :vartype failed_controls: int + :ivar skipped_controls: The number of supported regulatory compliance controls of the given + standard with a skipped state. + :vartype skipped_controls: int + :ivar unsupported_controls: The number of regulatory compliance controls of the given standard + which are unsupported by automated assessments. + :vartype unsupported_controls: int + """ + + _validation = { + 'id': {'readonly': True}, + 'name': {'readonly': True}, + 'type': {'readonly': True}, + 'passed_controls': {'readonly': True}, + 'failed_controls': {'readonly': True}, + 'skipped_controls': {'readonly': True}, + 'unsupported_controls': {'readonly': True}, + } + + _attribute_map = { + 'id': {'key': 'id', 'type': 'str'}, + 'name': {'key': 'name', 'type': 'str'}, + 'type': {'key': 'type', 'type': 'str'}, + 'state': {'key': 'properties.state', 'type': 'str'}, + 'passed_controls': {'key': 'properties.passedControls', 'type': 'int'}, + 'failed_controls': {'key': 'properties.failedControls', 'type': 'int'}, + 'skipped_controls': {'key': 'properties.skippedControls', 'type': 'int'}, + 'unsupported_controls': {'key': 'properties.unsupportedControls', 'type': 'int'}, + } + + def __init__( + self, + **kwargs + ): + super(RegulatoryComplianceStandard, self).__init__(**kwargs) + self.state = kwargs.get('state', None) + self.passed_controls = None + self.failed_controls = None + self.skipped_controls = None + self.unsupported_controls = None + + +class RegulatoryComplianceStandardList(msrest.serialization.Model): + """List of regulatory compliance standards response. + + Variables are only populated by the server, and will be ignored when sending a request. + + All required parameters must be populated in order to send to Azure. + + :param value: Required. + :type value: list[~azure.mgmt.security.models.RegulatoryComplianceStandard] + :ivar next_link: The URI to fetch the next page. + :vartype next_link: str + """ + + _validation = { + 'value': {'required': True}, + 'next_link': {'readonly': True}, + } + + _attribute_map = { + 'value': {'key': 'value', 'type': '[RegulatoryComplianceStandard]'}, + 'next_link': {'key': 'nextLink', 'type': 'str'}, + } + + def __init__( + self, + **kwargs + ): + super(RegulatoryComplianceStandardList, self).__init__(**kwargs) + self.value = kwargs['value'] + self.next_link = None + + +class Remediation(msrest.serialization.Model): + """Remediation details. + + :param description: Remediation description. + :type description: str + :param scripts: Remediation script. + :type scripts: list[str] + :param automated: Is remediation automated. + :type automated: bool + :param portal_link: Optional link to remediate in Azure Portal. + :type portal_link: str + """ + + _attribute_map = { + 'description': {'key': 'description', 'type': 'str'}, + 'scripts': {'key': 'scripts', 'type': '[str]'}, + 'automated': {'key': 'automated', 'type': 'bool'}, + 'portal_link': {'key': 'portalLink', 'type': 'str'}, + } + + def __init__( + self, + **kwargs + ): + super(Remediation, self).__init__(**kwargs) + self.description = kwargs.get('description', None) + self.scripts = kwargs.get('scripts', None) + self.automated = kwargs.get('automated', None) + self.portal_link = kwargs.get('portal_link', None) + + +class Rule(msrest.serialization.Model): + """Describes remote addresses that is recommended to communicate with the Azure resource on some (Protocol, Port, Direction). All other remote addresses are recommended to be blocked. + + :param name: The name of the rule. + :type name: str + :param direction: The rule's direction. Possible values include: "Inbound", "Outbound". + :type direction: str or ~azure.mgmt.security.models.Direction + :param destination_port: The rule's destination port. + :type destination_port: int + :param protocols: The rule's transport protocols. + :type protocols: list[str or ~azure.mgmt.security.models.TransportProtocol] + :param ip_addresses: The remote IP addresses that should be able to communicate with the Azure + resource on the rule's destination port and protocol. + :type ip_addresses: list[str] + """ + + _validation = { + 'destination_port': {'maximum': 65535, 'minimum': 0}, + } + + _attribute_map = { + 'name': {'key': 'name', 'type': 'str'}, + 'direction': {'key': 'direction', 'type': 'str'}, + 'destination_port': {'key': 'destinationPort', 'type': 'int'}, + 'protocols': {'key': 'protocols', 'type': '[str]'}, + 'ip_addresses': {'key': 'ipAddresses', 'type': '[str]'}, + } + + def __init__( + self, + **kwargs + ): + super(Rule, self).__init__(**kwargs) + self.name = kwargs.get('name', None) + self.direction = kwargs.get('direction', None) + self.destination_port = kwargs.get('destination_port', None) + self.protocols = kwargs.get('protocols', None) + self.ip_addresses = kwargs.get('ip_addresses', None) + + +class RuleResults(Resource): + """Rule results. + + Variables are only populated by the server, and will be ignored when sending a request. + + :ivar id: Resource Id. + :vartype id: str + :ivar name: Resource name. + :vartype name: str + :ivar type: Resource type. + :vartype type: str + :param properties: Rule results properties. + :type properties: ~azure.mgmt.security.models.RuleResultsProperties + """ + + _validation = { + 'id': {'readonly': True}, + 'name': {'readonly': True}, + 'type': {'readonly': True}, + } + + _attribute_map = { + 'id': {'key': 'id', 'type': 'str'}, + 'name': {'key': 'name', 'type': 'str'}, + 'type': {'key': 'type', 'type': 'str'}, + 'properties': {'key': 'properties', 'type': 'RuleResultsProperties'}, + } + + def __init__( + self, + **kwargs + ): + super(RuleResults, self).__init__(**kwargs) + self.properties = kwargs.get('properties', None) + + +class RuleResultsInput(msrest.serialization.Model): + """Rule results input. + + :param latest_scan: Take results from latest scan. + :type latest_scan: bool + :param results: Expected results to be inserted into the baseline. + Leave this field empty it LatestScan == true. + :type results: list[list[str]] + """ + + _attribute_map = { + 'latest_scan': {'key': 'latestScan', 'type': 'bool'}, + 'results': {'key': 'results', 'type': '[[str]]'}, + } + + def __init__( + self, + **kwargs + ): + super(RuleResultsInput, self).__init__(**kwargs) + self.latest_scan = kwargs.get('latest_scan', None) + self.results = kwargs.get('results', None) + + +class RuleResultsProperties(msrest.serialization.Model): + """Rule results properties. + + :param results: Expected results in the baseline. + :type results: list[list[str]] + """ + + _attribute_map = { + 'results': {'key': 'results', 'type': '[[str]]'}, + } + + def __init__( + self, + **kwargs + ): + super(RuleResultsProperties, self).__init__(**kwargs) + self.results = kwargs.get('results', None) + + +class RulesResults(msrest.serialization.Model): + """A list of rules results. + + :param value: List of rule results. + :type value: list[~azure.mgmt.security.models.RuleResults] + """ + + _attribute_map = { + 'value': {'key': 'value', 'type': '[RuleResults]'}, + } + + def __init__( + self, + **kwargs + ): + super(RulesResults, self).__init__(**kwargs) + self.value = kwargs.get('value', None) + + +class RulesResultsInput(msrest.serialization.Model): + """Rules results input. + + :param latest_scan: Take results from latest scan. + :type latest_scan: bool + :param results: Expected results to be inserted into the baseline. + Leave this field empty it LatestScan == true. + :type results: dict[str, list[list[str]]] + """ + + _attribute_map = { + 'latest_scan': {'key': 'latestScan', 'type': 'bool'}, + 'results': {'key': 'results', 'type': '{[[str]]}'}, + } + + def __init__( + self, + **kwargs + ): + super(RulesResultsInput, self).__init__(**kwargs) + self.latest_scan = kwargs.get('latest_scan', None) + self.results = kwargs.get('results', None) + + +class Scan(Resource): + """A vulnerability assessment scan record. + + Variables are only populated by the server, and will be ignored when sending a request. + + :ivar id: Resource Id. + :vartype id: str + :ivar name: Resource name. + :vartype name: str + :ivar type: Resource type. + :vartype type: str + :param properties: A vulnerability assessment scan record properties. + :type properties: ~azure.mgmt.security.models.ScanProperties + """ + + _validation = { + 'id': {'readonly': True}, + 'name': {'readonly': True}, + 'type': {'readonly': True}, + } + + _attribute_map = { + 'id': {'key': 'id', 'type': 'str'}, + 'name': {'key': 'name', 'type': 'str'}, + 'type': {'key': 'type', 'type': 'str'}, 'properties': {'key': 'properties', 'type': 'ScanProperties'}, } @@ -7150,84 +7863,479 @@ def __init__( self, **kwargs ): - super(Scan, self).__init__(**kwargs) - self.properties = kwargs.get('properties', None) + super(Scan, self).__init__(**kwargs) + self.properties = kwargs.get('properties', None) + + +class ScanProperties(msrest.serialization.Model): + """A vulnerability assessment scan record properties. + + :param trigger_type: The scan trigger type. Possible values include: "OnDemand", "Recurring". + :type trigger_type: str or ~azure.mgmt.security.models.ScanTriggerType + :param state: The scan status. Possible values include: "Failed", "FailedToRun", "InProgress", + "Passed". + :type state: str or ~azure.mgmt.security.models.ScanState + :param server: The server name. + :type server: str + :param database: The database name. + :type database: str + :param sql_version: The SQL version. + :type sql_version: str + :param start_time: The scan start time (UTC). + :type start_time: ~datetime.datetime + :param end_time: Scan results are valid until end time (UTC). + :type end_time: ~datetime.datetime + :param high_severity_failed_rules_count: The number of failed rules with high severity. + :type high_severity_failed_rules_count: int + :param medium_severity_failed_rules_count: The number of failed rules with medium severity. + :type medium_severity_failed_rules_count: int + :param low_severity_failed_rules_count: The number of failed rules with low severity. + :type low_severity_failed_rules_count: int + :param total_passed_rules_count: The number of total passed rules. + :type total_passed_rules_count: int + :param total_failed_rules_count: The number of total failed rules. + :type total_failed_rules_count: int + :param total_rules_count: The number of total rules assessed. + :type total_rules_count: int + :param is_baseline_applied: Baseline created for this database, and has one or more rules. + :type is_baseline_applied: bool + """ + + _attribute_map = { + 'trigger_type': {'key': 'triggerType', 'type': 'str'}, + 'state': {'key': 'state', 'type': 'str'}, + 'server': {'key': 'server', 'type': 'str'}, + 'database': {'key': 'database', 'type': 'str'}, + 'sql_version': {'key': 'sqlVersion', 'type': 'str'}, + 'start_time': {'key': 'startTime', 'type': 'iso-8601'}, + 'end_time': {'key': 'endTime', 'type': 'iso-8601'}, + 'high_severity_failed_rules_count': {'key': 'highSeverityFailedRulesCount', 'type': 'int'}, + 'medium_severity_failed_rules_count': {'key': 'mediumSeverityFailedRulesCount', 'type': 'int'}, + 'low_severity_failed_rules_count': {'key': 'lowSeverityFailedRulesCount', 'type': 'int'}, + 'total_passed_rules_count': {'key': 'totalPassedRulesCount', 'type': 'int'}, + 'total_failed_rules_count': {'key': 'totalFailedRulesCount', 'type': 'int'}, + 'total_rules_count': {'key': 'totalRulesCount', 'type': 'int'}, + 'is_baseline_applied': {'key': 'isBaselineApplied', 'type': 'bool'}, + } + + def __init__( + self, + **kwargs + ): + super(ScanProperties, self).__init__(**kwargs) + self.trigger_type = kwargs.get('trigger_type', None) + self.state = kwargs.get('state', None) + self.server = kwargs.get('server', None) + self.database = kwargs.get('database', None) + self.sql_version = kwargs.get('sql_version', None) + self.start_time = kwargs.get('start_time', None) + self.end_time = kwargs.get('end_time', None) + self.high_severity_failed_rules_count = kwargs.get('high_severity_failed_rules_count', None) + self.medium_severity_failed_rules_count = kwargs.get('medium_severity_failed_rules_count', None) + self.low_severity_failed_rules_count = kwargs.get('low_severity_failed_rules_count', None) + self.total_passed_rules_count = kwargs.get('total_passed_rules_count', None) + self.total_failed_rules_count = kwargs.get('total_failed_rules_count', None) + self.total_rules_count = kwargs.get('total_rules_count', None) + self.is_baseline_applied = kwargs.get('is_baseline_applied', None) + + +class ScanResult(Resource): + """A vulnerability assessment scan result for a single rule. + + Variables are only populated by the server, and will be ignored when sending a request. + + :ivar id: Resource Id. + :vartype id: str + :ivar name: Resource name. + :vartype name: str + :ivar type: Resource type. + :vartype type: str + :param properties: A vulnerability assessment scan result properties for a single rule. + :type properties: ~azure.mgmt.security.models.ScanResultProperties + """ + + _validation = { + 'id': {'readonly': True}, + 'name': {'readonly': True}, + 'type': {'readonly': True}, + } + + _attribute_map = { + 'id': {'key': 'id', 'type': 'str'}, + 'name': {'key': 'name', 'type': 'str'}, + 'type': {'key': 'type', 'type': 'str'}, + 'properties': {'key': 'properties', 'type': 'ScanResultProperties'}, + } + + def __init__( + self, + **kwargs + ): + super(ScanResult, self).__init__(**kwargs) + self.properties = kwargs.get('properties', None) + + +class ScanResultProperties(msrest.serialization.Model): + """A vulnerability assessment scan result properties for a single rule. + + :param rule_id: The rule Id. + :type rule_id: str + :param status: The rule result status. Possible values include: "NonFinding", "Finding", + "InternalError". + :type status: str or ~azure.mgmt.security.models.RuleStatus + :param is_trimmed: Indicated whether the results specified here are trimmed. + :type is_trimmed: bool + :param query_results: The results of the query that was run. + :type query_results: list[list[str]] + :param remediation: Remediation details. + :type remediation: ~azure.mgmt.security.models.Remediation + :param baseline_adjusted_result: The rule result adjusted with baseline. + :type baseline_adjusted_result: ~azure.mgmt.security.models.BaselineAdjustedResult + :param rule_metadata: vulnerability assessment rule metadata details. + :type rule_metadata: ~azure.mgmt.security.models.VaRule + """ + + _attribute_map = { + 'rule_id': {'key': 'ruleId', 'type': 'str'}, + 'status': {'key': 'status', 'type': 'str'}, + 'is_trimmed': {'key': 'isTrimmed', 'type': 'bool'}, + 'query_results': {'key': 'queryResults', 'type': '[[str]]'}, + 'remediation': {'key': 'remediation', 'type': 'Remediation'}, + 'baseline_adjusted_result': {'key': 'baselineAdjustedResult', 'type': 'BaselineAdjustedResult'}, + 'rule_metadata': {'key': 'ruleMetadata', 'type': 'VaRule'}, + } + + def __init__( + self, + **kwargs + ): + super(ScanResultProperties, self).__init__(**kwargs) + self.rule_id = kwargs.get('rule_id', None) + self.status = kwargs.get('status', None) + self.is_trimmed = kwargs.get('is_trimmed', None) + self.query_results = kwargs.get('query_results', None) + self.remediation = kwargs.get('remediation', None) + self.baseline_adjusted_result = kwargs.get('baseline_adjusted_result', None) + self.rule_metadata = kwargs.get('rule_metadata', None) + + +class ScanResults(msrest.serialization.Model): + """A list of vulnerability assessment scan results. + + :param value: List of vulnerability assessment scan results. + :type value: list[~azure.mgmt.security.models.ScanResult] + """ + + _attribute_map = { + 'value': {'key': 'value', 'type': '[ScanResult]'}, + } + + def __init__( + self, + **kwargs + ): + super(ScanResults, self).__init__(**kwargs) + self.value = kwargs.get('value', None) + + +class Scans(msrest.serialization.Model): + """A list of vulnerability assessment scan records. + + :param value: List of vulnerability assessment scan records. + :type value: list[~azure.mgmt.security.models.Scan] + """ + + _attribute_map = { + 'value': {'key': 'value', 'type': '[Scan]'}, + } + + def __init__( + self, + **kwargs + ): + super(Scans, self).__init__(**kwargs) + self.value = kwargs.get('value', None) + + +class ScopeElement(msrest.serialization.Model): + """A more specific scope used to identify the alerts to suppress. + + :param additional_properties: Unmatched properties from the message are deserialized to this + collection. + :type additional_properties: dict[str, any] + :param field: The alert entity type to suppress by. + :type field: str + """ + + _attribute_map = { + 'additional_properties': {'key': '', 'type': '{object}'}, + 'field': {'key': 'field', 'type': 'str'}, + } + + def __init__( + self, + **kwargs + ): + super(ScopeElement, self).__init__(**kwargs) + self.additional_properties = kwargs.get('additional_properties', None) + self.field = kwargs.get('field', None) + + +class SecureScoreControlDefinitionItem(Resource): + """Information about the security control. + + Variables are only populated by the server, and will be ignored when sending a request. + + :ivar id: Resource Id. + :vartype id: str + :ivar name: Resource name. + :vartype name: str + :ivar type: Resource type. + :vartype type: str + :ivar display_name: User friendly display name of the control. + :vartype display_name: str + :ivar description: User friendly description of the control. + :vartype description: str + :ivar max_score: Maximum control score (0..10). + :vartype max_score: int + :ivar source: Source object from which the control was created. + :vartype source: ~azure.mgmt.security.models.SecureScoreControlDefinitionSource + :ivar assessment_definitions: Array of assessments metadata IDs that are included in this + security control. + :vartype assessment_definitions: list[~azure.mgmt.security.models.AzureResourceLink] + """ + + _validation = { + 'id': {'readonly': True}, + 'name': {'readonly': True}, + 'type': {'readonly': True}, + 'display_name': {'readonly': True}, + 'description': {'readonly': True, 'max_length': 256, 'min_length': 0}, + 'max_score': {'readonly': True, 'maximum': 10, 'minimum': 0}, + 'source': {'readonly': True}, + 'assessment_definitions': {'readonly': True}, + } + + _attribute_map = { + 'id': {'key': 'id', 'type': 'str'}, + 'name': {'key': 'name', 'type': 'str'}, + 'type': {'key': 'type', 'type': 'str'}, + 'display_name': {'key': 'properties.displayName', 'type': 'str'}, + 'description': {'key': 'properties.description', 'type': 'str'}, + 'max_score': {'key': 'properties.maxScore', 'type': 'int'}, + 'source': {'key': 'properties.source', 'type': 'SecureScoreControlDefinitionSource'}, + 'assessment_definitions': {'key': 'properties.assessmentDefinitions', 'type': '[AzureResourceLink]'}, + } + + def __init__( + self, + **kwargs + ): + super(SecureScoreControlDefinitionItem, self).__init__(**kwargs) + self.display_name = None + self.description = None + self.max_score = None + self.source = None + self.assessment_definitions = None -class ScanProperties(msrest.serialization.Model): - """A vulnerability assessment scan record properties. +class SecureScoreControlDefinitionList(msrest.serialization.Model): + """List of security controls definition. - :param trigger_type: The scan trigger type. Possible values include: "OnDemand", "Recurring". - :type trigger_type: str or ~azure.mgmt.security.models.ScanTriggerType - :param state: The scan status. Possible values include: "Failed", "FailedToRun", "InProgress", - "Passed". - :type state: str or ~azure.mgmt.security.models.ScanState - :param server: The server name. - :type server: str - :param database: The database name. - :type database: str - :param sql_version: The SQL version. - :type sql_version: str - :param start_time: The scan start time (UTC). - :type start_time: ~datetime.datetime - :param end_time: Scan results are valid until end time (UTC). - :type end_time: ~datetime.datetime - :param high_severity_failed_rules_count: The number of failed rules with high severity. - :type high_severity_failed_rules_count: int - :param medium_severity_failed_rules_count: The number of failed rules with medium severity. - :type medium_severity_failed_rules_count: int - :param low_severity_failed_rules_count: The number of failed rules with low severity. - :type low_severity_failed_rules_count: int - :param total_passed_rules_count: The number of total passed rules. - :type total_passed_rules_count: int - :param total_failed_rules_count: The number of total failed rules. - :type total_failed_rules_count: int - :param total_rules_count: The number of total rules assessed. - :type total_rules_count: int - :param is_baseline_applied: Baseline created for this database, and has one or more rules. - :type is_baseline_applied: bool + Variables are only populated by the server, and will be ignored when sending a request. + + :ivar value: Collection of security controls definition in this page. + :vartype value: list[~azure.mgmt.security.models.SecureScoreControlDefinitionItem] + :ivar next_link: The URI to fetch the next page. + :vartype next_link: str """ + _validation = { + 'value': {'readonly': True}, + 'next_link': {'readonly': True}, + } + _attribute_map = { - 'trigger_type': {'key': 'triggerType', 'type': 'str'}, - 'state': {'key': 'state', 'type': 'str'}, - 'server': {'key': 'server', 'type': 'str'}, - 'database': {'key': 'database', 'type': 'str'}, - 'sql_version': {'key': 'sqlVersion', 'type': 'str'}, - 'start_time': {'key': 'startTime', 'type': 'iso-8601'}, - 'end_time': {'key': 'endTime', 'type': 'iso-8601'}, - 'high_severity_failed_rules_count': {'key': 'highSeverityFailedRulesCount', 'type': 'int'}, - 'medium_severity_failed_rules_count': {'key': 'mediumSeverityFailedRulesCount', 'type': 'int'}, - 'low_severity_failed_rules_count': {'key': 'lowSeverityFailedRulesCount', 'type': 'int'}, - 'total_passed_rules_count': {'key': 'totalPassedRulesCount', 'type': 'int'}, - 'total_failed_rules_count': {'key': 'totalFailedRulesCount', 'type': 'int'}, - 'total_rules_count': {'key': 'totalRulesCount', 'type': 'int'}, - 'is_baseline_applied': {'key': 'isBaselineApplied', 'type': 'bool'}, + 'value': {'key': 'value', 'type': '[SecureScoreControlDefinitionItem]'}, + 'next_link': {'key': 'nextLink', 'type': 'str'}, + } + + def __init__( + self, + **kwargs + ): + super(SecureScoreControlDefinitionList, self).__init__(**kwargs) + self.value = None + self.next_link = None + + +class SecureScoreControlDefinitionSource(msrest.serialization.Model): + """The type of the security control (For example, BuiltIn). + + :param source_type: The type of security control (for example, BuiltIn). Possible values + include: "BuiltIn", "Custom". + :type source_type: str or ~azure.mgmt.security.models.ControlType + """ + + _attribute_map = { + 'source_type': {'key': 'sourceType', 'type': 'str'}, + } + + def __init__( + self, + **kwargs + ): + super(SecureScoreControlDefinitionSource, self).__init__(**kwargs) + self.source_type = kwargs.get('source_type', None) + + +class SecureScoreControlDetails(Resource): + """Details of the security control, its score, and the health status of the relevant resources. + + Variables are only populated by the server, and will be ignored when sending a request. + + :ivar id: Resource Id. + :vartype id: str + :ivar name: Resource name. + :vartype name: str + :ivar type: Resource type. + :vartype type: str + :ivar display_name: User friendly display name of the control. + :vartype display_name: str + :ivar healthy_resource_count: Number of healthy resources in the control. + :vartype healthy_resource_count: int + :ivar unhealthy_resource_count: Number of unhealthy resources in the control. + :vartype unhealthy_resource_count: int + :ivar not_applicable_resource_count: Number of not applicable resources in the control. + :vartype not_applicable_resource_count: int + :ivar weight: The relative weight for this specific control in each of your subscriptions. Used + when calculating an aggregated score for this control across all of your subscriptions. + :vartype weight: long + :param definition: Information about the security control. + :type definition: ~azure.mgmt.security.models.SecureScoreControlDefinitionItem + :ivar max: Maximum score available. + :vartype max: int + :ivar current: Current score. + :vartype current: float + :ivar percentage: Ratio of the current score divided by the maximum. Rounded to 4 digits after + the decimal point. + :vartype percentage: float + """ + + _validation = { + 'id': {'readonly': True}, + 'name': {'readonly': True}, + 'type': {'readonly': True}, + 'display_name': {'readonly': True}, + 'healthy_resource_count': {'readonly': True}, + 'unhealthy_resource_count': {'readonly': True}, + 'not_applicable_resource_count': {'readonly': True}, + 'weight': {'readonly': True, 'minimum': 0}, + 'max': {'readonly': True, 'minimum': 0}, + 'current': {'readonly': True, 'minimum': 0}, + 'percentage': {'readonly': True, 'maximum': 1, 'minimum': 0}, + } + + _attribute_map = { + 'id': {'key': 'id', 'type': 'str'}, + 'name': {'key': 'name', 'type': 'str'}, + 'type': {'key': 'type', 'type': 'str'}, + 'display_name': {'key': 'properties.displayName', 'type': 'str'}, + 'healthy_resource_count': {'key': 'properties.healthyResourceCount', 'type': 'int'}, + 'unhealthy_resource_count': {'key': 'properties.unhealthyResourceCount', 'type': 'int'}, + 'not_applicable_resource_count': {'key': 'properties.notApplicableResourceCount', 'type': 'int'}, + 'weight': {'key': 'properties.weight', 'type': 'long'}, + 'definition': {'key': 'properties.definition', 'type': 'SecureScoreControlDefinitionItem'}, + 'max': {'key': 'properties.score.max', 'type': 'int'}, + 'current': {'key': 'properties.score.current', 'type': 'float'}, + 'percentage': {'key': 'properties.score.percentage', 'type': 'float'}, + } + + def __init__( + self, + **kwargs + ): + super(SecureScoreControlDetails, self).__init__(**kwargs) + self.display_name = None + self.healthy_resource_count = None + self.unhealthy_resource_count = None + self.not_applicable_resource_count = None + self.weight = None + self.definition = kwargs.get('definition', None) + self.max = None + self.current = None + self.percentage = None + + +class SecureScoreControlList(msrest.serialization.Model): + """List of security controls. + + Variables are only populated by the server, and will be ignored when sending a request. + + :ivar value: Collection of security controls in this page. + :vartype value: list[~azure.mgmt.security.models.SecureScoreControlDetails] + :ivar next_link: The URI to fetch the next page. + :vartype next_link: str + """ + + _validation = { + 'value': {'readonly': True}, + 'next_link': {'readonly': True}, + } + + _attribute_map = { + 'value': {'key': 'value', 'type': '[SecureScoreControlDetails]'}, + 'next_link': {'key': 'nextLink', 'type': 'str'}, + } + + def __init__( + self, + **kwargs + ): + super(SecureScoreControlList, self).__init__(**kwargs) + self.value = None + self.next_link = None + + +class SecureScoreControlScore(msrest.serialization.Model): + """Calculation result data. + + Variables are only populated by the server, and will be ignored when sending a request. + + :ivar max: Maximum control score (0..10). + :vartype max: int + :ivar current: Actual score for the control = (achieved points / total points) * max score. if + total points is zeroed, the return number is 0.00. + :vartype current: float + :ivar percentage: Ratio of the current score divided by the maximum. Rounded to 4 digits after + the decimal point. + :vartype percentage: float + """ + + _validation = { + 'max': {'readonly': True, 'maximum': 10, 'minimum': 0}, + 'current': {'readonly': True, 'maximum': 10, 'minimum': 0}, + 'percentage': {'readonly': True, 'maximum': 1, 'minimum': 0}, + } + + _attribute_map = { + 'max': {'key': 'max', 'type': 'int'}, + 'current': {'key': 'current', 'type': 'float'}, + 'percentage': {'key': 'percentage', 'type': 'float'}, } def __init__( self, **kwargs ): - super(ScanProperties, self).__init__(**kwargs) - self.trigger_type = kwargs.get('trigger_type', None) - self.state = kwargs.get('state', None) - self.server = kwargs.get('server', None) - self.database = kwargs.get('database', None) - self.sql_version = kwargs.get('sql_version', None) - self.start_time = kwargs.get('start_time', None) - self.end_time = kwargs.get('end_time', None) - self.high_severity_failed_rules_count = kwargs.get('high_severity_failed_rules_count', None) - self.medium_severity_failed_rules_count = kwargs.get('medium_severity_failed_rules_count', None) - self.low_severity_failed_rules_count = kwargs.get('low_severity_failed_rules_count', None) - self.total_passed_rules_count = kwargs.get('total_passed_rules_count', None) - self.total_failed_rules_count = kwargs.get('total_failed_rules_count', None) - self.total_rules_count = kwargs.get('total_rules_count', None) - self.is_baseline_applied = kwargs.get('is_baseline_applied', None) + super(SecureScoreControlScore, self).__init__(**kwargs) + self.max = None + self.current = None + self.percentage = None -class ScanResult(Resource): - """A vulnerability assessment scan result for a single rule. +class SecureScoreItem(Resource): + """Secure score item data model. Variables are only populated by the server, and will be ignored when sending a request. @@ -7237,139 +8345,178 @@ class ScanResult(Resource): :vartype name: str :ivar type: Resource type. :vartype type: str - :param properties: A vulnerability assessment scan result properties for a single rule. - :type properties: ~azure.mgmt.security.models.ScanResultProperties + :ivar display_name: The initiative’s name. + :vartype display_name: str + :ivar weight: The relative weight for each subscription. Used when calculating an aggregated + secure score for multiple subscriptions. + :vartype weight: long + :ivar max: Maximum score available. + :vartype max: int + :ivar current: Current score. + :vartype current: float + :ivar percentage: Ratio of the current score divided by the maximum. Rounded to 4 digits after + the decimal point. + :vartype percentage: float """ _validation = { 'id': {'readonly': True}, 'name': {'readonly': True}, 'type': {'readonly': True}, + 'display_name': {'readonly': True}, + 'weight': {'readonly': True, 'minimum': 0}, + 'max': {'readonly': True, 'minimum': 0}, + 'current': {'readonly': True, 'minimum': 0}, + 'percentage': {'readonly': True, 'maximum': 1, 'minimum': 0}, } _attribute_map = { 'id': {'key': 'id', 'type': 'str'}, 'name': {'key': 'name', 'type': 'str'}, 'type': {'key': 'type', 'type': 'str'}, - 'properties': {'key': 'properties', 'type': 'ScanResultProperties'}, + 'display_name': {'key': 'properties.displayName', 'type': 'str'}, + 'weight': {'key': 'properties.weight', 'type': 'long'}, + 'max': {'key': 'properties.score.max', 'type': 'int'}, + 'current': {'key': 'properties.score.current', 'type': 'float'}, + 'percentage': {'key': 'properties.score.percentage', 'type': 'float'}, } def __init__( self, **kwargs ): - super(ScanResult, self).__init__(**kwargs) - self.properties = kwargs.get('properties', None) + super(SecureScoreItem, self).__init__(**kwargs) + self.display_name = None + self.weight = None + self.max = None + self.current = None + self.percentage = None -class ScanResultProperties(msrest.serialization.Model): - """A vulnerability assessment scan result properties for a single rule. +class SecureScoresList(msrest.serialization.Model): + """List of secure scores. - :param rule_id: The rule Id. - :type rule_id: str - :param status: The rule result status. Possible values include: "NonFinding", "Finding", - "InternalError". - :type status: str or ~azure.mgmt.security.models.RuleStatus - :param is_trimmed: Indicated whether the results specified here are trimmed. - :type is_trimmed: bool - :param query_results: The results of the query that was run. - :type query_results: list[list[str]] - :param remediation: Remediation details. - :type remediation: ~azure.mgmt.security.models.Remediation - :param baseline_adjusted_result: The rule result adjusted with baseline. - :type baseline_adjusted_result: ~azure.mgmt.security.models.BaselineAdjustedResult - :param rule_metadata: vulnerability assessment rule metadata details. - :type rule_metadata: ~azure.mgmt.security.models.VaRule + Variables are only populated by the server, and will be ignored when sending a request. + + :ivar value: Collection of secure scores in this page. + :vartype value: list[~azure.mgmt.security.models.SecureScoreItem] + :ivar next_link: The URI to fetch the next page. + :vartype next_link: str """ - _attribute_map = { - 'rule_id': {'key': 'ruleId', 'type': 'str'}, - 'status': {'key': 'status', 'type': 'str'}, - 'is_trimmed': {'key': 'isTrimmed', 'type': 'bool'}, - 'query_results': {'key': 'queryResults', 'type': '[[str]]'}, - 'remediation': {'key': 'remediation', 'type': 'Remediation'}, - 'baseline_adjusted_result': {'key': 'baselineAdjustedResult', 'type': 'BaselineAdjustedResult'}, - 'rule_metadata': {'key': 'ruleMetadata', 'type': 'VaRule'}, + _validation = { + 'value': {'readonly': True}, + 'next_link': {'readonly': True}, } - def __init__( - self, - **kwargs - ): - super(ScanResultProperties, self).__init__(**kwargs) - self.rule_id = kwargs.get('rule_id', None) - self.status = kwargs.get('status', None) - self.is_trimmed = kwargs.get('is_trimmed', None) - self.query_results = kwargs.get('query_results', None) - self.remediation = kwargs.get('remediation', None) - self.baseline_adjusted_result = kwargs.get('baseline_adjusted_result', None) - self.rule_metadata = kwargs.get('rule_metadata', None) - - -class ScanResults(msrest.serialization.Model): - """A list of vulnerability assessment scan results. - - :param value: List of vulnerability assessment scan results. - :type value: list[~azure.mgmt.security.models.ScanResult] - """ - _attribute_map = { - 'value': {'key': 'value', 'type': '[ScanResult]'}, + 'value': {'key': 'value', 'type': '[SecureScoreItem]'}, + 'next_link': {'key': 'nextLink', 'type': 'str'}, } def __init__( self, **kwargs ): - super(ScanResults, self).__init__(**kwargs) - self.value = kwargs.get('value', None) + super(SecureScoresList, self).__init__(**kwargs) + self.value = None + self.next_link = None -class Scans(msrest.serialization.Model): - """A list of vulnerability assessment scan records. +class SecurityAssessment(Resource): + """Security assessment on a resource. - :param value: List of vulnerability assessment scan records. - :type value: list[~azure.mgmt.security.models.Scan] + Variables are only populated by the server, and will be ignored when sending a request. + + :ivar id: Resource Id. + :vartype id: str + :ivar name: Resource name. + :vartype name: str + :ivar type: Resource type. + :vartype type: str + :param resource_details: Details of the resource that was assessed. + :type resource_details: ~azure.mgmt.security.models.ResourceDetails + :ivar display_name: User friendly display name of the assessment. + :vartype display_name: str + :param additional_data: Additional data regarding the assessment. + :type additional_data: dict[str, str] + :ivar links: Links relevant to the assessment. + :vartype links: ~azure.mgmt.security.models.AssessmentLinks + :param metadata: Describes properties of an assessment metadata. + :type metadata: ~azure.mgmt.security.models.SecurityAssessmentMetadataProperties + :param partners_data: Data regarding 3rd party partner integration. + :type partners_data: ~azure.mgmt.security.models.SecurityAssessmentPartnerData + :param status: The result of the assessment. + :type status: ~azure.mgmt.security.models.AssessmentStatus """ + _validation = { + 'id': {'readonly': True}, + 'name': {'readonly': True}, + 'type': {'readonly': True}, + 'display_name': {'readonly': True}, + 'links': {'readonly': True}, + } + _attribute_map = { - 'value': {'key': 'value', 'type': '[Scan]'}, + 'id': {'key': 'id', 'type': 'str'}, + 'name': {'key': 'name', 'type': 'str'}, + 'type': {'key': 'type', 'type': 'str'}, + 'resource_details': {'key': 'properties.resourceDetails', 'type': 'ResourceDetails'}, + 'display_name': {'key': 'properties.displayName', 'type': 'str'}, + 'additional_data': {'key': 'properties.additionalData', 'type': '{str}'}, + 'links': {'key': 'properties.links', 'type': 'AssessmentLinks'}, + 'metadata': {'key': 'properties.metadata', 'type': 'SecurityAssessmentMetadataProperties'}, + 'partners_data': {'key': 'properties.partnersData', 'type': 'SecurityAssessmentPartnerData'}, + 'status': {'key': 'properties.status', 'type': 'AssessmentStatus'}, } def __init__( self, **kwargs ): - super(Scans, self).__init__(**kwargs) - self.value = kwargs.get('value', None) + super(SecurityAssessment, self).__init__(**kwargs) + self.resource_details = kwargs.get('resource_details', None) + self.display_name = None + self.additional_data = kwargs.get('additional_data', None) + self.links = None + self.metadata = kwargs.get('metadata', None) + self.partners_data = kwargs.get('partners_data', None) + self.status = kwargs.get('status', None) -class ScopeElement(msrest.serialization.Model): - """A more specific scope used to identify the alerts to suppress. +class SecurityAssessmentList(msrest.serialization.Model): + """Page of a security assessments list. - :param additional_properties: Unmatched properties from the message are deserialized to this - collection. - :type additional_properties: dict[str, any] - :param field: The alert entity type to suppress by. - :type field: str + Variables are only populated by the server, and will be ignored when sending a request. + + :ivar value: Collection of security assessments in this page. + :vartype value: list[~azure.mgmt.security.models.SecurityAssessmentResponse] + :ivar next_link: The URI to fetch the next page. + :vartype next_link: str """ + _validation = { + 'value': {'readonly': True}, + 'next_link': {'readonly': True}, + } + _attribute_map = { - 'additional_properties': {'key': '', 'type': '{object}'}, - 'field': {'key': 'field', 'type': 'str'}, + 'value': {'key': 'value', 'type': '[SecurityAssessmentResponse]'}, + 'next_link': {'key': 'nextLink', 'type': 'str'}, } def __init__( self, **kwargs ): - super(ScopeElement, self).__init__(**kwargs) - self.additional_properties = kwargs.get('additional_properties', None) - self.field = kwargs.get('field', None) + super(SecurityAssessmentList, self).__init__(**kwargs) + self.value = None + self.next_link = None -class SecureScoreControlDefinitionItem(Resource): - """Information about the security control. +class SecurityAssessmentMetadata(Resource): + """Security assessment metadata. Variables are only populated by the server, and will be ignored when sending a request. @@ -7379,28 +8526,44 @@ class SecureScoreControlDefinitionItem(Resource): :vartype name: str :ivar type: Resource type. :vartype type: str - :ivar display_name: User friendly display name of the control. - :vartype display_name: str - :ivar description: User friendly description of the control. - :vartype description: str - :ivar max_score: Maximum control score (0..10). - :vartype max_score: int - :ivar source: Source object from which the control was created. - :vartype source: ~azure.mgmt.security.models.SecureScoreControlDefinitionSource - :ivar assessment_definitions: Array of assessments metadata IDs that are included in this - security control. - :vartype assessment_definitions: list[~azure.mgmt.security.models.AzureResourceLink] + :param display_name: User friendly display name of the assessment. + :type display_name: str + :ivar policy_definition_id: Azure resource ID of the policy definition that turns this + assessment calculation on. + :vartype policy_definition_id: str + :param description: Human readable description of the assessment. + :type description: str + :param remediation_description: Human readable description of what you should do to mitigate + this security issue. + :type remediation_description: str + :param categories: + :type categories: list[str or ~azure.mgmt.security.models.Categories] + :param severity: The severity level of the assessment. Possible values include: "Low", + "Medium", "High". + :type severity: str or ~azure.mgmt.security.models.Severity + :param user_impact: The user impact of the assessment. Possible values include: "Low", + "Moderate", "High". + :type user_impact: str or ~azure.mgmt.security.models.UserImpact + :param implementation_effort: The implementation effort required to remediate this assessment. + Possible values include: "Low", "Moderate", "High". + :type implementation_effort: str or ~azure.mgmt.security.models.ImplementationEffort + :param threats: + :type threats: list[str or ~azure.mgmt.security.models.Threats] + :param preview: True if this assessment is in preview release status. + :type preview: bool + :param assessment_type: BuiltIn if the assessment based on built-in Azure Policy definition, + Custom if the assessment based on custom Azure Policy definition. Possible values include: + "BuiltIn", "CustomPolicy", "CustomerManaged", "VerifiedPartner". + :type assessment_type: str or ~azure.mgmt.security.models.AssessmentType + :param partner_data: Describes the partner that created the assessment. + :type partner_data: ~azure.mgmt.security.models.SecurityAssessmentMetadataPartnerData """ _validation = { 'id': {'readonly': True}, 'name': {'readonly': True}, 'type': {'readonly': True}, - 'display_name': {'readonly': True}, - 'description': {'readonly': True, 'max_length': 256, 'min_length': 0}, - 'max_score': {'readonly': True, 'maximum': 10, 'minimum': 0}, - 'source': {'readonly': True}, - 'assessment_definitions': {'readonly': True}, + 'policy_definition_id': {'readonly': True}, } _attribute_map = { @@ -7408,221 +8571,273 @@ class SecureScoreControlDefinitionItem(Resource): 'name': {'key': 'name', 'type': 'str'}, 'type': {'key': 'type', 'type': 'str'}, 'display_name': {'key': 'properties.displayName', 'type': 'str'}, + 'policy_definition_id': {'key': 'properties.policyDefinitionId', 'type': 'str'}, 'description': {'key': 'properties.description', 'type': 'str'}, - 'max_score': {'key': 'properties.maxScore', 'type': 'int'}, - 'source': {'key': 'properties.source', 'type': 'SecureScoreControlDefinitionSource'}, - 'assessment_definitions': {'key': 'properties.assessmentDefinitions', 'type': '[AzureResourceLink]'}, + 'remediation_description': {'key': 'properties.remediationDescription', 'type': 'str'}, + 'categories': {'key': 'properties.categories', 'type': '[str]'}, + 'severity': {'key': 'properties.severity', 'type': 'str'}, + 'user_impact': {'key': 'properties.userImpact', 'type': 'str'}, + 'implementation_effort': {'key': 'properties.implementationEffort', 'type': 'str'}, + 'threats': {'key': 'properties.threats', 'type': '[str]'}, + 'preview': {'key': 'properties.preview', 'type': 'bool'}, + 'assessment_type': {'key': 'properties.assessmentType', 'type': 'str'}, + 'partner_data': {'key': 'properties.partnerData', 'type': 'SecurityAssessmentMetadataPartnerData'}, } def __init__( self, **kwargs ): - super(SecureScoreControlDefinitionItem, self).__init__(**kwargs) - self.display_name = None - self.description = None - self.max_score = None - self.source = None - self.assessment_definitions = None + super(SecurityAssessmentMetadata, self).__init__(**kwargs) + self.display_name = kwargs.get('display_name', None) + self.policy_definition_id = None + self.description = kwargs.get('description', None) + self.remediation_description = kwargs.get('remediation_description', None) + self.categories = kwargs.get('categories', None) + self.severity = kwargs.get('severity', None) + self.user_impact = kwargs.get('user_impact', None) + self.implementation_effort = kwargs.get('implementation_effort', None) + self.threats = kwargs.get('threats', None) + self.preview = kwargs.get('preview', None) + self.assessment_type = kwargs.get('assessment_type', None) + self.partner_data = kwargs.get('partner_data', None) -class SecureScoreControlDefinitionList(msrest.serialization.Model): - """List of security controls definition. +class SecurityAssessmentMetadataPartnerData(msrest.serialization.Model): + """Describes the partner that created the assessment. - Variables are only populated by the server, and will be ignored when sending a request. + All required parameters must be populated in order to send to Azure. - :ivar value: Collection of security controls definition in this page. - :vartype value: list[~azure.mgmt.security.models.SecureScoreControlDefinitionItem] - :ivar next_link: The URI to fetch the next page. - :vartype next_link: str + :param partner_name: Required. Name of the company of the partner. + :type partner_name: str + :param product_name: Name of the product of the partner that created the assessment. + :type product_name: str + :param secret: Required. Secret to authenticate the partner and verify it created the + assessment - write only. + :type secret: str """ _validation = { - 'value': {'readonly': True}, - 'next_link': {'readonly': True}, - } - - _attribute_map = { - 'value': {'key': 'value', 'type': '[SecureScoreControlDefinitionItem]'}, - 'next_link': {'key': 'nextLink', 'type': 'str'}, + 'partner_name': {'required': True}, + 'secret': {'required': True}, } - def __init__( - self, - **kwargs - ): - super(SecureScoreControlDefinitionList, self).__init__(**kwargs) - self.value = None - self.next_link = None - - -class SecureScoreControlDefinitionSource(msrest.serialization.Model): - """The type of the security control (For example, BuiltIn). - - :param source_type: The type of security control (for example, BuiltIn). Possible values - include: "BuiltIn", "Custom". - :type source_type: str or ~azure.mgmt.security.models.ControlType - """ - _attribute_map = { - 'source_type': {'key': 'sourceType', 'type': 'str'}, + 'partner_name': {'key': 'partnerName', 'type': 'str'}, + 'product_name': {'key': 'productName', 'type': 'str'}, + 'secret': {'key': 'secret', 'type': 'str'}, } def __init__( self, **kwargs ): - super(SecureScoreControlDefinitionSource, self).__init__(**kwargs) - self.source_type = kwargs.get('source_type', None) + super(SecurityAssessmentMetadataPartnerData, self).__init__(**kwargs) + self.partner_name = kwargs['partner_name'] + self.product_name = kwargs.get('product_name', None) + self.secret = kwargs['secret'] -class SecureScoreControlDetails(Resource): - """Details of the security control, its score, and the health status of the relevant resources. +class SecurityAssessmentMetadataProperties(msrest.serialization.Model): + """Describes properties of an assessment metadata. Variables are only populated by the server, and will be ignored when sending a request. - :ivar id: Resource Id. - :vartype id: str - :ivar name: Resource name. - :vartype name: str - :ivar type: Resource type. - :vartype type: str - :ivar display_name: User friendly display name of the control. - :vartype display_name: str - :ivar healthy_resource_count: Number of healthy resources in the control. - :vartype healthy_resource_count: int - :ivar unhealthy_resource_count: Number of unhealthy resources in the control. - :vartype unhealthy_resource_count: int - :ivar not_applicable_resource_count: Number of not applicable resources in the control. - :vartype not_applicable_resource_count: int - :ivar weight: The relative weight for this specific control in each of your subscriptions. Used - when calculating an aggregated score for this control across all of your subscriptions. - :vartype weight: long - :param definition: Information about the security control. - :type definition: ~azure.mgmt.security.models.SecureScoreControlDefinitionItem - :ivar max: Maximum score available. - :vartype max: int - :ivar current: Current score. - :vartype current: float - :ivar percentage: Ratio of the current score divided by the maximum. Rounded to 4 digits after - the decimal point. - :vartype percentage: float + All required parameters must be populated in order to send to Azure. + + :param display_name: Required. User friendly display name of the assessment. + :type display_name: str + :ivar policy_definition_id: Azure resource ID of the policy definition that turns this + assessment calculation on. + :vartype policy_definition_id: str + :param description: Human readable description of the assessment. + :type description: str + :param remediation_description: Human readable description of what you should do to mitigate + this security issue. + :type remediation_description: str + :param categories: + :type categories: list[str or ~azure.mgmt.security.models.Categories] + :param severity: Required. The severity level of the assessment. Possible values include: + "Low", "Medium", "High". + :type severity: str or ~azure.mgmt.security.models.Severity + :param user_impact: The user impact of the assessment. Possible values include: "Low", + "Moderate", "High". + :type user_impact: str or ~azure.mgmt.security.models.UserImpact + :param implementation_effort: The implementation effort required to remediate this assessment. + Possible values include: "Low", "Moderate", "High". + :type implementation_effort: str or ~azure.mgmt.security.models.ImplementationEffort + :param threats: + :type threats: list[str or ~azure.mgmt.security.models.Threats] + :param preview: True if this assessment is in preview release status. + :type preview: bool + :param assessment_type: Required. BuiltIn if the assessment based on built-in Azure Policy + definition, Custom if the assessment based on custom Azure Policy definition. Possible values + include: "BuiltIn", "CustomPolicy", "CustomerManaged", "VerifiedPartner". + :type assessment_type: str or ~azure.mgmt.security.models.AssessmentType + :param partner_data: Describes the partner that created the assessment. + :type partner_data: ~azure.mgmt.security.models.SecurityAssessmentMetadataPartnerData """ _validation = { - 'id': {'readonly': True}, - 'name': {'readonly': True}, - 'type': {'readonly': True}, - 'display_name': {'readonly': True}, - 'healthy_resource_count': {'readonly': True}, - 'unhealthy_resource_count': {'readonly': True}, - 'not_applicable_resource_count': {'readonly': True}, - 'weight': {'readonly': True, 'minimum': 0}, - 'max': {'readonly': True, 'minimum': 0}, - 'current': {'readonly': True, 'minimum': 0}, - 'percentage': {'readonly': True, 'maximum': 1, 'minimum': 0}, + 'display_name': {'required': True}, + 'policy_definition_id': {'readonly': True}, + 'severity': {'required': True}, + 'assessment_type': {'required': True}, } _attribute_map = { - 'id': {'key': 'id', 'type': 'str'}, - 'name': {'key': 'name', 'type': 'str'}, - 'type': {'key': 'type', 'type': 'str'}, - 'display_name': {'key': 'properties.displayName', 'type': 'str'}, - 'healthy_resource_count': {'key': 'properties.healthyResourceCount', 'type': 'int'}, - 'unhealthy_resource_count': {'key': 'properties.unhealthyResourceCount', 'type': 'int'}, - 'not_applicable_resource_count': {'key': 'properties.notApplicableResourceCount', 'type': 'int'}, - 'weight': {'key': 'properties.weight', 'type': 'long'}, - 'definition': {'key': 'properties.definition', 'type': 'SecureScoreControlDefinitionItem'}, - 'max': {'key': 'properties.score.max', 'type': 'int'}, - 'current': {'key': 'properties.score.current', 'type': 'float'}, - 'percentage': {'key': 'properties.score.percentage', 'type': 'float'}, + 'display_name': {'key': 'displayName', 'type': 'str'}, + 'policy_definition_id': {'key': 'policyDefinitionId', 'type': 'str'}, + 'description': {'key': 'description', 'type': 'str'}, + 'remediation_description': {'key': 'remediationDescription', 'type': 'str'}, + 'categories': {'key': 'categories', 'type': '[str]'}, + 'severity': {'key': 'severity', 'type': 'str'}, + 'user_impact': {'key': 'userImpact', 'type': 'str'}, + 'implementation_effort': {'key': 'implementationEffort', 'type': 'str'}, + 'threats': {'key': 'threats', 'type': '[str]'}, + 'preview': {'key': 'preview', 'type': 'bool'}, + 'assessment_type': {'key': 'assessmentType', 'type': 'str'}, + 'partner_data': {'key': 'partnerData', 'type': 'SecurityAssessmentMetadataPartnerData'}, } def __init__( self, **kwargs ): - super(SecureScoreControlDetails, self).__init__(**kwargs) - self.display_name = None - self.healthy_resource_count = None - self.unhealthy_resource_count = None - self.not_applicable_resource_count = None - self.weight = None - self.definition = kwargs.get('definition', None) - self.max = None - self.current = None - self.percentage = None + super(SecurityAssessmentMetadataProperties, self).__init__(**kwargs) + self.display_name = kwargs['display_name'] + self.policy_definition_id = None + self.description = kwargs.get('description', None) + self.remediation_description = kwargs.get('remediation_description', None) + self.categories = kwargs.get('categories', None) + self.severity = kwargs['severity'] + self.user_impact = kwargs.get('user_impact', None) + self.implementation_effort = kwargs.get('implementation_effort', None) + self.threats = kwargs.get('threats', None) + self.preview = kwargs.get('preview', None) + self.assessment_type = kwargs['assessment_type'] + self.partner_data = kwargs.get('partner_data', None) -class SecureScoreControlList(msrest.serialization.Model): - """List of security controls. +class SecurityAssessmentMetadataPropertiesResponse(SecurityAssessmentMetadataProperties): + """Describes properties of an assessment metadata response. Variables are only populated by the server, and will be ignored when sending a request. - :ivar value: Collection of security controls in this page. - :vartype value: list[~azure.mgmt.security.models.SecureScoreControlDetails] - :ivar next_link: The URI to fetch the next page. - :vartype next_link: str + All required parameters must be populated in order to send to Azure. + + :param display_name: Required. User friendly display name of the assessment. + :type display_name: str + :ivar policy_definition_id: Azure resource ID of the policy definition that turns this + assessment calculation on. + :vartype policy_definition_id: str + :param description: Human readable description of the assessment. + :type description: str + :param remediation_description: Human readable description of what you should do to mitigate + this security issue. + :type remediation_description: str + :param categories: + :type categories: list[str or ~azure.mgmt.security.models.Categories] + :param severity: Required. The severity level of the assessment. Possible values include: + "Low", "Medium", "High". + :type severity: str or ~azure.mgmt.security.models.Severity + :param user_impact: The user impact of the assessment. Possible values include: "Low", + "Moderate", "High". + :type user_impact: str or ~azure.mgmt.security.models.UserImpact + :param implementation_effort: The implementation effort required to remediate this assessment. + Possible values include: "Low", "Moderate", "High". + :type implementation_effort: str or ~azure.mgmt.security.models.ImplementationEffort + :param threats: + :type threats: list[str or ~azure.mgmt.security.models.Threats] + :param preview: True if this assessment is in preview release status. + :type preview: bool + :param assessment_type: Required. BuiltIn if the assessment based on built-in Azure Policy + definition, Custom if the assessment based on custom Azure Policy definition. Possible values + include: "BuiltIn", "CustomPolicy", "CustomerManaged", "VerifiedPartner". + :type assessment_type: str or ~azure.mgmt.security.models.AssessmentType + :param partner_data: Describes the partner that created the assessment. + :type partner_data: ~azure.mgmt.security.models.SecurityAssessmentMetadataPartnerData + :param publish_dates: + :type publish_dates: + ~azure.mgmt.security.models.SecurityAssessmentMetadataPropertiesResponsePublishDates + :param planned_deprecation_date: + :type planned_deprecation_date: str + :param tactics: + :type tactics: list[str or ~azure.mgmt.security.models.Tactics] + :param techniques: + :type techniques: list[str or ~azure.mgmt.security.models.Techniques] """ _validation = { - 'value': {'readonly': True}, - 'next_link': {'readonly': True}, + 'display_name': {'required': True}, + 'policy_definition_id': {'readonly': True}, + 'severity': {'required': True}, + 'assessment_type': {'required': True}, + 'planned_deprecation_date': {'pattern': r'^[0-9]{2}/[0-9]{4}$'}, } _attribute_map = { - 'value': {'key': 'value', 'type': '[SecureScoreControlDetails]'}, - 'next_link': {'key': 'nextLink', 'type': 'str'}, + 'display_name': {'key': 'displayName', 'type': 'str'}, + 'policy_definition_id': {'key': 'policyDefinitionId', 'type': 'str'}, + 'description': {'key': 'description', 'type': 'str'}, + 'remediation_description': {'key': 'remediationDescription', 'type': 'str'}, + 'categories': {'key': 'categories', 'type': '[str]'}, + 'severity': {'key': 'severity', 'type': 'str'}, + 'user_impact': {'key': 'userImpact', 'type': 'str'}, + 'implementation_effort': {'key': 'implementationEffort', 'type': 'str'}, + 'threats': {'key': 'threats', 'type': '[str]'}, + 'preview': {'key': 'preview', 'type': 'bool'}, + 'assessment_type': {'key': 'assessmentType', 'type': 'str'}, + 'partner_data': {'key': 'partnerData', 'type': 'SecurityAssessmentMetadataPartnerData'}, + 'publish_dates': {'key': 'publishDates', 'type': 'SecurityAssessmentMetadataPropertiesResponsePublishDates'}, + 'planned_deprecation_date': {'key': 'plannedDeprecationDate', 'type': 'str'}, + 'tactics': {'key': 'tactics', 'type': '[str]'}, + 'techniques': {'key': 'techniques', 'type': '[str]'}, } def __init__( self, **kwargs ): - super(SecureScoreControlList, self).__init__(**kwargs) - self.value = None - self.next_link = None + super(SecurityAssessmentMetadataPropertiesResponse, self).__init__(**kwargs) + self.publish_dates = kwargs.get('publish_dates', None) + self.planned_deprecation_date = kwargs.get('planned_deprecation_date', None) + self.tactics = kwargs.get('tactics', None) + self.techniques = kwargs.get('techniques', None) -class SecureScoreControlScore(msrest.serialization.Model): - """Calculation result data. +class SecurityAssessmentMetadataPropertiesResponsePublishDates(msrest.serialization.Model): + """SecurityAssessmentMetadataPropertiesResponsePublishDates. - Variables are only populated by the server, and will be ignored when sending a request. + All required parameters must be populated in order to send to Azure. - :ivar max: Maximum control score (0..10). - :vartype max: int - :ivar current: Actual score for the control = (achieved points / total points) * max score. if - total points is zeroed, the return number is 0.00. - :vartype current: float - :ivar percentage: Ratio of the current score divided by the maximum. Rounded to 4 digits after - the decimal point. - :vartype percentage: float + :param ga: + :type ga: str + :param public: Required. + :type public: str """ _validation = { - 'max': {'readonly': True, 'maximum': 10, 'minimum': 0}, - 'current': {'readonly': True, 'maximum': 10, 'minimum': 0}, - 'percentage': {'readonly': True, 'maximum': 1, 'minimum': 0}, + 'ga': {'pattern': r'^([0-9]{2}/){2}[0-9]{4}$'}, + 'public': {'required': True, 'pattern': r'^([0-9]{2}/){2}[0-9]{4}$'}, } _attribute_map = { - 'max': {'key': 'max', 'type': 'int'}, - 'current': {'key': 'current', 'type': 'float'}, - 'percentage': {'key': 'percentage', 'type': 'float'}, + 'ga': {'key': 'GA', 'type': 'str'}, + 'public': {'key': 'public', 'type': 'str'}, } def __init__( self, **kwargs ): - super(SecureScoreControlScore, self).__init__(**kwargs) - self.max = None - self.current = None - self.percentage = None + super(SecurityAssessmentMetadataPropertiesResponsePublishDates, self).__init__(**kwargs) + self.ga = kwargs.get('ga', None) + self.public = kwargs['public'] -class SecureScoreItem(Resource): - """Secure score item data model. +class SecurityAssessmentMetadataResponse(Resource): + """Security assessment metadata response. Variables are only populated by the server, and will be ignored when sending a request. @@ -7632,29 +8847,54 @@ class SecureScoreItem(Resource): :vartype name: str :ivar type: Resource type. :vartype type: str - :ivar display_name: The initiative’s name. - :vartype display_name: str - :ivar weight: The relative weight for each subscription. Used when calculating an aggregated - secure score for multiple subscriptions. - :vartype weight: long - :ivar max: Maximum score available. - :vartype max: int - :ivar current: Current score. - :vartype current: float - :ivar percentage: Ratio of the current score divided by the maximum. Rounded to 4 digits after - the decimal point. - :vartype percentage: float + :param display_name: User friendly display name of the assessment. + :type display_name: str + :ivar policy_definition_id: Azure resource ID of the policy definition that turns this + assessment calculation on. + :vartype policy_definition_id: str + :param description: Human readable description of the assessment. + :type description: str + :param remediation_description: Human readable description of what you should do to mitigate + this security issue. + :type remediation_description: str + :param categories: + :type categories: list[str or ~azure.mgmt.security.models.Categories] + :param severity: The severity level of the assessment. Possible values include: "Low", + "Medium", "High". + :type severity: str or ~azure.mgmt.security.models.Severity + :param user_impact: The user impact of the assessment. Possible values include: "Low", + "Moderate", "High". + :type user_impact: str or ~azure.mgmt.security.models.UserImpact + :param implementation_effort: The implementation effort required to remediate this assessment. + Possible values include: "Low", "Moderate", "High". + :type implementation_effort: str or ~azure.mgmt.security.models.ImplementationEffort + :param threats: + :type threats: list[str or ~azure.mgmt.security.models.Threats] + :param preview: True if this assessment is in preview release status. + :type preview: bool + :param assessment_type: BuiltIn if the assessment based on built-in Azure Policy definition, + Custom if the assessment based on custom Azure Policy definition. Possible values include: + "BuiltIn", "CustomPolicy", "CustomerManaged", "VerifiedPartner". + :type assessment_type: str or ~azure.mgmt.security.models.AssessmentType + :param partner_data: Describes the partner that created the assessment. + :type partner_data: ~azure.mgmt.security.models.SecurityAssessmentMetadataPartnerData + :param publish_dates: + :type publish_dates: + ~azure.mgmt.security.models.SecurityAssessmentMetadataPropertiesResponsePublishDates + :param planned_deprecation_date: + :type planned_deprecation_date: str + :param tactics: + :type tactics: list[str or ~azure.mgmt.security.models.Tactics] + :param techniques: + :type techniques: list[str or ~azure.mgmt.security.models.Techniques] """ _validation = { 'id': {'readonly': True}, 'name': {'readonly': True}, 'type': {'readonly': True}, - 'display_name': {'readonly': True}, - 'weight': {'readonly': True, 'minimum': 0}, - 'max': {'readonly': True, 'minimum': 0}, - 'current': {'readonly': True, 'minimum': 0}, - 'percentage': {'readonly': True, 'maximum': 1, 'minimum': 0}, + 'policy_definition_id': {'readonly': True}, + 'planned_deprecation_date': {'pattern': r'^[0-9]{2}/[0-9]{4}$'}, } _attribute_map = { @@ -7662,31 +8902,53 @@ class SecureScoreItem(Resource): 'name': {'key': 'name', 'type': 'str'}, 'type': {'key': 'type', 'type': 'str'}, 'display_name': {'key': 'properties.displayName', 'type': 'str'}, - 'weight': {'key': 'properties.weight', 'type': 'long'}, - 'max': {'key': 'properties.score.max', 'type': 'int'}, - 'current': {'key': 'properties.score.current', 'type': 'float'}, - 'percentage': {'key': 'properties.score.percentage', 'type': 'float'}, + 'policy_definition_id': {'key': 'properties.policyDefinitionId', 'type': 'str'}, + 'description': {'key': 'properties.description', 'type': 'str'}, + 'remediation_description': {'key': 'properties.remediationDescription', 'type': 'str'}, + 'categories': {'key': 'properties.categories', 'type': '[str]'}, + 'severity': {'key': 'properties.severity', 'type': 'str'}, + 'user_impact': {'key': 'properties.userImpact', 'type': 'str'}, + 'implementation_effort': {'key': 'properties.implementationEffort', 'type': 'str'}, + 'threats': {'key': 'properties.threats', 'type': '[str]'}, + 'preview': {'key': 'properties.preview', 'type': 'bool'}, + 'assessment_type': {'key': 'properties.assessmentType', 'type': 'str'}, + 'partner_data': {'key': 'properties.partnerData', 'type': 'SecurityAssessmentMetadataPartnerData'}, + 'publish_dates': {'key': 'properties.publishDates', 'type': 'SecurityAssessmentMetadataPropertiesResponsePublishDates'}, + 'planned_deprecation_date': {'key': 'properties.plannedDeprecationDate', 'type': 'str'}, + 'tactics': {'key': 'properties.tactics', 'type': '[str]'}, + 'techniques': {'key': 'properties.techniques', 'type': '[str]'}, } def __init__( self, **kwargs ): - super(SecureScoreItem, self).__init__(**kwargs) - self.display_name = None - self.weight = None - self.max = None - self.current = None - self.percentage = None + super(SecurityAssessmentMetadataResponse, self).__init__(**kwargs) + self.display_name = kwargs.get('display_name', None) + self.policy_definition_id = None + self.description = kwargs.get('description', None) + self.remediation_description = kwargs.get('remediation_description', None) + self.categories = kwargs.get('categories', None) + self.severity = kwargs.get('severity', None) + self.user_impact = kwargs.get('user_impact', None) + self.implementation_effort = kwargs.get('implementation_effort', None) + self.threats = kwargs.get('threats', None) + self.preview = kwargs.get('preview', None) + self.assessment_type = kwargs.get('assessment_type', None) + self.partner_data = kwargs.get('partner_data', None) + self.publish_dates = kwargs.get('publish_dates', None) + self.planned_deprecation_date = kwargs.get('planned_deprecation_date', None) + self.tactics = kwargs.get('tactics', None) + self.techniques = kwargs.get('techniques', None) -class SecureScoresList(msrest.serialization.Model): - """List of secure scores. +class SecurityAssessmentMetadataResponseList(msrest.serialization.Model): + """List of security assessment metadata. Variables are only populated by the server, and will be ignored when sending a request. - :ivar value: Collection of secure scores in this page. - :vartype value: list[~azure.mgmt.security.models.SecureScoreItem] + :ivar value: + :vartype value: list[~azure.mgmt.security.models.SecurityAssessmentMetadataResponse] :ivar next_link: The URI to fetch the next page. :vartype next_link: str """ @@ -7697,7 +8959,7 @@ class SecureScoresList(msrest.serialization.Model): } _attribute_map = { - 'value': {'key': 'value', 'type': '[SecureScoreItem]'}, + 'value': {'key': 'value', 'type': '[SecurityAssessmentMetadataResponse]'}, 'next_link': {'key': 'nextLink', 'type': 'str'}, } @@ -7705,28 +8967,52 @@ def __init__( self, **kwargs ): - super(SecureScoresList, self).__init__(**kwargs) + super(SecurityAssessmentMetadataResponseList, self).__init__(**kwargs) self.value = None self.next_link = None -class SecurityAssessment(Resource): - """Security assessment on a resource. +class SecurityAssessmentPartnerData(msrest.serialization.Model): + """Data regarding 3rd party partner integration. + + All required parameters must be populated in order to send to Azure. + + :param partner_name: Required. Name of the company of the partner. + :type partner_name: str + :param secret: Required. secret to authenticate the partner - write only. + :type secret: str + """ + + _validation = { + 'partner_name': {'required': True}, + 'secret': {'required': True}, + } + + _attribute_map = { + 'partner_name': {'key': 'partnerName', 'type': 'str'}, + 'secret': {'key': 'secret', 'type': 'str'}, + } + + def __init__( + self, + **kwargs + ): + super(SecurityAssessmentPartnerData, self).__init__(**kwargs) + self.partner_name = kwargs['partner_name'] + self.secret = kwargs['secret'] + + +class SecurityAssessmentPropertiesBase(msrest.serialization.Model): + """Describes properties of an assessment. Variables are only populated by the server, and will be ignored when sending a request. - :ivar id: Resource Id. - :vartype id: str - :ivar name: Resource name. - :vartype name: str - :ivar type: Resource type. - :vartype type: str - :param resource_details: Details of the resource that was assessed. + All required parameters must be populated in order to send to Azure. + + :param resource_details: Required. Details of the resource that was assessed. :type resource_details: ~azure.mgmt.security.models.ResourceDetails :ivar display_name: User friendly display name of the assessment. :vartype display_name: str - :param status: The result of the assessment. - :type status: ~azure.mgmt.security.models.AssessmentStatus :param additional_data: Additional data regarding the assessment. :type additional_data: dict[str, str] :ivar links: Links relevant to the assessment. @@ -7738,72 +9024,131 @@ class SecurityAssessment(Resource): """ _validation = { - 'id': {'readonly': True}, - 'name': {'readonly': True}, - 'type': {'readonly': True}, + 'resource_details': {'required': True}, 'display_name': {'readonly': True}, 'links': {'readonly': True}, } _attribute_map = { - 'id': {'key': 'id', 'type': 'str'}, - 'name': {'key': 'name', 'type': 'str'}, - 'type': {'key': 'type', 'type': 'str'}, - 'resource_details': {'key': 'properties.resourceDetails', 'type': 'ResourceDetails'}, - 'display_name': {'key': 'properties.displayName', 'type': 'str'}, - 'status': {'key': 'properties.status', 'type': 'AssessmentStatus'}, - 'additional_data': {'key': 'properties.additionalData', 'type': '{str}'}, - 'links': {'key': 'properties.links', 'type': 'AssessmentLinks'}, - 'metadata': {'key': 'properties.metadata', 'type': 'SecurityAssessmentMetadataProperties'}, - 'partners_data': {'key': 'properties.partnersData', 'type': 'SecurityAssessmentPartnerData'}, + 'resource_details': {'key': 'resourceDetails', 'type': 'ResourceDetails'}, + 'display_name': {'key': 'displayName', 'type': 'str'}, + 'additional_data': {'key': 'additionalData', 'type': '{str}'}, + 'links': {'key': 'links', 'type': 'AssessmentLinks'}, + 'metadata': {'key': 'metadata', 'type': 'SecurityAssessmentMetadataProperties'}, + 'partners_data': {'key': 'partnersData', 'type': 'SecurityAssessmentPartnerData'}, } def __init__( self, **kwargs ): - super(SecurityAssessment, self).__init__(**kwargs) - self.resource_details = kwargs.get('resource_details', None) + super(SecurityAssessmentPropertiesBase, self).__init__(**kwargs) + self.resource_details = kwargs['resource_details'] self.display_name = None - self.status = kwargs.get('status', None) self.additional_data = kwargs.get('additional_data', None) self.links = None self.metadata = kwargs.get('metadata', None) self.partners_data = kwargs.get('partners_data', None) -class SecurityAssessmentList(msrest.serialization.Model): - """Page of a security assessments list. +class SecurityAssessmentProperties(SecurityAssessmentPropertiesBase): + """Describes properties of an assessment. Variables are only populated by the server, and will be ignored when sending a request. - :ivar value: Collection of security assessments in this page. - :vartype value: list[~azure.mgmt.security.models.SecurityAssessment] - :ivar next_link: The URI to fetch the next page. - :vartype next_link: str + All required parameters must be populated in order to send to Azure. + + :param resource_details: Required. Details of the resource that was assessed. + :type resource_details: ~azure.mgmt.security.models.ResourceDetails + :ivar display_name: User friendly display name of the assessment. + :vartype display_name: str + :param additional_data: Additional data regarding the assessment. + :type additional_data: dict[str, str] + :ivar links: Links relevant to the assessment. + :vartype links: ~azure.mgmt.security.models.AssessmentLinks + :param metadata: Describes properties of an assessment metadata. + :type metadata: ~azure.mgmt.security.models.SecurityAssessmentMetadataProperties + :param partners_data: Data regarding 3rd party partner integration. + :type partners_data: ~azure.mgmt.security.models.SecurityAssessmentPartnerData + :param status: Required. The result of the assessment. + :type status: ~azure.mgmt.security.models.AssessmentStatus """ _validation = { - 'value': {'readonly': True}, - 'next_link': {'readonly': True}, + 'resource_details': {'required': True}, + 'display_name': {'readonly': True}, + 'links': {'readonly': True}, + 'status': {'required': True}, + } + + _attribute_map = { + 'resource_details': {'key': 'resourceDetails', 'type': 'ResourceDetails'}, + 'display_name': {'key': 'displayName', 'type': 'str'}, + 'additional_data': {'key': 'additionalData', 'type': '{str}'}, + 'links': {'key': 'links', 'type': 'AssessmentLinks'}, + 'metadata': {'key': 'metadata', 'type': 'SecurityAssessmentMetadataProperties'}, + 'partners_data': {'key': 'partnersData', 'type': 'SecurityAssessmentPartnerData'}, + 'status': {'key': 'status', 'type': 'AssessmentStatus'}, + } + + def __init__( + self, + **kwargs + ): + super(SecurityAssessmentProperties, self).__init__(**kwargs) + self.status = kwargs['status'] + + +class SecurityAssessmentPropertiesResponse(SecurityAssessmentPropertiesBase): + """Describes properties of an assessment. + + Variables are only populated by the server, and will be ignored when sending a request. + + All required parameters must be populated in order to send to Azure. + + :param resource_details: Required. Details of the resource that was assessed. + :type resource_details: ~azure.mgmt.security.models.ResourceDetails + :ivar display_name: User friendly display name of the assessment. + :vartype display_name: str + :param additional_data: Additional data regarding the assessment. + :type additional_data: dict[str, str] + :ivar links: Links relevant to the assessment. + :vartype links: ~azure.mgmt.security.models.AssessmentLinks + :param metadata: Describes properties of an assessment metadata. + :type metadata: ~azure.mgmt.security.models.SecurityAssessmentMetadataProperties + :param partners_data: Data regarding 3rd party partner integration. + :type partners_data: ~azure.mgmt.security.models.SecurityAssessmentPartnerData + :param status: Required. The result of the assessment. + :type status: ~azure.mgmt.security.models.AssessmentStatusResponse + """ + + _validation = { + 'resource_details': {'required': True}, + 'display_name': {'readonly': True}, + 'links': {'readonly': True}, + 'status': {'required': True}, } _attribute_map = { - 'value': {'key': 'value', 'type': '[SecurityAssessment]'}, - 'next_link': {'key': 'nextLink', 'type': 'str'}, + 'resource_details': {'key': 'resourceDetails', 'type': 'ResourceDetails'}, + 'display_name': {'key': 'displayName', 'type': 'str'}, + 'additional_data': {'key': 'additionalData', 'type': '{str}'}, + 'links': {'key': 'links', 'type': 'AssessmentLinks'}, + 'metadata': {'key': 'metadata', 'type': 'SecurityAssessmentMetadataProperties'}, + 'partners_data': {'key': 'partnersData', 'type': 'SecurityAssessmentPartnerData'}, + 'status': {'key': 'status', 'type': 'AssessmentStatusResponse'}, } def __init__( self, **kwargs ): - super(SecurityAssessmentList, self).__init__(**kwargs) - self.value = None - self.next_link = None + super(SecurityAssessmentPropertiesResponse, self).__init__(**kwargs) + self.status = kwargs['status'] -class SecurityAssessmentMetadata(Resource): - """Security assessment metadata. +class SecurityAssessmentResponse(Resource): + """Security assessment on a resource - response format. Variables are only populated by the server, and will be ignored when sending a request. @@ -7813,257 +9158,193 @@ class SecurityAssessmentMetadata(Resource): :vartype name: str :ivar type: Resource type. :vartype type: str - :param display_name: User friendly display name of the assessment. - :type display_name: str - :ivar policy_definition_id: Azure resource ID of the policy definition that turns this - assessment calculation on. - :vartype policy_definition_id: str - :param description: Human readable description of the assessment. - :type description: str - :param remediation_description: Human readable description of what you should do to mitigate - this security issue. - :type remediation_description: str - :param categories: - :type categories: list[str or ~azure.mgmt.security.models.Categories] - :param severity: The severity level of the assessment. Possible values include: "Low", - "Medium", "High". - :type severity: str or ~azure.mgmt.security.models.Severity - :param user_impact: The user impact of the assessment. Possible values include: "Low", - "Moderate", "High". - :type user_impact: str or ~azure.mgmt.security.models.UserImpact - :param implementation_effort: The implementation effort required to remediate this assessment. - Possible values include: "Low", "Moderate", "High". - :type implementation_effort: str or ~azure.mgmt.security.models.ImplementationEffort - :param threats: - :type threats: list[str or ~azure.mgmt.security.models.Threats] - :param preview: True if this assessment is in preview release status. - :type preview: bool - :param assessment_type: BuiltIn if the assessment based on built-in Azure Policy definition, - Custom if the assessment based on custom Azure Policy definition. Possible values include: - "BuiltIn", "CustomPolicy", "CustomerManaged", "VerifiedPartner". - :type assessment_type: str or ~azure.mgmt.security.models.AssessmentType - :param partner_data: Describes the partner that created the assessment. - :type partner_data: ~azure.mgmt.security.models.SecurityAssessmentMetadataPartnerData + :param resource_details: Details of the resource that was assessed. + :type resource_details: ~azure.mgmt.security.models.ResourceDetails + :ivar display_name: User friendly display name of the assessment. + :vartype display_name: str + :param additional_data: Additional data regarding the assessment. + :type additional_data: dict[str, str] + :ivar links: Links relevant to the assessment. + :vartype links: ~azure.mgmt.security.models.AssessmentLinks + :param metadata: Describes properties of an assessment metadata. + :type metadata: ~azure.mgmt.security.models.SecurityAssessmentMetadataProperties + :param partners_data: Data regarding 3rd party partner integration. + :type partners_data: ~azure.mgmt.security.models.SecurityAssessmentPartnerData + :param status: The result of the assessment. + :type status: ~azure.mgmt.security.models.AssessmentStatusResponse """ _validation = { 'id': {'readonly': True}, 'name': {'readonly': True}, 'type': {'readonly': True}, - 'policy_definition_id': {'readonly': True}, + 'display_name': {'readonly': True}, + 'links': {'readonly': True}, } _attribute_map = { 'id': {'key': 'id', 'type': 'str'}, 'name': {'key': 'name', 'type': 'str'}, 'type': {'key': 'type', 'type': 'str'}, + 'resource_details': {'key': 'properties.resourceDetails', 'type': 'ResourceDetails'}, 'display_name': {'key': 'properties.displayName', 'type': 'str'}, - 'policy_definition_id': {'key': 'properties.policyDefinitionId', 'type': 'str'}, - 'description': {'key': 'properties.description', 'type': 'str'}, - 'remediation_description': {'key': 'properties.remediationDescription', 'type': 'str'}, - 'categories': {'key': 'properties.categories', 'type': '[str]'}, - 'severity': {'key': 'properties.severity', 'type': 'str'}, - 'user_impact': {'key': 'properties.userImpact', 'type': 'str'}, - 'implementation_effort': {'key': 'properties.implementationEffort', 'type': 'str'}, - 'threats': {'key': 'properties.threats', 'type': '[str]'}, - 'preview': {'key': 'properties.preview', 'type': 'bool'}, - 'assessment_type': {'key': 'properties.assessmentType', 'type': 'str'}, - 'partner_data': {'key': 'properties.partnerData', 'type': 'SecurityAssessmentMetadataPartnerData'}, + 'additional_data': {'key': 'properties.additionalData', 'type': '{str}'}, + 'links': {'key': 'properties.links', 'type': 'AssessmentLinks'}, + 'metadata': {'key': 'properties.metadata', 'type': 'SecurityAssessmentMetadataProperties'}, + 'partners_data': {'key': 'properties.partnersData', 'type': 'SecurityAssessmentPartnerData'}, + 'status': {'key': 'properties.status', 'type': 'AssessmentStatusResponse'}, } def __init__( self, **kwargs ): - super(SecurityAssessmentMetadata, self).__init__(**kwargs) - self.display_name = kwargs.get('display_name', None) - self.policy_definition_id = None - self.description = kwargs.get('description', None) - self.remediation_description = kwargs.get('remediation_description', None) - self.categories = kwargs.get('categories', None) - self.severity = kwargs.get('severity', None) - self.user_impact = kwargs.get('user_impact', None) - self.implementation_effort = kwargs.get('implementation_effort', None) - self.threats = kwargs.get('threats', None) - self.preview = kwargs.get('preview', None) - self.assessment_type = kwargs.get('assessment_type', None) - self.partner_data = kwargs.get('partner_data', None) + super(SecurityAssessmentResponse, self).__init__(**kwargs) + self.resource_details = kwargs.get('resource_details', None) + self.display_name = None + self.additional_data = kwargs.get('additional_data', None) + self.links = None + self.metadata = kwargs.get('metadata', None) + self.partners_data = kwargs.get('partners_data', None) + self.status = kwargs.get('status', None) -class SecurityAssessmentMetadataList(msrest.serialization.Model): - """List of security assessment metadata. +class SecurityConnector(TrackedResource): + """The security connector resource. Variables are only populated by the server, and will be ignored when sending a request. - :ivar value: - :vartype value: list[~azure.mgmt.security.models.SecurityAssessmentMetadata] - :ivar next_link: The URI to fetch the next page. - :vartype next_link: str + :param tags: A set of tags. A list of key value pairs that describe the resource. + :type tags: dict[str, str] + :param etag: Entity tag is used for comparing two or more entities from the same requested + resource. + :type etag: str + :param kind: Kind of the resource. + :type kind: str + :param location: Location where the resource is stored. + :type location: str + :ivar id: Resource Id. + :vartype id: str + :ivar name: Resource name. + :vartype name: str + :ivar type: Resource type. + :vartype type: str + :ivar system_data: Azure Resource Manager metadata containing createdBy and modifiedBy + information. + :vartype system_data: ~azure.mgmt.security.models.SystemData + :param hierarchy_identifier: The multi cloud resource identifier (account id in case of AWS + connector). + :type hierarchy_identifier: str + :param cloud_name: The multi cloud resource's cloud name. Possible values include: "Azure", + "AWS", "GCP". + :type cloud_name: str or ~azure.mgmt.security.models.CloudName + :param offerings: A collection of offerings for the security connector. + :type offerings: list[~azure.mgmt.security.models.CloudOffering] + :param organizational_data: The multi cloud account's organizational data. + :type organizational_data: + ~azure.mgmt.security.models.SecurityConnectorPropertiesOrganizationalData """ _validation = { - 'value': {'readonly': True}, - 'next_link': {'readonly': True}, + 'id': {'readonly': True}, + 'name': {'readonly': True}, + 'type': {'readonly': True}, + 'system_data': {'readonly': True}, } _attribute_map = { - 'value': {'key': 'value', 'type': '[SecurityAssessmentMetadata]'}, - 'next_link': {'key': 'nextLink', 'type': 'str'}, + 'tags': {'key': 'tags', 'type': '{str}'}, + 'etag': {'key': 'etag', 'type': 'str'}, + 'kind': {'key': 'kind', 'type': 'str'}, + 'location': {'key': 'location', 'type': 'str'}, + 'id': {'key': 'id', 'type': 'str'}, + 'name': {'key': 'name', 'type': 'str'}, + 'type': {'key': 'type', 'type': 'str'}, + 'system_data': {'key': 'systemData', 'type': 'SystemData'}, + 'hierarchy_identifier': {'key': 'properties.hierarchyIdentifier', 'type': 'str'}, + 'cloud_name': {'key': 'properties.cloudName', 'type': 'str'}, + 'offerings': {'key': 'properties.offerings', 'type': '[CloudOffering]'}, + 'organizational_data': {'key': 'properties.organizationalData', 'type': 'SecurityConnectorPropertiesOrganizationalData'}, } def __init__( self, **kwargs ): - super(SecurityAssessmentMetadataList, self).__init__(**kwargs) - self.value = None - self.next_link = None - + super(SecurityConnector, self).__init__(**kwargs) + self.system_data = None + self.hierarchy_identifier = kwargs.get('hierarchy_identifier', None) + self.cloud_name = kwargs.get('cloud_name', None) + self.offerings = kwargs.get('offerings', None) + self.organizational_data = kwargs.get('organizational_data', None) -class SecurityAssessmentMetadataPartnerData(msrest.serialization.Model): - """Describes the partner that created the assessment. - All required parameters must be populated in order to send to Azure. +class SecurityConnectorPropertiesOrganizationalData(msrest.serialization.Model): + """The multi cloud account's organizational data. - :param partner_name: Required. Name of the company of the partner. - :type partner_name: str - :param product_name: Name of the product of the partner that created the assessment. - :type product_name: str - :param secret: Required. Secret to authenticate the partner and verify it created the - assessment - write only. - :type secret: str + :param organization_membership_type: The multi cloud account's membership type in the + organization. Possible values include: "Member", "Organization". + :type organization_membership_type: str or + ~azure.mgmt.security.models.OrganizationMembershipType + :param parent_hierarchy_id: If the multi cloud account is not of membership type organization, + this will be the ID of the account's parent. + :type parent_hierarchy_id: str + :param stackset_name: If the multi cloud account is of membership type organization, this will + be the name of the onboarding stackset. + :type stackset_name: str + :param excluded_account_ids: If the multi cloud account is of membership type organization, + list of accounts excluded from offering. + :type excluded_account_ids: list[str] """ - _validation = { - 'partner_name': {'required': True}, - 'secret': {'required': True}, - } - _attribute_map = { - 'partner_name': {'key': 'partnerName', 'type': 'str'}, - 'product_name': {'key': 'productName', 'type': 'str'}, - 'secret': {'key': 'secret', 'type': 'str'}, + 'organization_membership_type': {'key': 'organizationMembershipType', 'type': 'str'}, + 'parent_hierarchy_id': {'key': 'parentHierarchyId', 'type': 'str'}, + 'stackset_name': {'key': 'stacksetName', 'type': 'str'}, + 'excluded_account_ids': {'key': 'excludedAccountIds', 'type': '[str]'}, } def __init__( self, **kwargs ): - super(SecurityAssessmentMetadataPartnerData, self).__init__(**kwargs) - self.partner_name = kwargs['partner_name'] - self.product_name = kwargs.get('product_name', None) - self.secret = kwargs['secret'] + super(SecurityConnectorPropertiesOrganizationalData, self).__init__(**kwargs) + self.organization_membership_type = kwargs.get('organization_membership_type', None) + self.parent_hierarchy_id = kwargs.get('parent_hierarchy_id', None) + self.stackset_name = kwargs.get('stackset_name', None) + self.excluded_account_ids = kwargs.get('excluded_account_ids', None) -class SecurityAssessmentMetadataProperties(msrest.serialization.Model): - """Describes properties of an assessment metadata. +class SecurityConnectorsList(msrest.serialization.Model): + """List of security connectors response. Variables are only populated by the server, and will be ignored when sending a request. All required parameters must be populated in order to send to Azure. - :param display_name: Required. User friendly display name of the assessment. - :type display_name: str - :ivar policy_definition_id: Azure resource ID of the policy definition that turns this - assessment calculation on. - :vartype policy_definition_id: str - :param description: Human readable description of the assessment. - :type description: str - :param remediation_description: Human readable description of what you should do to mitigate - this security issue. - :type remediation_description: str - :param categories: - :type categories: list[str or ~azure.mgmt.security.models.Categories] - :param severity: Required. The severity level of the assessment. Possible values include: - "Low", "Medium", "High". - :type severity: str or ~azure.mgmt.security.models.Severity - :param user_impact: The user impact of the assessment. Possible values include: "Low", - "Moderate", "High". - :type user_impact: str or ~azure.mgmt.security.models.UserImpact - :param implementation_effort: The implementation effort required to remediate this assessment. - Possible values include: "Low", "Moderate", "High". - :type implementation_effort: str or ~azure.mgmt.security.models.ImplementationEffort - :param threats: - :type threats: list[str or ~azure.mgmt.security.models.Threats] - :param preview: True if this assessment is in preview release status. - :type preview: bool - :param assessment_type: Required. BuiltIn if the assessment based on built-in Azure Policy - definition, Custom if the assessment based on custom Azure Policy definition. Possible values - include: "BuiltIn", "CustomPolicy", "CustomerManaged", "VerifiedPartner". - :type assessment_type: str or ~azure.mgmt.security.models.AssessmentType - :param partner_data: Describes the partner that created the assessment. - :type partner_data: ~azure.mgmt.security.models.SecurityAssessmentMetadataPartnerData - """ - - _validation = { - 'display_name': {'required': True}, - 'policy_definition_id': {'readonly': True}, - 'severity': {'required': True}, - 'assessment_type': {'required': True}, - } - - _attribute_map = { - 'display_name': {'key': 'displayName', 'type': 'str'}, - 'policy_definition_id': {'key': 'policyDefinitionId', 'type': 'str'}, - 'description': {'key': 'description', 'type': 'str'}, - 'remediation_description': {'key': 'remediationDescription', 'type': 'str'}, - 'categories': {'key': 'categories', 'type': '[str]'}, - 'severity': {'key': 'severity', 'type': 'str'}, - 'user_impact': {'key': 'userImpact', 'type': 'str'}, - 'implementation_effort': {'key': 'implementationEffort', 'type': 'str'}, - 'threats': {'key': 'threats', 'type': '[str]'}, - 'preview': {'key': 'preview', 'type': 'bool'}, - 'assessment_type': {'key': 'assessmentType', 'type': 'str'}, - 'partner_data': {'key': 'partnerData', 'type': 'SecurityAssessmentMetadataPartnerData'}, - } - - def __init__( - self, - **kwargs - ): - super(SecurityAssessmentMetadataProperties, self).__init__(**kwargs) - self.display_name = kwargs['display_name'] - self.policy_definition_id = None - self.description = kwargs.get('description', None) - self.remediation_description = kwargs.get('remediation_description', None) - self.categories = kwargs.get('categories', None) - self.severity = kwargs['severity'] - self.user_impact = kwargs.get('user_impact', None) - self.implementation_effort = kwargs.get('implementation_effort', None) - self.threats = kwargs.get('threats', None) - self.preview = kwargs.get('preview', None) - self.assessment_type = kwargs['assessment_type'] - self.partner_data = kwargs.get('partner_data', None) - - -class SecurityAssessmentPartnerData(msrest.serialization.Model): - """Data regarding 3rd party partner integration. - - All required parameters must be populated in order to send to Azure. - - :param partner_name: Required. Name of the company of the partner. - :type partner_name: str - :param secret: Required. secret to authenticate the partner - write only. - :type secret: str + :param value: Required. The list of security connectors under the given scope. + :type value: list[~azure.mgmt.security.models.SecurityConnector] + :ivar next_link: The URI to fetch the next page. + :vartype next_link: str """ _validation = { - 'partner_name': {'required': True}, - 'secret': {'required': True}, + 'value': {'required': True}, + 'next_link': {'readonly': True}, } _attribute_map = { - 'partner_name': {'key': 'partnerName', 'type': 'str'}, - 'secret': {'key': 'secret', 'type': 'str'}, + 'value': {'key': 'value', 'type': '[SecurityConnector]'}, + 'next_link': {'key': 'nextLink', 'type': 'str'}, } def __init__( self, **kwargs ): - super(SecurityAssessmentPartnerData, self).__init__(**kwargs) - self.partner_name = kwargs['partner_name'] - self.secret = kwargs['secret'] + super(SecurityConnectorsList, self).__init__(**kwargs) + self.value = kwargs['value'] + self.next_link = None class SecurityContact(Resource): diff --git a/sdk/security/azure-mgmt-security/azure/mgmt/security/models/_models_py3.py b/sdk/security/azure-mgmt-security/azure/mgmt/security/models/_models_py3.py index cc336c5b2ea0..6f90938e54d3 100644 --- a/sdk/security/azure-mgmt-security/azure/mgmt/security/models/_models_py3.py +++ b/sdk/security/azure-mgmt-security/azure/mgmt/security/models/_models_py3.py @@ -1901,6 +1901,55 @@ def __init__( self.description = description +class AssessmentStatusResponse(AssessmentStatus): + """The result of the assessment. + + Variables are only populated by the server, and will be ignored when sending a request. + + All required parameters must be populated in order to send to Azure. + + :param code: Required. Programmatic code for the status of the assessment. Possible values + include: "Healthy", "Unhealthy", "NotApplicable". + :type code: str or ~azure.mgmt.security.models.AssessmentStatusCode + :param cause: Programmatic code for the cause of the assessment status. + :type cause: str + :param description: Human readable description of the assessment status. + :type description: str + :ivar first_evaluation_date: The time that the assessment was created and first evaluated. + Returned as UTC time in ISO 8601 format. + :vartype first_evaluation_date: ~datetime.datetime + :ivar status_change_date: The time that the status of the assessment last changed. Returned as + UTC time in ISO 8601 format. + :vartype status_change_date: ~datetime.datetime + """ + + _validation = { + 'code': {'required': True}, + 'first_evaluation_date': {'readonly': True}, + 'status_change_date': {'readonly': True}, + } + + _attribute_map = { + 'code': {'key': 'code', 'type': 'str'}, + 'cause': {'key': 'cause', 'type': 'str'}, + 'description': {'key': 'description', 'type': 'str'}, + 'first_evaluation_date': {'key': 'firstEvaluationDate', 'type': 'iso-8601'}, + 'status_change_date': {'key': 'statusChangeDate', 'type': 'iso-8601'}, + } + + def __init__( + self, + *, + code: Union[str, "AssessmentStatusCode"], + cause: Optional[str] = None, + description: Optional[str] = None, + **kwargs + ): + super(AssessmentStatusResponse, self).__init__(code=code, cause=cause, description=description, **kwargs) + self.first_evaluation_date = None + self.status_change_date = None + + class AtaExternalSecuritySolution(ExternalSecuritySolution): """Represents an ATA security solution which sends logs to an OMS workspace. @@ -2513,9 +2562,9 @@ class AutomationSource(msrest.serialization.Model): """The source event types which evaluate the security automation set of rules. For example - security alerts and security assessments. To learn more about the supported security events data models schemas - please visit https://aka.ms/ASCAutomationSchemas. :param event_source: A valid event source type. Possible values include: "Assessments", - "SubAssessments", "Alerts", "SecureScores", "SecureScoresSnapshot", "SecureScoreControls", - "SecureScoreControlsSnapshot", "RegulatoryComplianceAssessment", - "RegulatoryComplianceAssessmentSnapshot". + "AssessmentsSnapshot", "SubAssessments", "SubAssessmentsSnapshot", "Alerts", "SecureScores", + "SecureScoresSnapshot", "SecureScoreControls", "SecureScoreControlsSnapshot", + "RegulatoryComplianceAssessment", "RegulatoryComplianceAssessmentSnapshot". :type event_source: str or ~azure.mgmt.security.models.EventSource :param rule_sets: A set of rules which evaluate upon event interception. A logical disjunction is applied between defined rule sets (logical 'or'). @@ -3181,6 +3230,46 @@ def __init__( self.additional_info = None +class CloudOffering(msrest.serialization.Model): + """The security offering details. + + You probably want to use the sub-classes and not this class directly. Known + sub-classes are: CspmMonitorAwsOffering, DefenderForContainersAwsOffering, DefenderForServersAwsOffering. + + Variables are only populated by the server, and will be ignored when sending a request. + + All required parameters must be populated in order to send to Azure. + + :param offering_type: Required. The type of the security offering.Constant filled by server. + Possible values include: "CspmMonitorAws", "DefenderForContainersAws", "DefenderForServersAws". + :type offering_type: str or ~azure.mgmt.security.models.OfferingType + :ivar description: The offering description. + :vartype description: str + """ + + _validation = { + 'offering_type': {'required': True}, + 'description': {'readonly': True}, + } + + _attribute_map = { + 'offering_type': {'key': 'offeringType', 'type': 'str'}, + 'description': {'key': 'description', 'type': 'str'}, + } + + _subtype_map = { + 'offering_type': {'CspmMonitorAws': 'CspmMonitorAwsOffering', 'DefenderForContainersAws': 'DefenderForContainersAwsOffering', 'DefenderForServersAWS': 'DefenderForServersAwsOffering'} + } + + def __init__( + self, + **kwargs + ): + super(CloudOffering, self).__init__(**kwargs) + self.offering_type = None # type: Optional[str] + self.description = None + + class Compliance(Resource): """Compliance of a scope. @@ -3734,162 +3823,261 @@ def __init__( self.image_digest = None -class CVE(msrest.serialization.Model): - """CVE details. +class CspmMonitorAwsOffering(CloudOffering): + """The CSPM monitoring for AWS offering configurations. Variables are only populated by the server, and will be ignored when sending a request. - :ivar title: CVE title. - :vartype title: str - :ivar link: Link url. - :vartype link: str + All required parameters must be populated in order to send to Azure. + + :param offering_type: Required. The type of the security offering.Constant filled by server. + Possible values include: "CspmMonitorAws", "DefenderForContainersAws", "DefenderForServersAws". + :type offering_type: str or ~azure.mgmt.security.models.OfferingType + :ivar description: The offering description. + :vartype description: str + :param native_cloud_connection: The native cloud connection configuration. + :type native_cloud_connection: + ~azure.mgmt.security.models.CspmMonitorAwsOfferingNativeCloudConnection """ _validation = { - 'title': {'readonly': True}, - 'link': {'readonly': True}, + 'offering_type': {'required': True}, + 'description': {'readonly': True}, } _attribute_map = { - 'title': {'key': 'title', 'type': 'str'}, - 'link': {'key': 'link', 'type': 'str'}, + 'offering_type': {'key': 'offeringType', 'type': 'str'}, + 'description': {'key': 'description', 'type': 'str'}, + 'native_cloud_connection': {'key': 'nativeCloudConnection', 'type': 'CspmMonitorAwsOfferingNativeCloudConnection'}, } def __init__( self, + *, + native_cloud_connection: Optional["CspmMonitorAwsOfferingNativeCloudConnection"] = None, **kwargs ): - super(CVE, self).__init__(**kwargs) - self.title = None - self.link = None + super(CspmMonitorAwsOffering, self).__init__(**kwargs) + self.offering_type = 'CspmMonitorAws' # type: str + self.native_cloud_connection = native_cloud_connection -class CVSS(msrest.serialization.Model): - """CVSS details. +class CspmMonitorAwsOfferingNativeCloudConnection(msrest.serialization.Model): + """The native cloud connection configuration. + + :param cloud_role_arn: The cloud role ARN in AWS for this feature. + :type cloud_role_arn: str + """ + + _attribute_map = { + 'cloud_role_arn': {'key': 'cloudRoleArn', 'type': 'str'}, + } + + def __init__( + self, + *, + cloud_role_arn: Optional[str] = None, + **kwargs + ): + super(CspmMonitorAwsOfferingNativeCloudConnection, self).__init__(**kwargs) + self.cloud_role_arn = cloud_role_arn + + +class CustomAssessmentAutomation(Resource): + """Custom Assessment Automation. Variables are only populated by the server, and will be ignored when sending a request. - :ivar base: CVSS base. - :vartype base: float + :ivar id: Resource Id. + :vartype id: str + :ivar name: Resource name. + :vartype name: str + :ivar type: Resource type. + :vartype type: str + :ivar system_data: Azure Resource Manager metadata containing createdBy and modifiedBy + information. + :vartype system_data: ~azure.mgmt.security.models.SystemData + :param compressed_query: GZip encoded KQL query representing the assessment automation results + required. + :type compressed_query: str + :param supported_cloud: Relevant cloud for the custom assessment automation. Possible values + include: "AWS". + :type supported_cloud: str or ~azure.mgmt.security.models.SupportedCloudEnum + :param severity: The severity to relate to the assessments generated by this assessment + automation. Possible values include: "High", "Medium", "Low". + :type severity: str or ~azure.mgmt.security.models.SeverityEnum + :param user_impact: The user impact to relate to the assessments generated by this assessment + automation. Possible values include: "High", "Moderate", "Low". + :type user_impact: str or ~azure.mgmt.security.models.UserImpactEnum + :param implementation_effort: The implementation effort to relate to the assessments generated + by this assessment automation. Possible values include: "High", "Moderate", "Low". + :type implementation_effort: str or ~azure.mgmt.security.models.ImplementationEffortEnum + :param description: The description to relate to the assessments generated by this assessment + automation. + :type description: str + :param remediation_description: The remediation description to relate to the assessments + generated by this assessment automation. + :type remediation_description: str + :param assessment_key: The assessment metadata key used when an assessment is generated for + this assessment automation. + :type assessment_key: str """ _validation = { - 'base': {'readonly': True}, + 'id': {'readonly': True}, + 'name': {'readonly': True}, + 'type': {'readonly': True}, + 'system_data': {'readonly': True}, } _attribute_map = { - 'base': {'key': 'base', 'type': 'float'}, + 'id': {'key': 'id', 'type': 'str'}, + 'name': {'key': 'name', 'type': 'str'}, + 'type': {'key': 'type', 'type': 'str'}, + 'system_data': {'key': 'systemData', 'type': 'SystemData'}, + 'compressed_query': {'key': 'properties.compressedQuery', 'type': 'str'}, + 'supported_cloud': {'key': 'properties.supportedCloud', 'type': 'str'}, + 'severity': {'key': 'properties.severity', 'type': 'str'}, + 'user_impact': {'key': 'properties.userImpact', 'type': 'str'}, + 'implementation_effort': {'key': 'properties.implementationEffort', 'type': 'str'}, + 'description': {'key': 'properties.description', 'type': 'str'}, + 'remediation_description': {'key': 'properties.remediationDescription', 'type': 'str'}, + 'assessment_key': {'key': 'properties.assessmentKey', 'type': 'str'}, } def __init__( self, + *, + compressed_query: Optional[str] = None, + supported_cloud: Optional[Union[str, "SupportedCloudEnum"]] = "AWS", + severity: Optional[Union[str, "SeverityEnum"]] = "Low", + user_impact: Optional[Union[str, "UserImpactEnum"]] = "Low", + implementation_effort: Optional[Union[str, "ImplementationEffortEnum"]] = "Low", + description: Optional[str] = None, + remediation_description: Optional[str] = None, + assessment_key: Optional[str] = None, **kwargs ): - super(CVSS, self).__init__(**kwargs) - self.base = None + super(CustomAssessmentAutomation, self).__init__(**kwargs) + self.system_data = None + self.compressed_query = compressed_query + self.supported_cloud = supported_cloud + self.severity = severity + self.user_impact = user_impact + self.implementation_effort = implementation_effort + self.description = description + self.remediation_description = remediation_description + self.assessment_key = assessment_key -class DataExportSettings(Setting): - """Represents a data export setting. +class CustomAssessmentAutomationRequest(Resource): + """Custom Assessment Automation request. Variables are only populated by the server, and will be ignored when sending a request. - All required parameters must be populated in order to send to Azure. - :ivar id: Resource Id. :vartype id: str :ivar name: Resource name. :vartype name: str :ivar type: Resource type. :vartype type: str - :param kind: Required. the kind of the settings string.Constant filled by server. Possible - values include: "DataExportSettings", "AlertSuppressionSetting", "AlertSyncSettings". - :type kind: str or ~azure.mgmt.security.models.SettingKind - :param enabled: Is the data export setting enabled. - :type enabled: bool + :param compressed_query: Base 64 encoded KQL query representing the assessment automation + results required. + :type compressed_query: str + :param supported_cloud: Relevant cloud for the custom assessment automation. Possible values + include: "AWS". + :type supported_cloud: str or ~azure.mgmt.security.models.SupportedCloudEnum + :param severity: The severity to relate to the assessments generated by this assessment + automation. Possible values include: "High", "Medium", "Low". + :type severity: str or ~azure.mgmt.security.models.SeverityEnum + :param user_impact: The user impact to relate to the assessments generated by this assessment + automation. Possible values include: "High", "Moderate", "Low". + :type user_impact: str or ~azure.mgmt.security.models.UserImpactEnum + :param implementation_effort: The implementation effort to relate to the assessments generated + by this assessment automation. Possible values include: "High", "Moderate", "Low". + :type implementation_effort: str or ~azure.mgmt.security.models.ImplementationEffortEnum + :param description: The description to relate to the assessments generated by this assessment + automation. + :type description: str + :param remediation_description: The remediation description to relate to the assessments + generated by this assessment automation. + :type remediation_description: str """ _validation = { 'id': {'readonly': True}, 'name': {'readonly': True}, 'type': {'readonly': True}, - 'kind': {'required': True}, } _attribute_map = { 'id': {'key': 'id', 'type': 'str'}, 'name': {'key': 'name', 'type': 'str'}, 'type': {'key': 'type', 'type': 'str'}, - 'kind': {'key': 'kind', 'type': 'str'}, - 'enabled': {'key': 'properties.enabled', 'type': 'bool'}, + 'compressed_query': {'key': 'properties.compressedQuery', 'type': 'str'}, + 'supported_cloud': {'key': 'properties.supportedCloud', 'type': 'str'}, + 'severity': {'key': 'properties.severity', 'type': 'str'}, + 'user_impact': {'key': 'properties.userImpact', 'type': 'str'}, + 'implementation_effort': {'key': 'properties.implementationEffort', 'type': 'str'}, + 'description': {'key': 'properties.description', 'type': 'str'}, + 'remediation_description': {'key': 'properties.remediationDescription', 'type': 'str'}, } def __init__( self, *, - enabled: Optional[bool] = None, + compressed_query: Optional[str] = None, + supported_cloud: Optional[Union[str, "SupportedCloudEnum"]] = "AWS", + severity: Optional[Union[str, "SeverityEnum"]] = "Low", + user_impact: Optional[Union[str, "UserImpactEnum"]] = "Low", + implementation_effort: Optional[Union[str, "ImplementationEffortEnum"]] = "Low", + description: Optional[str] = None, + remediation_description: Optional[str] = None, **kwargs ): - super(DataExportSettings, self).__init__(**kwargs) - self.kind = 'DataExportSettings' # type: str - self.enabled = enabled + super(CustomAssessmentAutomationRequest, self).__init__(**kwargs) + self.compressed_query = compressed_query + self.supported_cloud = supported_cloud + self.severity = severity + self.user_impact = user_impact + self.implementation_effort = implementation_effort + self.description = description + self.remediation_description = remediation_description -class DenylistCustomAlertRule(ListCustomAlertRule): - """A custom alert rule that checks if a value (depends on the custom alert type) is denied. +class CustomAssessmentAutomationsListResult(msrest.serialization.Model): + """A list of Custom Assessment Automations. Variables are only populated by the server, and will be ignored when sending a request. - All required parameters must be populated in order to send to Azure. - - :ivar display_name: The display name of the custom alert. - :vartype display_name: str - :ivar description: The description of the custom alert. - :vartype description: str - :param is_enabled: Required. Status of the custom alert. - :type is_enabled: bool - :param rule_type: Required. The type of the custom alert rule.Constant filled by server. - :type rule_type: str - :ivar value_type: The value type of the items in the list. Possible values include: "IpCidr", - "String". - :vartype value_type: str or ~azure.mgmt.security.models.ValueType - :param denylist_values: Required. The values to deny. The format of the values depends on the - rule type. - :type denylist_values: list[str] + :ivar value: Collection of Custom Assessment Automations. + :vartype value: list[~azure.mgmt.security.models.CustomAssessmentAutomation] + :param next_link: The link used to get the next page of operations. + :type next_link: str """ _validation = { - 'display_name': {'readonly': True}, - 'description': {'readonly': True}, - 'is_enabled': {'required': True}, - 'rule_type': {'required': True}, - 'value_type': {'readonly': True}, - 'denylist_values': {'required': True}, + 'value': {'readonly': True}, } _attribute_map = { - 'display_name': {'key': 'displayName', 'type': 'str'}, - 'description': {'key': 'description', 'type': 'str'}, - 'is_enabled': {'key': 'isEnabled', 'type': 'bool'}, - 'rule_type': {'key': 'ruleType', 'type': 'str'}, - 'value_type': {'key': 'valueType', 'type': 'str'}, - 'denylist_values': {'key': 'denylistValues', 'type': '[str]'}, + 'value': {'key': 'value', 'type': '[CustomAssessmentAutomation]'}, + 'next_link': {'key': 'nextLink', 'type': 'str'}, } def __init__( self, *, - is_enabled: bool, - denylist_values: List[str], + next_link: Optional[str] = None, **kwargs ): - super(DenylistCustomAlertRule, self).__init__(is_enabled=is_enabled, **kwargs) - self.rule_type = 'DenylistCustomAlertRule' # type: str - self.denylist_values = denylist_values + super(CustomAssessmentAutomationsListResult, self).__init__(**kwargs) + self.value = None + self.next_link = next_link -class DeviceSecurityGroup(Resource): - """The device security group resource. +class CustomEntityStoreAssignment(Resource): + """Custom entity store assignment. Variables are only populated by the server, and will be ignored when sending a request. @@ -3899,383 +4087,466 @@ class DeviceSecurityGroup(Resource): :vartype name: str :ivar type: Resource type. :vartype type: str - :param threshold_rules: The list of custom alert threshold rules. - :type threshold_rules: list[~azure.mgmt.security.models.ThresholdCustomAlertRule] - :param time_window_rules: The list of custom alert time-window rules. - :type time_window_rules: list[~azure.mgmt.security.models.TimeWindowCustomAlertRule] - :param allowlist_rules: The allow-list custom alert rules. - :type allowlist_rules: list[~azure.mgmt.security.models.AllowlistCustomAlertRule] - :param denylist_rules: The deny-list custom alert rules. - :type denylist_rules: list[~azure.mgmt.security.models.DenylistCustomAlertRule] + :ivar system_data: Azure Resource Manager metadata containing createdBy and modifiedBy + information. + :vartype system_data: ~azure.mgmt.security.models.SystemData + :param principal: The principal assigned with entity store. Format of principal is: [AAD + type]=[PrincipalObjectId];[TenantId]. + :type principal: str + :param entity_store_database_link: The link to entity store database. + :type entity_store_database_link: str """ _validation = { 'id': {'readonly': True}, 'name': {'readonly': True}, 'type': {'readonly': True}, + 'system_data': {'readonly': True}, } _attribute_map = { 'id': {'key': 'id', 'type': 'str'}, 'name': {'key': 'name', 'type': 'str'}, 'type': {'key': 'type', 'type': 'str'}, - 'threshold_rules': {'key': 'properties.thresholdRules', 'type': '[ThresholdCustomAlertRule]'}, - 'time_window_rules': {'key': 'properties.timeWindowRules', 'type': '[TimeWindowCustomAlertRule]'}, - 'allowlist_rules': {'key': 'properties.allowlistRules', 'type': '[AllowlistCustomAlertRule]'}, - 'denylist_rules': {'key': 'properties.denylistRules', 'type': '[DenylistCustomAlertRule]'}, + 'system_data': {'key': 'systemData', 'type': 'SystemData'}, + 'principal': {'key': 'properties.principal', 'type': 'str'}, + 'entity_store_database_link': {'key': 'properties.entityStoreDatabaseLink', 'type': 'str'}, } def __init__( self, *, - threshold_rules: Optional[List["ThresholdCustomAlertRule"]] = None, - time_window_rules: Optional[List["TimeWindowCustomAlertRule"]] = None, - allowlist_rules: Optional[List["AllowlistCustomAlertRule"]] = None, - denylist_rules: Optional[List["DenylistCustomAlertRule"]] = None, + principal: Optional[str] = None, + entity_store_database_link: Optional[str] = None, **kwargs ): - super(DeviceSecurityGroup, self).__init__(**kwargs) - self.threshold_rules = threshold_rules - self.time_window_rules = time_window_rules - self.allowlist_rules = allowlist_rules - self.denylist_rules = denylist_rules - + super(CustomEntityStoreAssignment, self).__init__(**kwargs) + self.system_data = None + self.principal = principal + self.entity_store_database_link = entity_store_database_link -class DeviceSecurityGroupList(msrest.serialization.Model): - """List of device security groups. - Variables are only populated by the server, and will be ignored when sending a request. +class CustomEntityStoreAssignmentRequest(msrest.serialization.Model): + """describes the custom entity store assignment request. - :param value: List of device security group objects. - :type value: list[~azure.mgmt.security.models.DeviceSecurityGroup] - :ivar next_link: The URI to fetch the next page. - :vartype next_link: str + :param principal: The principal assigned with entity store. If not provided, will use caller + principal. Format of principal is: [AAD type]=[PrincipalObjectId];[TenantId]. + :type principal: str """ - _validation = { - 'next_link': {'readonly': True}, - } - _attribute_map = { - 'value': {'key': 'value', 'type': '[DeviceSecurityGroup]'}, - 'next_link': {'key': 'nextLink', 'type': 'str'}, + 'principal': {'key': 'properties.principal', 'type': 'str'}, } def __init__( self, *, - value: Optional[List["DeviceSecurityGroup"]] = None, + principal: Optional[str] = None, **kwargs ): - super(DeviceSecurityGroupList, self).__init__(**kwargs) - self.value = value - self.next_link = None + super(CustomEntityStoreAssignmentRequest, self).__init__(**kwargs) + self.principal = principal -class DirectMethodInvokesNotInAllowedRange(TimeWindowCustomAlertRule): - """Number of direct method invokes is not in allowed range. +class CustomEntityStoreAssignmentsListResult(msrest.serialization.Model): + """A list of custom entity store assignments. Variables are only populated by the server, and will be ignored when sending a request. - All required parameters must be populated in order to send to Azure. - - :ivar display_name: The display name of the custom alert. - :vartype display_name: str - :ivar description: The description of the custom alert. - :vartype description: str - :param is_enabled: Required. Status of the custom alert. - :type is_enabled: bool - :param rule_type: Required. The type of the custom alert rule.Constant filled by server. - :type rule_type: str - :param min_threshold: Required. The minimum threshold. - :type min_threshold: int - :param max_threshold: Required. The maximum threshold. - :type max_threshold: int - :param time_window_size: Required. The time window size in iso8601 format. - :type time_window_size: ~datetime.timedelta + :ivar value: Collection of custom entity store assignments. + :vartype value: list[~azure.mgmt.security.models.CustomEntityStoreAssignment] + :param next_link: The link used to get the next page of operations. + :type next_link: str """ _validation = { - 'display_name': {'readonly': True}, - 'description': {'readonly': True}, - 'is_enabled': {'required': True}, - 'rule_type': {'required': True}, - 'min_threshold': {'required': True}, - 'max_threshold': {'required': True}, - 'time_window_size': {'required': True}, + 'value': {'readonly': True}, } _attribute_map = { - 'display_name': {'key': 'displayName', 'type': 'str'}, - 'description': {'key': 'description', 'type': 'str'}, - 'is_enabled': {'key': 'isEnabled', 'type': 'bool'}, - 'rule_type': {'key': 'ruleType', 'type': 'str'}, - 'min_threshold': {'key': 'minThreshold', 'type': 'int'}, - 'max_threshold': {'key': 'maxThreshold', 'type': 'int'}, - 'time_window_size': {'key': 'timeWindowSize', 'type': 'duration'}, + 'value': {'key': 'value', 'type': '[CustomEntityStoreAssignment]'}, + 'next_link': {'key': 'nextLink', 'type': 'str'}, } def __init__( self, *, - is_enabled: bool, - min_threshold: int, - max_threshold: int, - time_window_size: datetime.timedelta, + next_link: Optional[str] = None, **kwargs ): - super(DirectMethodInvokesNotInAllowedRange, self).__init__(is_enabled=is_enabled, min_threshold=min_threshold, max_threshold=max_threshold, time_window_size=time_window_size, **kwargs) - self.rule_type = 'DirectMethodInvokesNotInAllowedRange' # type: str + super(CustomEntityStoreAssignmentsListResult, self).__init__(**kwargs) + self.value = None + self.next_link = next_link -class DiscoveredSecuritySolution(Resource, Location): - """DiscoveredSecuritySolution. +class CVE(msrest.serialization.Model): + """CVE details. + + Variables are only populated by the server, and will be ignored when sending a request. + + :ivar title: CVE title. + :vartype title: str + :ivar link: Link url. + :vartype link: str + """ + + _validation = { + 'title': {'readonly': True}, + 'link': {'readonly': True}, + } + + _attribute_map = { + 'title': {'key': 'title', 'type': 'str'}, + 'link': {'key': 'link', 'type': 'str'}, + } + + def __init__( + self, + **kwargs + ): + super(CVE, self).__init__(**kwargs) + self.title = None + self.link = None + + +class CVSS(msrest.serialization.Model): + """CVSS details. + + Variables are only populated by the server, and will be ignored when sending a request. + + :ivar base: CVSS base. + :vartype base: float + """ + + _validation = { + 'base': {'readonly': True}, + } + + _attribute_map = { + 'base': {'key': 'base', 'type': 'float'}, + } + + def __init__( + self, + **kwargs + ): + super(CVSS, self).__init__(**kwargs) + self.base = None + + +class DataExportSettings(Setting): + """Represents a data export setting. Variables are only populated by the server, and will be ignored when sending a request. All required parameters must be populated in order to send to Azure. - :ivar location: Location where the resource is stored. - :vartype location: str :ivar id: Resource Id. :vartype id: str :ivar name: Resource name. :vartype name: str :ivar type: Resource type. :vartype type: str - :param security_family: Required. The security family of the discovered solution. Possible - values include: "Waf", "Ngfw", "SaasWaf", "Va". - :type security_family: str or ~azure.mgmt.security.models.SecurityFamily - :param offer: Required. The security solutions' image offer. - :type offer: str - :param publisher: Required. The security solutions' image publisher. - :type publisher: str - :param sku: Required. The security solutions' image sku. - :type sku: str + :param kind: Required. the kind of the settings string.Constant filled by server. Possible + values include: "DataExportSettings", "AlertSuppressionSetting", "AlertSyncSettings". + :type kind: str or ~azure.mgmt.security.models.SettingKind + :param enabled: Is the data export setting enabled. + :type enabled: bool """ _validation = { - 'location': {'readonly': True}, 'id': {'readonly': True}, 'name': {'readonly': True}, 'type': {'readonly': True}, - 'security_family': {'required': True}, - 'offer': {'required': True}, - 'publisher': {'required': True}, - 'sku': {'required': True}, + 'kind': {'required': True}, } _attribute_map = { - 'location': {'key': 'location', 'type': 'str'}, 'id': {'key': 'id', 'type': 'str'}, 'name': {'key': 'name', 'type': 'str'}, 'type': {'key': 'type', 'type': 'str'}, - 'security_family': {'key': 'properties.securityFamily', 'type': 'str'}, - 'offer': {'key': 'properties.offer', 'type': 'str'}, - 'publisher': {'key': 'properties.publisher', 'type': 'str'}, - 'sku': {'key': 'properties.sku', 'type': 'str'}, + 'kind': {'key': 'kind', 'type': 'str'}, + 'enabled': {'key': 'properties.enabled', 'type': 'bool'}, } def __init__( self, *, - security_family: Union[str, "SecurityFamily"], - offer: str, - publisher: str, - sku: str, + enabled: Optional[bool] = None, **kwargs ): - super(DiscoveredSecuritySolution, self).__init__(**kwargs) - self.location = None - self.security_family = security_family - self.offer = offer - self.publisher = publisher - self.sku = sku - self.id = None - self.name = None - self.type = None - self.security_family = security_family - self.offer = offer - self.publisher = publisher - self.sku = sku + super(DataExportSettings, self).__init__(**kwargs) + self.kind = 'DataExportSettings' # type: str + self.enabled = enabled -class DiscoveredSecuritySolutionList(msrest.serialization.Model): - """DiscoveredSecuritySolutionList. +class DefenderForContainersAwsOffering(CloudOffering): + """The Defender for Containers AWS offering configurations. Variables are only populated by the server, and will be ignored when sending a request. - :param value: - :type value: list[~azure.mgmt.security.models.DiscoveredSecuritySolution] - :ivar next_link: The URI to fetch the next page. - :vartype next_link: str + All required parameters must be populated in order to send to Azure. + + :param offering_type: Required. The type of the security offering.Constant filled by server. + Possible values include: "CspmMonitorAws", "DefenderForContainersAws", "DefenderForServersAws". + :type offering_type: str or ~azure.mgmt.security.models.OfferingType + :ivar description: The offering description. + :vartype description: str + :param kubernetes_service: The kubernetes service connection configuration. + :type kubernetes_service: + ~azure.mgmt.security.models.DefenderForContainersAwsOfferingKubernetesService + :param kubernetes_scuba_reader: The kubernetes to scuba connection configuration. + :type kubernetes_scuba_reader: + ~azure.mgmt.security.models.DefenderForContainersAwsOfferingKubernetesScubaReader + :param cloud_watch_to_kinesis: The cloudwatch to kinesis connection configuration. + :type cloud_watch_to_kinesis: + ~azure.mgmt.security.models.DefenderForContainersAwsOfferingCloudWatchToKinesis + :param kinesis_to_s3: The kinesis to s3 connection configuration. + :type kinesis_to_s3: ~azure.mgmt.security.models.DefenderForContainersAwsOfferingKinesisToS3 """ _validation = { - 'next_link': {'readonly': True}, + 'offering_type': {'required': True}, + 'description': {'readonly': True}, } _attribute_map = { - 'value': {'key': 'value', 'type': '[DiscoveredSecuritySolution]'}, - 'next_link': {'key': 'nextLink', 'type': 'str'}, + 'offering_type': {'key': 'offeringType', 'type': 'str'}, + 'description': {'key': 'description', 'type': 'str'}, + 'kubernetes_service': {'key': 'kubernetesService', 'type': 'DefenderForContainersAwsOfferingKubernetesService'}, + 'kubernetes_scuba_reader': {'key': 'kubernetesScubaReader', 'type': 'DefenderForContainersAwsOfferingKubernetesScubaReader'}, + 'cloud_watch_to_kinesis': {'key': 'cloudWatchToKinesis', 'type': 'DefenderForContainersAwsOfferingCloudWatchToKinesis'}, + 'kinesis_to_s3': {'key': 'kinesisToS3', 'type': 'DefenderForContainersAwsOfferingKinesisToS3'}, } def __init__( self, *, - value: Optional[List["DiscoveredSecuritySolution"]] = None, + kubernetes_service: Optional["DefenderForContainersAwsOfferingKubernetesService"] = None, + kubernetes_scuba_reader: Optional["DefenderForContainersAwsOfferingKubernetesScubaReader"] = None, + cloud_watch_to_kinesis: Optional["DefenderForContainersAwsOfferingCloudWatchToKinesis"] = None, + kinesis_to_s3: Optional["DefenderForContainersAwsOfferingKinesisToS3"] = None, **kwargs ): - super(DiscoveredSecuritySolutionList, self).__init__(**kwargs) - self.value = value - self.next_link = None + super(DefenderForContainersAwsOffering, self).__init__(**kwargs) + self.offering_type = 'DefenderForContainersAws' # type: str + self.kubernetes_service = kubernetes_service + self.kubernetes_scuba_reader = kubernetes_scuba_reader + self.cloud_watch_to_kinesis = cloud_watch_to_kinesis + self.kinesis_to_s3 = kinesis_to_s3 -class EffectiveNetworkSecurityGroups(msrest.serialization.Model): - """Describes the Network Security Groups effective on a network interface. +class DefenderForContainersAwsOfferingCloudWatchToKinesis(msrest.serialization.Model): + """The cloudwatch to kinesis connection configuration. - :param network_interface: The Azure resource ID of the network interface. - :type network_interface: str - :param network_security_groups: The Network Security Groups effective on the network interface. - :type network_security_groups: list[str] + :param cloud_role_arn: The cloud role ARN in AWS for this feature. + :type cloud_role_arn: str """ _attribute_map = { - 'network_interface': {'key': 'networkInterface', 'type': 'str'}, - 'network_security_groups': {'key': 'networkSecurityGroups', 'type': '[str]'}, + 'cloud_role_arn': {'key': 'cloudRoleArn', 'type': 'str'}, } def __init__( self, *, - network_interface: Optional[str] = None, - network_security_groups: Optional[List[str]] = None, + cloud_role_arn: Optional[str] = None, **kwargs ): - super(EffectiveNetworkSecurityGroups, self).__init__(**kwargs) - self.network_interface = network_interface - self.network_security_groups = network_security_groups + super(DefenderForContainersAwsOfferingCloudWatchToKinesis, self).__init__(**kwargs) + self.cloud_role_arn = cloud_role_arn -class ErrorAdditionalInfo(msrest.serialization.Model): - """The resource management error additional info. - - Variables are only populated by the server, and will be ignored when sending a request. +class DefenderForContainersAwsOfferingKinesisToS3(msrest.serialization.Model): + """The kinesis to s3 connection configuration. - :ivar type: The additional info type. - :vartype type: str - :ivar info: The additional info. - :vartype info: any + :param cloud_role_arn: The cloud role ARN in AWS for this feature. + :type cloud_role_arn: str """ - _validation = { - 'type': {'readonly': True}, - 'info': {'readonly': True}, - } - _attribute_map = { - 'type': {'key': 'type', 'type': 'str'}, - 'info': {'key': 'info', 'type': 'object'}, + 'cloud_role_arn': {'key': 'cloudRoleArn', 'type': 'str'}, } def __init__( self, + *, + cloud_role_arn: Optional[str] = None, **kwargs ): - super(ErrorAdditionalInfo, self).__init__(**kwargs) - self.type = None - self.info = None - + super(DefenderForContainersAwsOfferingKinesisToS3, self).__init__(**kwargs) + self.cloud_role_arn = cloud_role_arn -class ExternalSecuritySolutionList(msrest.serialization.Model): - """ExternalSecuritySolutionList. - Variables are only populated by the server, and will be ignored when sending a request. +class DefenderForContainersAwsOfferingKubernetesScubaReader(msrest.serialization.Model): + """The kubernetes to scuba connection configuration. - :param value: - :type value: list[~azure.mgmt.security.models.ExternalSecuritySolution] - :ivar next_link: The URI to fetch the next page. - :vartype next_link: str + :param cloud_role_arn: The cloud role ARN in AWS for this feature. + :type cloud_role_arn: str """ - _validation = { - 'next_link': {'readonly': True}, + _attribute_map = { + 'cloud_role_arn': {'key': 'cloudRoleArn', 'type': 'str'}, } + def __init__( + self, + *, + cloud_role_arn: Optional[str] = None, + **kwargs + ): + super(DefenderForContainersAwsOfferingKubernetesScubaReader, self).__init__(**kwargs) + self.cloud_role_arn = cloud_role_arn + + +class DefenderForContainersAwsOfferingKubernetesService(msrest.serialization.Model): + """The kubernetes service connection configuration. + + :param cloud_role_arn: The cloud role ARN in AWS for this feature. + :type cloud_role_arn: str + """ + _attribute_map = { - 'value': {'key': 'value', 'type': '[ExternalSecuritySolution]'}, - 'next_link': {'key': 'nextLink', 'type': 'str'}, + 'cloud_role_arn': {'key': 'cloudRoleArn', 'type': 'str'}, } def __init__( self, *, - value: Optional[List["ExternalSecuritySolution"]] = None, + cloud_role_arn: Optional[str] = None, **kwargs ): - super(ExternalSecuritySolutionList, self).__init__(**kwargs) - self.value = value - self.next_link = None + super(DefenderForContainersAwsOfferingKubernetesService, self).__init__(**kwargs) + self.cloud_role_arn = cloud_role_arn -class FailedLocalLoginsNotInAllowedRange(TimeWindowCustomAlertRule): - """Number of failed local logins is not in allowed range. +class DefenderForServersAwsOffering(CloudOffering): + """The Defender for Servers AWS offering configurations. Variables are only populated by the server, and will be ignored when sending a request. All required parameters must be populated in order to send to Azure. - :ivar display_name: The display name of the custom alert. - :vartype display_name: str - :ivar description: The description of the custom alert. + :param offering_type: Required. The type of the security offering.Constant filled by server. + Possible values include: "CspmMonitorAws", "DefenderForContainersAws", "DefenderForServersAws". + :type offering_type: str or ~azure.mgmt.security.models.OfferingType + :ivar description: The offering description. :vartype description: str - :param is_enabled: Required. Status of the custom alert. - :type is_enabled: bool - :param rule_type: Required. The type of the custom alert rule.Constant filled by server. - :type rule_type: str - :param min_threshold: Required. The minimum threshold. - :type min_threshold: int - :param max_threshold: Required. The maximum threshold. - :type max_threshold: int - :param time_window_size: Required. The time window size in iso8601 format. - :type time_window_size: ~datetime.timedelta + :param defender_for_servers: The Defender for servers connection configuration. + :type defender_for_servers: + ~azure.mgmt.security.models.DefenderForServersAwsOfferingDefenderForServers + :param arc_auto_provisioning: The ARC autoprovisioning configuration. + :type arc_auto_provisioning: + ~azure.mgmt.security.models.DefenderForServersAwsOfferingArcAutoProvisioning """ _validation = { - 'display_name': {'readonly': True}, + 'offering_type': {'required': True}, 'description': {'readonly': True}, - 'is_enabled': {'required': True}, - 'rule_type': {'required': True}, - 'min_threshold': {'required': True}, - 'max_threshold': {'required': True}, - 'time_window_size': {'required': True}, } _attribute_map = { - 'display_name': {'key': 'displayName', 'type': 'str'}, + 'offering_type': {'key': 'offeringType', 'type': 'str'}, 'description': {'key': 'description', 'type': 'str'}, - 'is_enabled': {'key': 'isEnabled', 'type': 'bool'}, - 'rule_type': {'key': 'ruleType', 'type': 'str'}, - 'min_threshold': {'key': 'minThreshold', 'type': 'int'}, - 'max_threshold': {'key': 'maxThreshold', 'type': 'int'}, - 'time_window_size': {'key': 'timeWindowSize', 'type': 'duration'}, + 'defender_for_servers': {'key': 'defenderForServers', 'type': 'DefenderForServersAwsOfferingDefenderForServers'}, + 'arc_auto_provisioning': {'key': 'arcAutoProvisioning', 'type': 'DefenderForServersAwsOfferingArcAutoProvisioning'}, } def __init__( self, *, - is_enabled: bool, - min_threshold: int, - max_threshold: int, - time_window_size: datetime.timedelta, + defender_for_servers: Optional["DefenderForServersAwsOfferingDefenderForServers"] = None, + arc_auto_provisioning: Optional["DefenderForServersAwsOfferingArcAutoProvisioning"] = None, **kwargs ): - super(FailedLocalLoginsNotInAllowedRange, self).__init__(is_enabled=is_enabled, min_threshold=min_threshold, max_threshold=max_threshold, time_window_size=time_window_size, **kwargs) - self.rule_type = 'FailedLocalLoginsNotInAllowedRange' # type: str + super(DefenderForServersAwsOffering, self).__init__(**kwargs) + self.offering_type = 'DefenderForServersAWS' # type: str + self.defender_for_servers = defender_for_servers + self.arc_auto_provisioning = arc_auto_provisioning -class FileUploadsNotInAllowedRange(TimeWindowCustomAlertRule): - """Number of file uploads is not in allowed range. +class DefenderForServersAwsOfferingArcAutoProvisioning(msrest.serialization.Model): + """The ARC autoprovisioning configuration. + + :param enabled: Is arc auto provisioning enabled. + :type enabled: bool + :param service_principal_secret_metadata: Metadata of Service Principal secret for + autoprovisioning. + :type service_principal_secret_metadata: + ~azure.mgmt.security.models.DefenderForServersAwsOfferingArcAutoProvisioningServicePrincipalSecretMetadata + """ + + _attribute_map = { + 'enabled': {'key': 'enabled', 'type': 'bool'}, + 'service_principal_secret_metadata': {'key': 'servicePrincipalSecretMetadata', 'type': 'DefenderForServersAwsOfferingArcAutoProvisioningServicePrincipalSecretMetadata'}, + } + + def __init__( + self, + *, + enabled: Optional[bool] = None, + service_principal_secret_metadata: Optional["DefenderForServersAwsOfferingArcAutoProvisioningServicePrincipalSecretMetadata"] = None, + **kwargs + ): + super(DefenderForServersAwsOfferingArcAutoProvisioning, self).__init__(**kwargs) + self.enabled = enabled + self.service_principal_secret_metadata = service_principal_secret_metadata + + +class DefenderForServersAwsOfferingArcAutoProvisioningServicePrincipalSecretMetadata(msrest.serialization.Model): + """Metadata of Service Principal secret for autoprovisioning. + + :param expiry_date: expiration date of service principal secret. + :type expiry_date: str + :param parameter_store_region: region of parameter store where secret is kept. + :type parameter_store_region: str + :param parameter_name_in_store: name of secret resource in parameter store. + :type parameter_name_in_store: str + """ + + _attribute_map = { + 'expiry_date': {'key': 'expiryDate', 'type': 'str'}, + 'parameter_store_region': {'key': 'parameterStoreRegion', 'type': 'str'}, + 'parameter_name_in_store': {'key': 'parameterNameInStore', 'type': 'str'}, + } + + def __init__( + self, + *, + expiry_date: Optional[str] = None, + parameter_store_region: Optional[str] = None, + parameter_name_in_store: Optional[str] = None, + **kwargs + ): + super(DefenderForServersAwsOfferingArcAutoProvisioningServicePrincipalSecretMetadata, self).__init__(**kwargs) + self.expiry_date = expiry_date + self.parameter_store_region = parameter_store_region + self.parameter_name_in_store = parameter_name_in_store + + +class DefenderForServersAwsOfferingDefenderForServers(msrest.serialization.Model): + """The Defender for servers connection configuration. + + :param cloud_role_arn: The cloud role ARN in AWS for this feature. + :type cloud_role_arn: str + """ + + _attribute_map = { + 'cloud_role_arn': {'key': 'cloudRoleArn', 'type': 'str'}, + } + + def __init__( + self, + *, + cloud_role_arn: Optional[str] = None, + **kwargs + ): + super(DefenderForServersAwsOfferingDefenderForServers, self).__init__(**kwargs) + self.cloud_role_arn = cloud_role_arn + + +class DenylistCustomAlertRule(ListCustomAlertRule): + """A custom alert rule that checks if a value (depends on the custom alert type) is denied. Variables are only populated by the server, and will be ignored when sending a request. @@ -4289,12 +4560,12 @@ class FileUploadsNotInAllowedRange(TimeWindowCustomAlertRule): :type is_enabled: bool :param rule_type: Required. The type of the custom alert rule.Constant filled by server. :type rule_type: str - :param min_threshold: Required. The minimum threshold. - :type min_threshold: int - :param max_threshold: Required. The maximum threshold. - :type max_threshold: int - :param time_window_size: Required. The time window size in iso8601 format. - :type time_window_size: ~datetime.timedelta + :ivar value_type: The value type of the items in the list. Possible values include: "IpCidr", + "String". + :vartype value_type: str or ~azure.mgmt.security.models.ValueType + :param denylist_values: Required. The values to deny. The format of the values depends on the + rule type. + :type denylist_values: list[str] """ _validation = { @@ -4302,9 +4573,8 @@ class FileUploadsNotInAllowedRange(TimeWindowCustomAlertRule): 'description': {'readonly': True}, 'is_enabled': {'required': True}, 'rule_type': {'required': True}, - 'min_threshold': {'required': True}, - 'max_threshold': {'required': True}, - 'time_window_size': {'required': True}, + 'value_type': {'readonly': True}, + 'denylist_values': {'required': True}, } _attribute_map = { @@ -4312,134 +4582,108 @@ class FileUploadsNotInAllowedRange(TimeWindowCustomAlertRule): 'description': {'key': 'description', 'type': 'str'}, 'is_enabled': {'key': 'isEnabled', 'type': 'bool'}, 'rule_type': {'key': 'ruleType', 'type': 'str'}, - 'min_threshold': {'key': 'minThreshold', 'type': 'int'}, - 'max_threshold': {'key': 'maxThreshold', 'type': 'int'}, - 'time_window_size': {'key': 'timeWindowSize', 'type': 'duration'}, + 'value_type': {'key': 'valueType', 'type': 'str'}, + 'denylist_values': {'key': 'denylistValues', 'type': '[str]'}, } def __init__( self, *, is_enabled: bool, - min_threshold: int, - max_threshold: int, - time_window_size: datetime.timedelta, + denylist_values: List[str], **kwargs ): - super(FileUploadsNotInAllowedRange, self).__init__(is_enabled=is_enabled, min_threshold=min_threshold, max_threshold=max_threshold, time_window_size=time_window_size, **kwargs) - self.rule_type = 'FileUploadsNotInAllowedRange' # type: str + super(DenylistCustomAlertRule, self).__init__(is_enabled=is_enabled, **kwargs) + self.rule_type = 'DenylistCustomAlertRule' # type: str + self.denylist_values = denylist_values -class GcpCredentialsDetailsProperties(AuthenticationDetailsProperties): - """GCP cloud account connector based service to service credentials, the credentials are composed of the organization ID and a JSON API key (write only). +class DeviceSecurityGroup(Resource): + """The device security group resource. Variables are only populated by the server, and will be ignored when sending a request. - All required parameters must be populated in order to send to Azure. - - :ivar authentication_provisioning_state: State of the multi-cloud connector. Possible values - include: "Valid", "Invalid", "Expired", "IncorrectPolicy". - :vartype authentication_provisioning_state: str or - ~azure.mgmt.security.models.AuthenticationProvisioningState - :ivar granted_permissions: The permissions detected in the cloud account. - :vartype granted_permissions: list[str or ~azure.mgmt.security.models.PermissionProperty] - :param authentication_type: Required. Connect to your cloud account, for AWS use either account - credentials or role-based authentication. For GCP use account organization credentials.Constant - filled by server. Possible values include: "awsCreds", "awsAssumeRole", "gcpCredentials". - :type authentication_type: str or ~azure.mgmt.security.models.AuthenticationType - :param organization_id: Required. The organization ID of the GCP cloud account. - :type organization_id: str - :param type: Required. Type field of the API key (write only). - :type type: str - :param project_id: Required. Project ID field of the API key (write only). - :type project_id: str - :param private_key_id: Required. Private key ID field of the API key (write only). - :type private_key_id: str - :param private_key: Required. Private key field of the API key (write only). - :type private_key: str - :param client_email: Required. Client email field of the API key (write only). - :type client_email: str - :param client_id: Required. Client ID field of the API key (write only). - :type client_id: str - :param auth_uri: Required. Auth URI field of the API key (write only). - :type auth_uri: str - :param token_uri: Required. Token URI field of the API key (write only). - :type token_uri: str - :param auth_provider_x509_cert_url: Required. Auth provider x509 certificate URL field of the - API key (write only). - :type auth_provider_x509_cert_url: str - :param client_x509_cert_url: Required. Client x509 certificate URL field of the API key (write - only). - :type client_x509_cert_url: str + :ivar id: Resource Id. + :vartype id: str + :ivar name: Resource name. + :vartype name: str + :ivar type: Resource type. + :vartype type: str + :param threshold_rules: The list of custom alert threshold rules. + :type threshold_rules: list[~azure.mgmt.security.models.ThresholdCustomAlertRule] + :param time_window_rules: The list of custom alert time-window rules. + :type time_window_rules: list[~azure.mgmt.security.models.TimeWindowCustomAlertRule] + :param allowlist_rules: The allow-list custom alert rules. + :type allowlist_rules: list[~azure.mgmt.security.models.AllowlistCustomAlertRule] + :param denylist_rules: The deny-list custom alert rules. + :type denylist_rules: list[~azure.mgmt.security.models.DenylistCustomAlertRule] """ _validation = { - 'authentication_provisioning_state': {'readonly': True}, - 'granted_permissions': {'readonly': True}, - 'authentication_type': {'required': True}, - 'organization_id': {'required': True}, - 'type': {'required': True}, - 'project_id': {'required': True}, - 'private_key_id': {'required': True}, - 'private_key': {'required': True}, - 'client_email': {'required': True}, - 'client_id': {'required': True}, - 'auth_uri': {'required': True}, - 'token_uri': {'required': True}, - 'auth_provider_x509_cert_url': {'required': True}, - 'client_x509_cert_url': {'required': True}, + 'id': {'readonly': True}, + 'name': {'readonly': True}, + 'type': {'readonly': True}, } _attribute_map = { - 'authentication_provisioning_state': {'key': 'authenticationProvisioningState', 'type': 'str'}, - 'granted_permissions': {'key': 'grantedPermissions', 'type': '[str]'}, - 'authentication_type': {'key': 'authenticationType', 'type': 'str'}, - 'organization_id': {'key': 'organizationId', 'type': 'str'}, + 'id': {'key': 'id', 'type': 'str'}, + 'name': {'key': 'name', 'type': 'str'}, 'type': {'key': 'type', 'type': 'str'}, - 'project_id': {'key': 'projectId', 'type': 'str'}, - 'private_key_id': {'key': 'privateKeyId', 'type': 'str'}, - 'private_key': {'key': 'privateKey', 'type': 'str'}, - 'client_email': {'key': 'clientEmail', 'type': 'str'}, - 'client_id': {'key': 'clientId', 'type': 'str'}, - 'auth_uri': {'key': 'authUri', 'type': 'str'}, - 'token_uri': {'key': 'tokenUri', 'type': 'str'}, - 'auth_provider_x509_cert_url': {'key': 'authProviderX509CertUrl', 'type': 'str'}, - 'client_x509_cert_url': {'key': 'clientX509CertUrl', 'type': 'str'}, + 'threshold_rules': {'key': 'properties.thresholdRules', 'type': '[ThresholdCustomAlertRule]'}, + 'time_window_rules': {'key': 'properties.timeWindowRules', 'type': '[TimeWindowCustomAlertRule]'}, + 'allowlist_rules': {'key': 'properties.allowlistRules', 'type': '[AllowlistCustomAlertRule]'}, + 'denylist_rules': {'key': 'properties.denylistRules', 'type': '[DenylistCustomAlertRule]'}, } def __init__( self, *, - organization_id: str, - type: str, - project_id: str, - private_key_id: str, - private_key: str, - client_email: str, - client_id: str, - auth_uri: str, - token_uri: str, - auth_provider_x509_cert_url: str, - client_x509_cert_url: str, + threshold_rules: Optional[List["ThresholdCustomAlertRule"]] = None, + time_window_rules: Optional[List["TimeWindowCustomAlertRule"]] = None, + allowlist_rules: Optional[List["AllowlistCustomAlertRule"]] = None, + denylist_rules: Optional[List["DenylistCustomAlertRule"]] = None, **kwargs ): - super(GcpCredentialsDetailsProperties, self).__init__(**kwargs) - self.authentication_type = 'gcpCredentials' # type: str - self.organization_id = organization_id - self.type = type - self.project_id = project_id - self.private_key_id = private_key_id - self.private_key = private_key - self.client_email = client_email - self.client_id = client_id - self.auth_uri = auth_uri - self.token_uri = token_uri - self.auth_provider_x509_cert_url = auth_provider_x509_cert_url - self.client_x509_cert_url = client_x509_cert_url + super(DeviceSecurityGroup, self).__init__(**kwargs) + self.threshold_rules = threshold_rules + self.time_window_rules = time_window_rules + self.allowlist_rules = allowlist_rules + self.denylist_rules = denylist_rules -class HttpC2DMessagesNotInAllowedRange(TimeWindowCustomAlertRule): - """Number of cloud to device messages (HTTP protocol) is not in allowed range. +class DeviceSecurityGroupList(msrest.serialization.Model): + """List of device security groups. + + Variables are only populated by the server, and will be ignored when sending a request. + + :param value: List of device security group objects. + :type value: list[~azure.mgmt.security.models.DeviceSecurityGroup] + :ivar next_link: The URI to fetch the next page. + :vartype next_link: str + """ + + _validation = { + 'next_link': {'readonly': True}, + } + + _attribute_map = { + 'value': {'key': 'value', 'type': '[DeviceSecurityGroup]'}, + 'next_link': {'key': 'nextLink', 'type': 'str'}, + } + + def __init__( + self, + *, + value: Optional[List["DeviceSecurityGroup"]] = None, + **kwargs + ): + super(DeviceSecurityGroupList, self).__init__(**kwargs) + self.value = value + self.next_link = None + + +class DirectMethodInvokesNotInAllowedRange(TimeWindowCustomAlertRule): + """Number of direct method invokes is not in allowed range. Variables are only populated by the server, and will be ignored when sending a request. @@ -4490,24 +4734,214 @@ def __init__( time_window_size: datetime.timedelta, **kwargs ): - super(HttpC2DMessagesNotInAllowedRange, self).__init__(is_enabled=is_enabled, min_threshold=min_threshold, max_threshold=max_threshold, time_window_size=time_window_size, **kwargs) - self.rule_type = 'HttpC2DMessagesNotInAllowedRange' # type: str + super(DirectMethodInvokesNotInAllowedRange, self).__init__(is_enabled=is_enabled, min_threshold=min_threshold, max_threshold=max_threshold, time_window_size=time_window_size, **kwargs) + self.rule_type = 'DirectMethodInvokesNotInAllowedRange' # type: str -class HttpC2DRejectedMessagesNotInAllowedRange(TimeWindowCustomAlertRule): - """Number of rejected cloud to device messages (HTTP protocol) is not in allowed range. +class DiscoveredSecuritySolution(Resource, Location): + """DiscoveredSecuritySolution. Variables are only populated by the server, and will be ignored when sending a request. All required parameters must be populated in order to send to Azure. - :ivar display_name: The display name of the custom alert. - :vartype display_name: str - :ivar description: The description of the custom alert. - :vartype description: str - :param is_enabled: Required. Status of the custom alert. - :type is_enabled: bool - :param rule_type: Required. The type of the custom alert rule.Constant filled by server. + :ivar location: Location where the resource is stored. + :vartype location: str + :ivar id: Resource Id. + :vartype id: str + :ivar name: Resource name. + :vartype name: str + :ivar type: Resource type. + :vartype type: str + :param security_family: Required. The security family of the discovered solution. Possible + values include: "Waf", "Ngfw", "SaasWaf", "Va". + :type security_family: str or ~azure.mgmt.security.models.SecurityFamily + :param offer: Required. The security solutions' image offer. + :type offer: str + :param publisher: Required. The security solutions' image publisher. + :type publisher: str + :param sku: Required. The security solutions' image sku. + :type sku: str + """ + + _validation = { + 'location': {'readonly': True}, + 'id': {'readonly': True}, + 'name': {'readonly': True}, + 'type': {'readonly': True}, + 'security_family': {'required': True}, + 'offer': {'required': True}, + 'publisher': {'required': True}, + 'sku': {'required': True}, + } + + _attribute_map = { + 'location': {'key': 'location', 'type': 'str'}, + 'id': {'key': 'id', 'type': 'str'}, + 'name': {'key': 'name', 'type': 'str'}, + 'type': {'key': 'type', 'type': 'str'}, + 'security_family': {'key': 'properties.securityFamily', 'type': 'str'}, + 'offer': {'key': 'properties.offer', 'type': 'str'}, + 'publisher': {'key': 'properties.publisher', 'type': 'str'}, + 'sku': {'key': 'properties.sku', 'type': 'str'}, + } + + def __init__( + self, + *, + security_family: Union[str, "SecurityFamily"], + offer: str, + publisher: str, + sku: str, + **kwargs + ): + super(DiscoveredSecuritySolution, self).__init__(**kwargs) + self.location = None + self.security_family = security_family + self.offer = offer + self.publisher = publisher + self.sku = sku + self.id = None + self.name = None + self.type = None + self.security_family = security_family + self.offer = offer + self.publisher = publisher + self.sku = sku + + +class DiscoveredSecuritySolutionList(msrest.serialization.Model): + """DiscoveredSecuritySolutionList. + + Variables are only populated by the server, and will be ignored when sending a request. + + :param value: + :type value: list[~azure.mgmt.security.models.DiscoveredSecuritySolution] + :ivar next_link: The URI to fetch the next page. + :vartype next_link: str + """ + + _validation = { + 'next_link': {'readonly': True}, + } + + _attribute_map = { + 'value': {'key': 'value', 'type': '[DiscoveredSecuritySolution]'}, + 'next_link': {'key': 'nextLink', 'type': 'str'}, + } + + def __init__( + self, + *, + value: Optional[List["DiscoveredSecuritySolution"]] = None, + **kwargs + ): + super(DiscoveredSecuritySolutionList, self).__init__(**kwargs) + self.value = value + self.next_link = None + + +class EffectiveNetworkSecurityGroups(msrest.serialization.Model): + """Describes the Network Security Groups effective on a network interface. + + :param network_interface: The Azure resource ID of the network interface. + :type network_interface: str + :param network_security_groups: The Network Security Groups effective on the network interface. + :type network_security_groups: list[str] + """ + + _attribute_map = { + 'network_interface': {'key': 'networkInterface', 'type': 'str'}, + 'network_security_groups': {'key': 'networkSecurityGroups', 'type': '[str]'}, + } + + def __init__( + self, + *, + network_interface: Optional[str] = None, + network_security_groups: Optional[List[str]] = None, + **kwargs + ): + super(EffectiveNetworkSecurityGroups, self).__init__(**kwargs) + self.network_interface = network_interface + self.network_security_groups = network_security_groups + + +class ErrorAdditionalInfo(msrest.serialization.Model): + """The resource management error additional info. + + Variables are only populated by the server, and will be ignored when sending a request. + + :ivar type: The additional info type. + :vartype type: str + :ivar info: The additional info. + :vartype info: any + """ + + _validation = { + 'type': {'readonly': True}, + 'info': {'readonly': True}, + } + + _attribute_map = { + 'type': {'key': 'type', 'type': 'str'}, + 'info': {'key': 'info', 'type': 'object'}, + } + + def __init__( + self, + **kwargs + ): + super(ErrorAdditionalInfo, self).__init__(**kwargs) + self.type = None + self.info = None + + +class ExternalSecuritySolutionList(msrest.serialization.Model): + """ExternalSecuritySolutionList. + + Variables are only populated by the server, and will be ignored when sending a request. + + :param value: + :type value: list[~azure.mgmt.security.models.ExternalSecuritySolution] + :ivar next_link: The URI to fetch the next page. + :vartype next_link: str + """ + + _validation = { + 'next_link': {'readonly': True}, + } + + _attribute_map = { + 'value': {'key': 'value', 'type': '[ExternalSecuritySolution]'}, + 'next_link': {'key': 'nextLink', 'type': 'str'}, + } + + def __init__( + self, + *, + value: Optional[List["ExternalSecuritySolution"]] = None, + **kwargs + ): + super(ExternalSecuritySolutionList, self).__init__(**kwargs) + self.value = value + self.next_link = None + + +class FailedLocalLoginsNotInAllowedRange(TimeWindowCustomAlertRule): + """Number of failed local logins is not in allowed range. + + Variables are only populated by the server, and will be ignored when sending a request. + + All required parameters must be populated in order to send to Azure. + + :ivar display_name: The display name of the custom alert. + :vartype display_name: str + :ivar description: The description of the custom alert. + :vartype description: str + :param is_enabled: Required. Status of the custom alert. + :type is_enabled: bool + :param rule_type: Required. The type of the custom alert rule.Constant filled by server. :type rule_type: str :param min_threshold: Required. The minimum threshold. :type min_threshold: int @@ -4546,12 +4980,12 @@ def __init__( time_window_size: datetime.timedelta, **kwargs ): - super(HttpC2DRejectedMessagesNotInAllowedRange, self).__init__(is_enabled=is_enabled, min_threshold=min_threshold, max_threshold=max_threshold, time_window_size=time_window_size, **kwargs) - self.rule_type = 'HttpC2DRejectedMessagesNotInAllowedRange' # type: str + super(FailedLocalLoginsNotInAllowedRange, self).__init__(is_enabled=is_enabled, min_threshold=min_threshold, max_threshold=max_threshold, time_window_size=time_window_size, **kwargs) + self.rule_type = 'FailedLocalLoginsNotInAllowedRange' # type: str -class HttpD2CMessagesNotInAllowedRange(TimeWindowCustomAlertRule): - """Number of device to cloud messages (HTTP protocol) is not in allowed range. +class FileUploadsNotInAllowedRange(TimeWindowCustomAlertRule): + """Number of file uploads is not in allowed range. Variables are only populated by the server, and will be ignored when sending a request. @@ -4602,60 +5036,336 @@ def __init__( time_window_size: datetime.timedelta, **kwargs ): - super(HttpD2CMessagesNotInAllowedRange, self).__init__(is_enabled=is_enabled, min_threshold=min_threshold, max_threshold=max_threshold, time_window_size=time_window_size, **kwargs) - self.rule_type = 'HttpD2CMessagesNotInAllowedRange' # type: str + super(FileUploadsNotInAllowedRange, self).__init__(is_enabled=is_enabled, min_threshold=min_threshold, max_threshold=max_threshold, time_window_size=time_window_size, **kwargs) + self.rule_type = 'FileUploadsNotInAllowedRange' # type: str -class HybridComputeSettingsProperties(msrest.serialization.Model): - """Settings for hybrid compute management. +class GcpCredentialsDetailsProperties(AuthenticationDetailsProperties): + """GCP cloud account connector based service to service credentials, the credentials are composed of the organization ID and a JSON API key (write only). Variables are only populated by the server, and will be ignored when sending a request. All required parameters must be populated in order to send to Azure. - :ivar hybrid_compute_provisioning_state: State of the service principal and its secret. - Possible values include: "Valid", "Invalid", "Expired". - :vartype hybrid_compute_provisioning_state: str or - ~azure.mgmt.security.models.HybridComputeProvisioningState - :param auto_provision: Required. Whether or not to automatically install Azure Arc (hybrid - compute) agents on machines. Possible values include: "On", "Off". - :type auto_provision: str or ~azure.mgmt.security.models.AutoProvision - :param resource_group_name: The name of the resource group where Arc (Hybrid Compute) - connectors are connected. - :type resource_group_name: str - :param region: The location where the metadata of machines will be stored. - :type region: str - :param proxy_server: For a non-Azure machine that is not connected directly to the internet, - specify a proxy server that the non-Azure machine can use. - :type proxy_server: ~azure.mgmt.security.models.ProxyServerProperties - :param service_principal: An object to access resources that are secured by an Azure AD tenant. - :type service_principal: ~azure.mgmt.security.models.ServicePrincipalProperties - """ - - _validation = { - 'hybrid_compute_provisioning_state': {'readonly': True}, - 'auto_provision': {'required': True}, - } - - _attribute_map = { - 'hybrid_compute_provisioning_state': {'key': 'hybridComputeProvisioningState', 'type': 'str'}, - 'auto_provision': {'key': 'autoProvision', 'type': 'str'}, - 'resource_group_name': {'key': 'resourceGroupName', 'type': 'str'}, - 'region': {'key': 'region', 'type': 'str'}, - 'proxy_server': {'key': 'proxyServer', 'type': 'ProxyServerProperties'}, - 'service_principal': {'key': 'servicePrincipal', 'type': 'ServicePrincipalProperties'}, - } - - def __init__( - self, - *, - auto_provision: Union[str, "AutoProvision"], - resource_group_name: Optional[str] = None, - region: Optional[str] = None, - proxy_server: Optional["ProxyServerProperties"] = None, - service_principal: Optional["ServicePrincipalProperties"] = None, - **kwargs - ): + :ivar authentication_provisioning_state: State of the multi-cloud connector. Possible values + include: "Valid", "Invalid", "Expired", "IncorrectPolicy". + :vartype authentication_provisioning_state: str or + ~azure.mgmt.security.models.AuthenticationProvisioningState + :ivar granted_permissions: The permissions detected in the cloud account. + :vartype granted_permissions: list[str or ~azure.mgmt.security.models.PermissionProperty] + :param authentication_type: Required. Connect to your cloud account, for AWS use either account + credentials or role-based authentication. For GCP use account organization credentials.Constant + filled by server. Possible values include: "awsCreds", "awsAssumeRole", "gcpCredentials". + :type authentication_type: str or ~azure.mgmt.security.models.AuthenticationType + :param organization_id: Required. The organization ID of the GCP cloud account. + :type organization_id: str + :param type: Required. Type field of the API key (write only). + :type type: str + :param project_id: Required. Project ID field of the API key (write only). + :type project_id: str + :param private_key_id: Required. Private key ID field of the API key (write only). + :type private_key_id: str + :param private_key: Required. Private key field of the API key (write only). + :type private_key: str + :param client_email: Required. Client email field of the API key (write only). + :type client_email: str + :param client_id: Required. Client ID field of the API key (write only). + :type client_id: str + :param auth_uri: Required. Auth URI field of the API key (write only). + :type auth_uri: str + :param token_uri: Required. Token URI field of the API key (write only). + :type token_uri: str + :param auth_provider_x509_cert_url: Required. Auth provider x509 certificate URL field of the + API key (write only). + :type auth_provider_x509_cert_url: str + :param client_x509_cert_url: Required. Client x509 certificate URL field of the API key (write + only). + :type client_x509_cert_url: str + """ + + _validation = { + 'authentication_provisioning_state': {'readonly': True}, + 'granted_permissions': {'readonly': True}, + 'authentication_type': {'required': True}, + 'organization_id': {'required': True}, + 'type': {'required': True}, + 'project_id': {'required': True}, + 'private_key_id': {'required': True}, + 'private_key': {'required': True}, + 'client_email': {'required': True}, + 'client_id': {'required': True}, + 'auth_uri': {'required': True}, + 'token_uri': {'required': True}, + 'auth_provider_x509_cert_url': {'required': True}, + 'client_x509_cert_url': {'required': True}, + } + + _attribute_map = { + 'authentication_provisioning_state': {'key': 'authenticationProvisioningState', 'type': 'str'}, + 'granted_permissions': {'key': 'grantedPermissions', 'type': '[str]'}, + 'authentication_type': {'key': 'authenticationType', 'type': 'str'}, + 'organization_id': {'key': 'organizationId', 'type': 'str'}, + 'type': {'key': 'type', 'type': 'str'}, + 'project_id': {'key': 'projectId', 'type': 'str'}, + 'private_key_id': {'key': 'privateKeyId', 'type': 'str'}, + 'private_key': {'key': 'privateKey', 'type': 'str'}, + 'client_email': {'key': 'clientEmail', 'type': 'str'}, + 'client_id': {'key': 'clientId', 'type': 'str'}, + 'auth_uri': {'key': 'authUri', 'type': 'str'}, + 'token_uri': {'key': 'tokenUri', 'type': 'str'}, + 'auth_provider_x509_cert_url': {'key': 'authProviderX509CertUrl', 'type': 'str'}, + 'client_x509_cert_url': {'key': 'clientX509CertUrl', 'type': 'str'}, + } + + def __init__( + self, + *, + organization_id: str, + type: str, + project_id: str, + private_key_id: str, + private_key: str, + client_email: str, + client_id: str, + auth_uri: str, + token_uri: str, + auth_provider_x509_cert_url: str, + client_x509_cert_url: str, + **kwargs + ): + super(GcpCredentialsDetailsProperties, self).__init__(**kwargs) + self.authentication_type = 'gcpCredentials' # type: str + self.organization_id = organization_id + self.type = type + self.project_id = project_id + self.private_key_id = private_key_id + self.private_key = private_key + self.client_email = client_email + self.client_id = client_id + self.auth_uri = auth_uri + self.token_uri = token_uri + self.auth_provider_x509_cert_url = auth_provider_x509_cert_url + self.client_x509_cert_url = client_x509_cert_url + + +class HttpC2DMessagesNotInAllowedRange(TimeWindowCustomAlertRule): + """Number of cloud to device messages (HTTP protocol) is not in allowed range. + + Variables are only populated by the server, and will be ignored when sending a request. + + All required parameters must be populated in order to send to Azure. + + :ivar display_name: The display name of the custom alert. + :vartype display_name: str + :ivar description: The description of the custom alert. + :vartype description: str + :param is_enabled: Required. Status of the custom alert. + :type is_enabled: bool + :param rule_type: Required. The type of the custom alert rule.Constant filled by server. + :type rule_type: str + :param min_threshold: Required. The minimum threshold. + :type min_threshold: int + :param max_threshold: Required. The maximum threshold. + :type max_threshold: int + :param time_window_size: Required. The time window size in iso8601 format. + :type time_window_size: ~datetime.timedelta + """ + + _validation = { + 'display_name': {'readonly': True}, + 'description': {'readonly': True}, + 'is_enabled': {'required': True}, + 'rule_type': {'required': True}, + 'min_threshold': {'required': True}, + 'max_threshold': {'required': True}, + 'time_window_size': {'required': True}, + } + + _attribute_map = { + 'display_name': {'key': 'displayName', 'type': 'str'}, + 'description': {'key': 'description', 'type': 'str'}, + 'is_enabled': {'key': 'isEnabled', 'type': 'bool'}, + 'rule_type': {'key': 'ruleType', 'type': 'str'}, + 'min_threshold': {'key': 'minThreshold', 'type': 'int'}, + 'max_threshold': {'key': 'maxThreshold', 'type': 'int'}, + 'time_window_size': {'key': 'timeWindowSize', 'type': 'duration'}, + } + + def __init__( + self, + *, + is_enabled: bool, + min_threshold: int, + max_threshold: int, + time_window_size: datetime.timedelta, + **kwargs + ): + super(HttpC2DMessagesNotInAllowedRange, self).__init__(is_enabled=is_enabled, min_threshold=min_threshold, max_threshold=max_threshold, time_window_size=time_window_size, **kwargs) + self.rule_type = 'HttpC2DMessagesNotInAllowedRange' # type: str + + +class HttpC2DRejectedMessagesNotInAllowedRange(TimeWindowCustomAlertRule): + """Number of rejected cloud to device messages (HTTP protocol) is not in allowed range. + + Variables are only populated by the server, and will be ignored when sending a request. + + All required parameters must be populated in order to send to Azure. + + :ivar display_name: The display name of the custom alert. + :vartype display_name: str + :ivar description: The description of the custom alert. + :vartype description: str + :param is_enabled: Required. Status of the custom alert. + :type is_enabled: bool + :param rule_type: Required. The type of the custom alert rule.Constant filled by server. + :type rule_type: str + :param min_threshold: Required. The minimum threshold. + :type min_threshold: int + :param max_threshold: Required. The maximum threshold. + :type max_threshold: int + :param time_window_size: Required. The time window size in iso8601 format. + :type time_window_size: ~datetime.timedelta + """ + + _validation = { + 'display_name': {'readonly': True}, + 'description': {'readonly': True}, + 'is_enabled': {'required': True}, + 'rule_type': {'required': True}, + 'min_threshold': {'required': True}, + 'max_threshold': {'required': True}, + 'time_window_size': {'required': True}, + } + + _attribute_map = { + 'display_name': {'key': 'displayName', 'type': 'str'}, + 'description': {'key': 'description', 'type': 'str'}, + 'is_enabled': {'key': 'isEnabled', 'type': 'bool'}, + 'rule_type': {'key': 'ruleType', 'type': 'str'}, + 'min_threshold': {'key': 'minThreshold', 'type': 'int'}, + 'max_threshold': {'key': 'maxThreshold', 'type': 'int'}, + 'time_window_size': {'key': 'timeWindowSize', 'type': 'duration'}, + } + + def __init__( + self, + *, + is_enabled: bool, + min_threshold: int, + max_threshold: int, + time_window_size: datetime.timedelta, + **kwargs + ): + super(HttpC2DRejectedMessagesNotInAllowedRange, self).__init__(is_enabled=is_enabled, min_threshold=min_threshold, max_threshold=max_threshold, time_window_size=time_window_size, **kwargs) + self.rule_type = 'HttpC2DRejectedMessagesNotInAllowedRange' # type: str + + +class HttpD2CMessagesNotInAllowedRange(TimeWindowCustomAlertRule): + """Number of device to cloud messages (HTTP protocol) is not in allowed range. + + Variables are only populated by the server, and will be ignored when sending a request. + + All required parameters must be populated in order to send to Azure. + + :ivar display_name: The display name of the custom alert. + :vartype display_name: str + :ivar description: The description of the custom alert. + :vartype description: str + :param is_enabled: Required. Status of the custom alert. + :type is_enabled: bool + :param rule_type: Required. The type of the custom alert rule.Constant filled by server. + :type rule_type: str + :param min_threshold: Required. The minimum threshold. + :type min_threshold: int + :param max_threshold: Required. The maximum threshold. + :type max_threshold: int + :param time_window_size: Required. The time window size in iso8601 format. + :type time_window_size: ~datetime.timedelta + """ + + _validation = { + 'display_name': {'readonly': True}, + 'description': {'readonly': True}, + 'is_enabled': {'required': True}, + 'rule_type': {'required': True}, + 'min_threshold': {'required': True}, + 'max_threshold': {'required': True}, + 'time_window_size': {'required': True}, + } + + _attribute_map = { + 'display_name': {'key': 'displayName', 'type': 'str'}, + 'description': {'key': 'description', 'type': 'str'}, + 'is_enabled': {'key': 'isEnabled', 'type': 'bool'}, + 'rule_type': {'key': 'ruleType', 'type': 'str'}, + 'min_threshold': {'key': 'minThreshold', 'type': 'int'}, + 'max_threshold': {'key': 'maxThreshold', 'type': 'int'}, + 'time_window_size': {'key': 'timeWindowSize', 'type': 'duration'}, + } + + def __init__( + self, + *, + is_enabled: bool, + min_threshold: int, + max_threshold: int, + time_window_size: datetime.timedelta, + **kwargs + ): + super(HttpD2CMessagesNotInAllowedRange, self).__init__(is_enabled=is_enabled, min_threshold=min_threshold, max_threshold=max_threshold, time_window_size=time_window_size, **kwargs) + self.rule_type = 'HttpD2CMessagesNotInAllowedRange' # type: str + + +class HybridComputeSettingsProperties(msrest.serialization.Model): + """Settings for hybrid compute management. + + Variables are only populated by the server, and will be ignored when sending a request. + + All required parameters must be populated in order to send to Azure. + + :ivar hybrid_compute_provisioning_state: State of the service principal and its secret. + Possible values include: "Valid", "Invalid", "Expired". + :vartype hybrid_compute_provisioning_state: str or + ~azure.mgmt.security.models.HybridComputeProvisioningState + :param auto_provision: Required. Whether or not to automatically install Azure Arc (hybrid + compute) agents on machines. Possible values include: "On", "Off". + :type auto_provision: str or ~azure.mgmt.security.models.AutoProvision + :param resource_group_name: The name of the resource group where Arc (Hybrid Compute) + connectors are connected. + :type resource_group_name: str + :param region: The location where the metadata of machines will be stored. + :type region: str + :param proxy_server: For a non-Azure machine that is not connected directly to the internet, + specify a proxy server that the non-Azure machine can use. + :type proxy_server: ~azure.mgmt.security.models.ProxyServerProperties + :param service_principal: An object to access resources that are secured by an Azure AD tenant. + :type service_principal: ~azure.mgmt.security.models.ServicePrincipalProperties + """ + + _validation = { + 'hybrid_compute_provisioning_state': {'readonly': True}, + 'auto_provision': {'required': True}, + } + + _attribute_map = { + 'hybrid_compute_provisioning_state': {'key': 'hybridComputeProvisioningState', 'type': 'str'}, + 'auto_provision': {'key': 'autoProvision', 'type': 'str'}, + 'resource_group_name': {'key': 'resourceGroupName', 'type': 'str'}, + 'region': {'key': 'region', 'type': 'str'}, + 'proxy_server': {'key': 'proxyServer', 'type': 'ProxyServerProperties'}, + 'service_principal': {'key': 'servicePrincipal', 'type': 'ServicePrincipalProperties'}, + } + + def __init__( + self, + *, + auto_provision: Union[str, "AutoProvision"], + resource_group_name: Optional[str] = None, + region: Optional[str] = None, + proxy_server: Optional["ProxyServerProperties"] = None, + service_principal: Optional["ServicePrincipalProperties"] = None, + **kwargs + ): super(HybridComputeSettingsProperties, self).__init__(**kwargs) self.hybrid_compute_provisioning_state = None self.auto_provision = auto_provision @@ -6264,23 +6974,90 @@ class LogAnalyticsIdentifier(ResourceIdentifier): } _attribute_map = { - 'type': {'key': 'type', 'type': 'str'}, - 'workspace_id': {'key': 'workspaceId', 'type': 'str'}, - 'workspace_subscription_id': {'key': 'workspaceSubscriptionId', 'type': 'str'}, - 'workspace_resource_group': {'key': 'workspaceResourceGroup', 'type': 'str'}, - 'agent_id': {'key': 'agentId', 'type': 'str'}, + 'type': {'key': 'type', 'type': 'str'}, + 'workspace_id': {'key': 'workspaceId', 'type': 'str'}, + 'workspace_subscription_id': {'key': 'workspaceSubscriptionId', 'type': 'str'}, + 'workspace_resource_group': {'key': 'workspaceResourceGroup', 'type': 'str'}, + 'agent_id': {'key': 'agentId', 'type': 'str'}, + } + + def __init__( + self, + **kwargs + ): + super(LogAnalyticsIdentifier, self).__init__(**kwargs) + self.type = 'LogAnalytics' # type: str + self.workspace_id = None + self.workspace_subscription_id = None + self.workspace_resource_group = None + self.agent_id = None + + +class MdeOnboardingData(Resource): + """The resource of the configuration or data needed to onboard the machine to MDE. + + Variables are only populated by the server, and will be ignored when sending a request. + + :ivar id: Resource Id. + :vartype id: str + :ivar name: Resource name. + :vartype name: str + :ivar type: Resource type. + :vartype type: str + :param onboarding_package_windows: The onboarding package used to onboard Windows machines to + MDE, coded in base64. This can also be used for onboarding using the dedicated VM Extension. + :type onboarding_package_windows: bytearray + :param onboarding_package_linux: The onboarding package used to onboard Linux machines to MDE, + coded in base64. This can also be used for onboarding using the dedicated VM Extension. + :type onboarding_package_linux: bytearray + """ + + _validation = { + 'id': {'readonly': True}, + 'name': {'readonly': True}, + 'type': {'readonly': True}, + } + + _attribute_map = { + 'id': {'key': 'id', 'type': 'str'}, + 'name': {'key': 'name', 'type': 'str'}, + 'type': {'key': 'type', 'type': 'str'}, + 'onboarding_package_windows': {'key': 'properties.onboardingPackageWindows', 'type': 'bytearray'}, + 'onboarding_package_linux': {'key': 'properties.onboardingPackageLinux', 'type': 'bytearray'}, + } + + def __init__( + self, + *, + onboarding_package_windows: Optional[bytearray] = None, + onboarding_package_linux: Optional[bytearray] = None, + **kwargs + ): + super(MdeOnboardingData, self).__init__(**kwargs) + self.onboarding_package_windows = onboarding_package_windows + self.onboarding_package_linux = onboarding_package_linux + + +class MdeOnboardingDataList(msrest.serialization.Model): + """List of all MDE onboarding data resources. + + :param value: List of the resources of the configuration or data needed to onboard the machine + to MDE. + :type value: list[~azure.mgmt.security.models.MdeOnboardingData] + """ + + _attribute_map = { + 'value': {'key': 'value', 'type': '[MdeOnboardingData]'}, } def __init__( self, + *, + value: Optional[List["MdeOnboardingData"]] = None, **kwargs ): - super(LogAnalyticsIdentifier, self).__init__(**kwargs) - self.type = 'LogAnalytics' # type: str - self.workspace_id = None - self.workspace_subscription_id = None - self.workspace_resource_group = None - self.agent_id = None + super(MdeOnboardingDataList, self).__init__(**kwargs) + self.value = value class MqttC2DMessagesNotInAllowedRange(TimeWindowCustomAlertRule): @@ -7479,23 +8256,282 @@ class Rule(msrest.serialization.Model): def __init__( self, *, - name: Optional[str] = None, - direction: Optional[Union[str, "Direction"]] = None, - destination_port: Optional[int] = None, - protocols: Optional[List[Union[str, "TransportProtocol"]]] = None, - ip_addresses: Optional[List[str]] = None, + name: Optional[str] = None, + direction: Optional[Union[str, "Direction"]] = None, + destination_port: Optional[int] = None, + protocols: Optional[List[Union[str, "TransportProtocol"]]] = None, + ip_addresses: Optional[List[str]] = None, + **kwargs + ): + super(Rule, self).__init__(**kwargs) + self.name = name + self.direction = direction + self.destination_port = destination_port + self.protocols = protocols + self.ip_addresses = ip_addresses + + +class RuleResults(Resource): + """Rule results. + + Variables are only populated by the server, and will be ignored when sending a request. + + :ivar id: Resource Id. + :vartype id: str + :ivar name: Resource name. + :vartype name: str + :ivar type: Resource type. + :vartype type: str + :param properties: Rule results properties. + :type properties: ~azure.mgmt.security.models.RuleResultsProperties + """ + + _validation = { + 'id': {'readonly': True}, + 'name': {'readonly': True}, + 'type': {'readonly': True}, + } + + _attribute_map = { + 'id': {'key': 'id', 'type': 'str'}, + 'name': {'key': 'name', 'type': 'str'}, + 'type': {'key': 'type', 'type': 'str'}, + 'properties': {'key': 'properties', 'type': 'RuleResultsProperties'}, + } + + def __init__( + self, + *, + properties: Optional["RuleResultsProperties"] = None, + **kwargs + ): + super(RuleResults, self).__init__(**kwargs) + self.properties = properties + + +class RuleResultsInput(msrest.serialization.Model): + """Rule results input. + + :param latest_scan: Take results from latest scan. + :type latest_scan: bool + :param results: Expected results to be inserted into the baseline. + Leave this field empty it LatestScan == true. + :type results: list[list[str]] + """ + + _attribute_map = { + 'latest_scan': {'key': 'latestScan', 'type': 'bool'}, + 'results': {'key': 'results', 'type': '[[str]]'}, + } + + def __init__( + self, + *, + latest_scan: Optional[bool] = None, + results: Optional[List[List[str]]] = None, + **kwargs + ): + super(RuleResultsInput, self).__init__(**kwargs) + self.latest_scan = latest_scan + self.results = results + + +class RuleResultsProperties(msrest.serialization.Model): + """Rule results properties. + + :param results: Expected results in the baseline. + :type results: list[list[str]] + """ + + _attribute_map = { + 'results': {'key': 'results', 'type': '[[str]]'}, + } + + def __init__( + self, + *, + results: Optional[List[List[str]]] = None, + **kwargs + ): + super(RuleResultsProperties, self).__init__(**kwargs) + self.results = results + + +class RulesResults(msrest.serialization.Model): + """A list of rules results. + + :param value: List of rule results. + :type value: list[~azure.mgmt.security.models.RuleResults] + """ + + _attribute_map = { + 'value': {'key': 'value', 'type': '[RuleResults]'}, + } + + def __init__( + self, + *, + value: Optional[List["RuleResults"]] = None, + **kwargs + ): + super(RulesResults, self).__init__(**kwargs) + self.value = value + + +class RulesResultsInput(msrest.serialization.Model): + """Rules results input. + + :param latest_scan: Take results from latest scan. + :type latest_scan: bool + :param results: Expected results to be inserted into the baseline. + Leave this field empty it LatestScan == true. + :type results: dict[str, list[list[str]]] + """ + + _attribute_map = { + 'latest_scan': {'key': 'latestScan', 'type': 'bool'}, + 'results': {'key': 'results', 'type': '{[[str]]}'}, + } + + def __init__( + self, + *, + latest_scan: Optional[bool] = None, + results: Optional[Dict[str, List[List[str]]]] = None, + **kwargs + ): + super(RulesResultsInput, self).__init__(**kwargs) + self.latest_scan = latest_scan + self.results = results + + +class Scan(Resource): + """A vulnerability assessment scan record. + + Variables are only populated by the server, and will be ignored when sending a request. + + :ivar id: Resource Id. + :vartype id: str + :ivar name: Resource name. + :vartype name: str + :ivar type: Resource type. + :vartype type: str + :param properties: A vulnerability assessment scan record properties. + :type properties: ~azure.mgmt.security.models.ScanProperties + """ + + _validation = { + 'id': {'readonly': True}, + 'name': {'readonly': True}, + 'type': {'readonly': True}, + } + + _attribute_map = { + 'id': {'key': 'id', 'type': 'str'}, + 'name': {'key': 'name', 'type': 'str'}, + 'type': {'key': 'type', 'type': 'str'}, + 'properties': {'key': 'properties', 'type': 'ScanProperties'}, + } + + def __init__( + self, + *, + properties: Optional["ScanProperties"] = None, + **kwargs + ): + super(Scan, self).__init__(**kwargs) + self.properties = properties + + +class ScanProperties(msrest.serialization.Model): + """A vulnerability assessment scan record properties. + + :param trigger_type: The scan trigger type. Possible values include: "OnDemand", "Recurring". + :type trigger_type: str or ~azure.mgmt.security.models.ScanTriggerType + :param state: The scan status. Possible values include: "Failed", "FailedToRun", "InProgress", + "Passed". + :type state: str or ~azure.mgmt.security.models.ScanState + :param server: The server name. + :type server: str + :param database: The database name. + :type database: str + :param sql_version: The SQL version. + :type sql_version: str + :param start_time: The scan start time (UTC). + :type start_time: ~datetime.datetime + :param end_time: Scan results are valid until end time (UTC). + :type end_time: ~datetime.datetime + :param high_severity_failed_rules_count: The number of failed rules with high severity. + :type high_severity_failed_rules_count: int + :param medium_severity_failed_rules_count: The number of failed rules with medium severity. + :type medium_severity_failed_rules_count: int + :param low_severity_failed_rules_count: The number of failed rules with low severity. + :type low_severity_failed_rules_count: int + :param total_passed_rules_count: The number of total passed rules. + :type total_passed_rules_count: int + :param total_failed_rules_count: The number of total failed rules. + :type total_failed_rules_count: int + :param total_rules_count: The number of total rules assessed. + :type total_rules_count: int + :param is_baseline_applied: Baseline created for this database, and has one or more rules. + :type is_baseline_applied: bool + """ + + _attribute_map = { + 'trigger_type': {'key': 'triggerType', 'type': 'str'}, + 'state': {'key': 'state', 'type': 'str'}, + 'server': {'key': 'server', 'type': 'str'}, + 'database': {'key': 'database', 'type': 'str'}, + 'sql_version': {'key': 'sqlVersion', 'type': 'str'}, + 'start_time': {'key': 'startTime', 'type': 'iso-8601'}, + 'end_time': {'key': 'endTime', 'type': 'iso-8601'}, + 'high_severity_failed_rules_count': {'key': 'highSeverityFailedRulesCount', 'type': 'int'}, + 'medium_severity_failed_rules_count': {'key': 'mediumSeverityFailedRulesCount', 'type': 'int'}, + 'low_severity_failed_rules_count': {'key': 'lowSeverityFailedRulesCount', 'type': 'int'}, + 'total_passed_rules_count': {'key': 'totalPassedRulesCount', 'type': 'int'}, + 'total_failed_rules_count': {'key': 'totalFailedRulesCount', 'type': 'int'}, + 'total_rules_count': {'key': 'totalRulesCount', 'type': 'int'}, + 'is_baseline_applied': {'key': 'isBaselineApplied', 'type': 'bool'}, + } + + def __init__( + self, + *, + trigger_type: Optional[Union[str, "ScanTriggerType"]] = None, + state: Optional[Union[str, "ScanState"]] = None, + server: Optional[str] = None, + database: Optional[str] = None, + sql_version: Optional[str] = None, + start_time: Optional[datetime.datetime] = None, + end_time: Optional[datetime.datetime] = None, + high_severity_failed_rules_count: Optional[int] = None, + medium_severity_failed_rules_count: Optional[int] = None, + low_severity_failed_rules_count: Optional[int] = None, + total_passed_rules_count: Optional[int] = None, + total_failed_rules_count: Optional[int] = None, + total_rules_count: Optional[int] = None, + is_baseline_applied: Optional[bool] = None, **kwargs ): - super(Rule, self).__init__(**kwargs) - self.name = name - self.direction = direction - self.destination_port = destination_port - self.protocols = protocols - self.ip_addresses = ip_addresses + super(ScanProperties, self).__init__(**kwargs) + self.trigger_type = trigger_type + self.state = state + self.server = server + self.database = database + self.sql_version = sql_version + self.start_time = start_time + self.end_time = end_time + self.high_severity_failed_rules_count = high_severity_failed_rules_count + self.medium_severity_failed_rules_count = medium_severity_failed_rules_count + self.low_severity_failed_rules_count = low_severity_failed_rules_count + self.total_passed_rules_count = total_passed_rules_count + self.total_failed_rules_count = total_failed_rules_count + self.total_rules_count = total_rules_count + self.is_baseline_applied = is_baseline_applied -class RuleResults(Resource): - """Rule results. +class ScanResult(Resource): + """A vulnerability assessment scan result for a single rule. Variables are only populated by the server, and will be ignored when sending a request. @@ -7505,8 +8541,8 @@ class RuleResults(Resource): :vartype name: str :ivar type: Resource type. :vartype type: str - :param properties: Rule results properties. - :type properties: ~azure.mgmt.security.models.RuleResultsProperties + :param properties: A vulnerability assessment scan result properties for a single rule. + :type properties: ~azure.mgmt.security.models.ScanResultProperties """ _validation = { @@ -7519,117 +8555,142 @@ class RuleResults(Resource): 'id': {'key': 'id', 'type': 'str'}, 'name': {'key': 'name', 'type': 'str'}, 'type': {'key': 'type', 'type': 'str'}, - 'properties': {'key': 'properties', 'type': 'RuleResultsProperties'}, + 'properties': {'key': 'properties', 'type': 'ScanResultProperties'}, } def __init__( self, *, - properties: Optional["RuleResultsProperties"] = None, + properties: Optional["ScanResultProperties"] = None, **kwargs ): - super(RuleResults, self).__init__(**kwargs) + super(ScanResult, self).__init__(**kwargs) self.properties = properties -class RuleResultsInput(msrest.serialization.Model): - """Rule results input. +class ScanResultProperties(msrest.serialization.Model): + """A vulnerability assessment scan result properties for a single rule. - :param latest_scan: Take results from latest scan. - :type latest_scan: bool - :param results: Expected results to be inserted into the baseline. - Leave this field empty it LatestScan == true. - :type results: list[list[str]] + :param rule_id: The rule Id. + :type rule_id: str + :param status: The rule result status. Possible values include: "NonFinding", "Finding", + "InternalError". + :type status: str or ~azure.mgmt.security.models.RuleStatus + :param is_trimmed: Indicated whether the results specified here are trimmed. + :type is_trimmed: bool + :param query_results: The results of the query that was run. + :type query_results: list[list[str]] + :param remediation: Remediation details. + :type remediation: ~azure.mgmt.security.models.Remediation + :param baseline_adjusted_result: The rule result adjusted with baseline. + :type baseline_adjusted_result: ~azure.mgmt.security.models.BaselineAdjustedResult + :param rule_metadata: vulnerability assessment rule metadata details. + :type rule_metadata: ~azure.mgmt.security.models.VaRule """ _attribute_map = { - 'latest_scan': {'key': 'latestScan', 'type': 'bool'}, - 'results': {'key': 'results', 'type': '[[str]]'}, + 'rule_id': {'key': 'ruleId', 'type': 'str'}, + 'status': {'key': 'status', 'type': 'str'}, + 'is_trimmed': {'key': 'isTrimmed', 'type': 'bool'}, + 'query_results': {'key': 'queryResults', 'type': '[[str]]'}, + 'remediation': {'key': 'remediation', 'type': 'Remediation'}, + 'baseline_adjusted_result': {'key': 'baselineAdjustedResult', 'type': 'BaselineAdjustedResult'}, + 'rule_metadata': {'key': 'ruleMetadata', 'type': 'VaRule'}, } def __init__( self, *, - latest_scan: Optional[bool] = None, - results: Optional[List[List[str]]] = None, + rule_id: Optional[str] = None, + status: Optional[Union[str, "RuleStatus"]] = None, + is_trimmed: Optional[bool] = None, + query_results: Optional[List[List[str]]] = None, + remediation: Optional["Remediation"] = None, + baseline_adjusted_result: Optional["BaselineAdjustedResult"] = None, + rule_metadata: Optional["VaRule"] = None, **kwargs ): - super(RuleResultsInput, self).__init__(**kwargs) - self.latest_scan = latest_scan - self.results = results + super(ScanResultProperties, self).__init__(**kwargs) + self.rule_id = rule_id + self.status = status + self.is_trimmed = is_trimmed + self.query_results = query_results + self.remediation = remediation + self.baseline_adjusted_result = baseline_adjusted_result + self.rule_metadata = rule_metadata -class RuleResultsProperties(msrest.serialization.Model): - """Rule results properties. +class ScanResults(msrest.serialization.Model): + """A list of vulnerability assessment scan results. - :param results: Expected results in the baseline. - :type results: list[list[str]] + :param value: List of vulnerability assessment scan results. + :type value: list[~azure.mgmt.security.models.ScanResult] """ _attribute_map = { - 'results': {'key': 'results', 'type': '[[str]]'}, + 'value': {'key': 'value', 'type': '[ScanResult]'}, } def __init__( self, *, - results: Optional[List[List[str]]] = None, + value: Optional[List["ScanResult"]] = None, **kwargs ): - super(RuleResultsProperties, self).__init__(**kwargs) - self.results = results + super(ScanResults, self).__init__(**kwargs) + self.value = value -class RulesResults(msrest.serialization.Model): - """A list of rules results. +class Scans(msrest.serialization.Model): + """A list of vulnerability assessment scan records. - :param value: List of rule results. - :type value: list[~azure.mgmt.security.models.RuleResults] + :param value: List of vulnerability assessment scan records. + :type value: list[~azure.mgmt.security.models.Scan] """ _attribute_map = { - 'value': {'key': 'value', 'type': '[RuleResults]'}, + 'value': {'key': 'value', 'type': '[Scan]'}, } def __init__( self, *, - value: Optional[List["RuleResults"]] = None, + value: Optional[List["Scan"]] = None, **kwargs ): - super(RulesResults, self).__init__(**kwargs) + super(Scans, self).__init__(**kwargs) self.value = value -class RulesResultsInput(msrest.serialization.Model): - """Rules results input. +class ScopeElement(msrest.serialization.Model): + """A more specific scope used to identify the alerts to suppress. - :param latest_scan: Take results from latest scan. - :type latest_scan: bool - :param results: Expected results to be inserted into the baseline. - Leave this field empty it LatestScan == true. - :type results: dict[str, list[list[str]]] + :param additional_properties: Unmatched properties from the message are deserialized to this + collection. + :type additional_properties: dict[str, any] + :param field: The alert entity type to suppress by. + :type field: str """ _attribute_map = { - 'latest_scan': {'key': 'latestScan', 'type': 'bool'}, - 'results': {'key': 'results', 'type': '{[[str]]}'}, + 'additional_properties': {'key': '', 'type': '{object}'}, + 'field': {'key': 'field', 'type': 'str'}, } def __init__( self, *, - latest_scan: Optional[bool] = None, - results: Optional[Dict[str, List[List[str]]]] = None, + additional_properties: Optional[Dict[str, Any]] = None, + field: Optional[str] = None, **kwargs ): - super(RulesResultsInput, self).__init__(**kwargs) - self.latest_scan = latest_scan - self.results = results + super(ScopeElement, self).__init__(**kwargs) + self.additional_properties = additional_properties + self.field = field -class Scan(Resource): - """A vulnerability assessment scan record. +class SecureScoreControlDefinitionItem(Resource): + """Information about the security control. Variables are only populated by the server, and will be ignored when sending a request. @@ -7639,122 +8700,107 @@ class Scan(Resource): :vartype name: str :ivar type: Resource type. :vartype type: str - :param properties: A vulnerability assessment scan record properties. - :type properties: ~azure.mgmt.security.models.ScanProperties + :ivar display_name: User friendly display name of the control. + :vartype display_name: str + :ivar description: User friendly description of the control. + :vartype description: str + :ivar max_score: Maximum control score (0..10). + :vartype max_score: int + :ivar source: Source object from which the control was created. + :vartype source: ~azure.mgmt.security.models.SecureScoreControlDefinitionSource + :ivar assessment_definitions: Array of assessments metadata IDs that are included in this + security control. + :vartype assessment_definitions: list[~azure.mgmt.security.models.AzureResourceLink] """ _validation = { 'id': {'readonly': True}, 'name': {'readonly': True}, 'type': {'readonly': True}, + 'display_name': {'readonly': True}, + 'description': {'readonly': True, 'max_length': 256, 'min_length': 0}, + 'max_score': {'readonly': True, 'maximum': 10, 'minimum': 0}, + 'source': {'readonly': True}, + 'assessment_definitions': {'readonly': True}, } _attribute_map = { 'id': {'key': 'id', 'type': 'str'}, 'name': {'key': 'name', 'type': 'str'}, 'type': {'key': 'type', 'type': 'str'}, - 'properties': {'key': 'properties', 'type': 'ScanProperties'}, + 'display_name': {'key': 'properties.displayName', 'type': 'str'}, + 'description': {'key': 'properties.description', 'type': 'str'}, + 'max_score': {'key': 'properties.maxScore', 'type': 'int'}, + 'source': {'key': 'properties.source', 'type': 'SecureScoreControlDefinitionSource'}, + 'assessment_definitions': {'key': 'properties.assessmentDefinitions', 'type': '[AzureResourceLink]'}, } def __init__( self, - *, - properties: Optional["ScanProperties"] = None, **kwargs ): - super(Scan, self).__init__(**kwargs) - self.properties = properties + super(SecureScoreControlDefinitionItem, self).__init__(**kwargs) + self.display_name = None + self.description = None + self.max_score = None + self.source = None + self.assessment_definitions = None -class ScanProperties(msrest.serialization.Model): - """A vulnerability assessment scan record properties. +class SecureScoreControlDefinitionList(msrest.serialization.Model): + """List of security controls definition. - :param trigger_type: The scan trigger type. Possible values include: "OnDemand", "Recurring". - :type trigger_type: str or ~azure.mgmt.security.models.ScanTriggerType - :param state: The scan status. Possible values include: "Failed", "FailedToRun", "InProgress", - "Passed". - :type state: str or ~azure.mgmt.security.models.ScanState - :param server: The server name. - :type server: str - :param database: The database name. - :type database: str - :param sql_version: The SQL version. - :type sql_version: str - :param start_time: The scan start time (UTC). - :type start_time: ~datetime.datetime - :param end_time: Scan results are valid until end time (UTC). - :type end_time: ~datetime.datetime - :param high_severity_failed_rules_count: The number of failed rules with high severity. - :type high_severity_failed_rules_count: int - :param medium_severity_failed_rules_count: The number of failed rules with medium severity. - :type medium_severity_failed_rules_count: int - :param low_severity_failed_rules_count: The number of failed rules with low severity. - :type low_severity_failed_rules_count: int - :param total_passed_rules_count: The number of total passed rules. - :type total_passed_rules_count: int - :param total_failed_rules_count: The number of total failed rules. - :type total_failed_rules_count: int - :param total_rules_count: The number of total rules assessed. - :type total_rules_count: int - :param is_baseline_applied: Baseline created for this database, and has one or more rules. - :type is_baseline_applied: bool + Variables are only populated by the server, and will be ignored when sending a request. + + :ivar value: Collection of security controls definition in this page. + :vartype value: list[~azure.mgmt.security.models.SecureScoreControlDefinitionItem] + :ivar next_link: The URI to fetch the next page. + :vartype next_link: str + """ + + _validation = { + 'value': {'readonly': True}, + 'next_link': {'readonly': True}, + } + + _attribute_map = { + 'value': {'key': 'value', 'type': '[SecureScoreControlDefinitionItem]'}, + 'next_link': {'key': 'nextLink', 'type': 'str'}, + } + + def __init__( + self, + **kwargs + ): + super(SecureScoreControlDefinitionList, self).__init__(**kwargs) + self.value = None + self.next_link = None + + +class SecureScoreControlDefinitionSource(msrest.serialization.Model): + """The type of the security control (For example, BuiltIn). + + :param source_type: The type of security control (for example, BuiltIn). Possible values + include: "BuiltIn", "Custom". + :type source_type: str or ~azure.mgmt.security.models.ControlType """ _attribute_map = { - 'trigger_type': {'key': 'triggerType', 'type': 'str'}, - 'state': {'key': 'state', 'type': 'str'}, - 'server': {'key': 'server', 'type': 'str'}, - 'database': {'key': 'database', 'type': 'str'}, - 'sql_version': {'key': 'sqlVersion', 'type': 'str'}, - 'start_time': {'key': 'startTime', 'type': 'iso-8601'}, - 'end_time': {'key': 'endTime', 'type': 'iso-8601'}, - 'high_severity_failed_rules_count': {'key': 'highSeverityFailedRulesCount', 'type': 'int'}, - 'medium_severity_failed_rules_count': {'key': 'mediumSeverityFailedRulesCount', 'type': 'int'}, - 'low_severity_failed_rules_count': {'key': 'lowSeverityFailedRulesCount', 'type': 'int'}, - 'total_passed_rules_count': {'key': 'totalPassedRulesCount', 'type': 'int'}, - 'total_failed_rules_count': {'key': 'totalFailedRulesCount', 'type': 'int'}, - 'total_rules_count': {'key': 'totalRulesCount', 'type': 'int'}, - 'is_baseline_applied': {'key': 'isBaselineApplied', 'type': 'bool'}, + 'source_type': {'key': 'sourceType', 'type': 'str'}, } def __init__( self, *, - trigger_type: Optional[Union[str, "ScanTriggerType"]] = None, - state: Optional[Union[str, "ScanState"]] = None, - server: Optional[str] = None, - database: Optional[str] = None, - sql_version: Optional[str] = None, - start_time: Optional[datetime.datetime] = None, - end_time: Optional[datetime.datetime] = None, - high_severity_failed_rules_count: Optional[int] = None, - medium_severity_failed_rules_count: Optional[int] = None, - low_severity_failed_rules_count: Optional[int] = None, - total_passed_rules_count: Optional[int] = None, - total_failed_rules_count: Optional[int] = None, - total_rules_count: Optional[int] = None, - is_baseline_applied: Optional[bool] = None, + source_type: Optional[Union[str, "ControlType"]] = None, **kwargs ): - super(ScanProperties, self).__init__(**kwargs) - self.trigger_type = trigger_type - self.state = state - self.server = server - self.database = database - self.sql_version = sql_version - self.start_time = start_time - self.end_time = end_time - self.high_severity_failed_rules_count = high_severity_failed_rules_count - self.medium_severity_failed_rules_count = medium_severity_failed_rules_count - self.low_severity_failed_rules_count = low_severity_failed_rules_count - self.total_passed_rules_count = total_passed_rules_count - self.total_failed_rules_count = total_failed_rules_count - self.total_rules_count = total_rules_count - self.is_baseline_applied = is_baseline_applied + super(SecureScoreControlDefinitionSource, self).__init__(**kwargs) + self.source_type = source_type -class ScanResult(Resource): - """A vulnerability assessment scan result for a single rule. +class SecureScoreControlDetails(Resource): + """Details of the security control, its score, and the health status of the relevant resources. Variables are only populated by the server, and will be ignored when sending a request. @@ -7764,156 +8810,233 @@ class ScanResult(Resource): :vartype name: str :ivar type: Resource type. :vartype type: str - :param properties: A vulnerability assessment scan result properties for a single rule. - :type properties: ~azure.mgmt.security.models.ScanResultProperties + :ivar display_name: User friendly display name of the control. + :vartype display_name: str + :ivar healthy_resource_count: Number of healthy resources in the control. + :vartype healthy_resource_count: int + :ivar unhealthy_resource_count: Number of unhealthy resources in the control. + :vartype unhealthy_resource_count: int + :ivar not_applicable_resource_count: Number of not applicable resources in the control. + :vartype not_applicable_resource_count: int + :ivar weight: The relative weight for this specific control in each of your subscriptions. Used + when calculating an aggregated score for this control across all of your subscriptions. + :vartype weight: long + :param definition: Information about the security control. + :type definition: ~azure.mgmt.security.models.SecureScoreControlDefinitionItem + :ivar max: Maximum score available. + :vartype max: int + :ivar current: Current score. + :vartype current: float + :ivar percentage: Ratio of the current score divided by the maximum. Rounded to 4 digits after + the decimal point. + :vartype percentage: float """ _validation = { 'id': {'readonly': True}, 'name': {'readonly': True}, 'type': {'readonly': True}, + 'display_name': {'readonly': True}, + 'healthy_resource_count': {'readonly': True}, + 'unhealthy_resource_count': {'readonly': True}, + 'not_applicable_resource_count': {'readonly': True}, + 'weight': {'readonly': True, 'minimum': 0}, + 'max': {'readonly': True, 'minimum': 0}, + 'current': {'readonly': True, 'minimum': 0}, + 'percentage': {'readonly': True, 'maximum': 1, 'minimum': 0}, } _attribute_map = { 'id': {'key': 'id', 'type': 'str'}, 'name': {'key': 'name', 'type': 'str'}, 'type': {'key': 'type', 'type': 'str'}, - 'properties': {'key': 'properties', 'type': 'ScanResultProperties'}, + 'display_name': {'key': 'properties.displayName', 'type': 'str'}, + 'healthy_resource_count': {'key': 'properties.healthyResourceCount', 'type': 'int'}, + 'unhealthy_resource_count': {'key': 'properties.unhealthyResourceCount', 'type': 'int'}, + 'not_applicable_resource_count': {'key': 'properties.notApplicableResourceCount', 'type': 'int'}, + 'weight': {'key': 'properties.weight', 'type': 'long'}, + 'definition': {'key': 'properties.definition', 'type': 'SecureScoreControlDefinitionItem'}, + 'max': {'key': 'properties.score.max', 'type': 'int'}, + 'current': {'key': 'properties.score.current', 'type': 'float'}, + 'percentage': {'key': 'properties.score.percentage', 'type': 'float'}, } def __init__( self, *, - properties: Optional["ScanResultProperties"] = None, + definition: Optional["SecureScoreControlDefinitionItem"] = None, **kwargs ): - super(ScanResult, self).__init__(**kwargs) - self.properties = properties + super(SecureScoreControlDetails, self).__init__(**kwargs) + self.display_name = None + self.healthy_resource_count = None + self.unhealthy_resource_count = None + self.not_applicable_resource_count = None + self.weight = None + self.definition = definition + self.max = None + self.current = None + self.percentage = None -class ScanResultProperties(msrest.serialization.Model): - """A vulnerability assessment scan result properties for a single rule. +class SecureScoreControlList(msrest.serialization.Model): + """List of security controls. - :param rule_id: The rule Id. - :type rule_id: str - :param status: The rule result status. Possible values include: "NonFinding", "Finding", - "InternalError". - :type status: str or ~azure.mgmt.security.models.RuleStatus - :param is_trimmed: Indicated whether the results specified here are trimmed. - :type is_trimmed: bool - :param query_results: The results of the query that was run. - :type query_results: list[list[str]] - :param remediation: Remediation details. - :type remediation: ~azure.mgmt.security.models.Remediation - :param baseline_adjusted_result: The rule result adjusted with baseline. - :type baseline_adjusted_result: ~azure.mgmt.security.models.BaselineAdjustedResult - :param rule_metadata: vulnerability assessment rule metadata details. - :type rule_metadata: ~azure.mgmt.security.models.VaRule + Variables are only populated by the server, and will be ignored when sending a request. + + :ivar value: Collection of security controls in this page. + :vartype value: list[~azure.mgmt.security.models.SecureScoreControlDetails] + :ivar next_link: The URI to fetch the next page. + :vartype next_link: str """ + _validation = { + 'value': {'readonly': True}, + 'next_link': {'readonly': True}, + } + _attribute_map = { - 'rule_id': {'key': 'ruleId', 'type': 'str'}, - 'status': {'key': 'status', 'type': 'str'}, - 'is_trimmed': {'key': 'isTrimmed', 'type': 'bool'}, - 'query_results': {'key': 'queryResults', 'type': '[[str]]'}, - 'remediation': {'key': 'remediation', 'type': 'Remediation'}, - 'baseline_adjusted_result': {'key': 'baselineAdjustedResult', 'type': 'BaselineAdjustedResult'}, - 'rule_metadata': {'key': 'ruleMetadata', 'type': 'VaRule'}, + 'value': {'key': 'value', 'type': '[SecureScoreControlDetails]'}, + 'next_link': {'key': 'nextLink', 'type': 'str'}, } def __init__( self, - *, - rule_id: Optional[str] = None, - status: Optional[Union[str, "RuleStatus"]] = None, - is_trimmed: Optional[bool] = None, - query_results: Optional[List[List[str]]] = None, - remediation: Optional["Remediation"] = None, - baseline_adjusted_result: Optional["BaselineAdjustedResult"] = None, - rule_metadata: Optional["VaRule"] = None, **kwargs ): - super(ScanResultProperties, self).__init__(**kwargs) - self.rule_id = rule_id - self.status = status - self.is_trimmed = is_trimmed - self.query_results = query_results - self.remediation = remediation - self.baseline_adjusted_result = baseline_adjusted_result - self.rule_metadata = rule_metadata + super(SecureScoreControlList, self).__init__(**kwargs) + self.value = None + self.next_link = None -class ScanResults(msrest.serialization.Model): - """A list of vulnerability assessment scan results. +class SecureScoreControlScore(msrest.serialization.Model): + """Calculation result data. - :param value: List of vulnerability assessment scan results. - :type value: list[~azure.mgmt.security.models.ScanResult] + Variables are only populated by the server, and will be ignored when sending a request. + + :ivar max: Maximum control score (0..10). + :vartype max: int + :ivar current: Actual score for the control = (achieved points / total points) * max score. if + total points is zeroed, the return number is 0.00. + :vartype current: float + :ivar percentage: Ratio of the current score divided by the maximum. Rounded to 4 digits after + the decimal point. + :vartype percentage: float """ + _validation = { + 'max': {'readonly': True, 'maximum': 10, 'minimum': 0}, + 'current': {'readonly': True, 'maximum': 10, 'minimum': 0}, + 'percentage': {'readonly': True, 'maximum': 1, 'minimum': 0}, + } + _attribute_map = { - 'value': {'key': 'value', 'type': '[ScanResult]'}, + 'max': {'key': 'max', 'type': 'int'}, + 'current': {'key': 'current', 'type': 'float'}, + 'percentage': {'key': 'percentage', 'type': 'float'}, } def __init__( self, - *, - value: Optional[List["ScanResult"]] = None, **kwargs ): - super(ScanResults, self).__init__(**kwargs) - self.value = value + super(SecureScoreControlScore, self).__init__(**kwargs) + self.max = None + self.current = None + self.percentage = None -class Scans(msrest.serialization.Model): - """A list of vulnerability assessment scan records. +class SecureScoreItem(Resource): + """Secure score item data model. - :param value: List of vulnerability assessment scan records. - :type value: list[~azure.mgmt.security.models.Scan] + Variables are only populated by the server, and will be ignored when sending a request. + + :ivar id: Resource Id. + :vartype id: str + :ivar name: Resource name. + :vartype name: str + :ivar type: Resource type. + :vartype type: str + :ivar display_name: The initiative’s name. + :vartype display_name: str + :ivar weight: The relative weight for each subscription. Used when calculating an aggregated + secure score for multiple subscriptions. + :vartype weight: long + :ivar max: Maximum score available. + :vartype max: int + :ivar current: Current score. + :vartype current: float + :ivar percentage: Ratio of the current score divided by the maximum. Rounded to 4 digits after + the decimal point. + :vartype percentage: float """ + _validation = { + 'id': {'readonly': True}, + 'name': {'readonly': True}, + 'type': {'readonly': True}, + 'display_name': {'readonly': True}, + 'weight': {'readonly': True, 'minimum': 0}, + 'max': {'readonly': True, 'minimum': 0}, + 'current': {'readonly': True, 'minimum': 0}, + 'percentage': {'readonly': True, 'maximum': 1, 'minimum': 0}, + } + _attribute_map = { - 'value': {'key': 'value', 'type': '[Scan]'}, + 'id': {'key': 'id', 'type': 'str'}, + 'name': {'key': 'name', 'type': 'str'}, + 'type': {'key': 'type', 'type': 'str'}, + 'display_name': {'key': 'properties.displayName', 'type': 'str'}, + 'weight': {'key': 'properties.weight', 'type': 'long'}, + 'max': {'key': 'properties.score.max', 'type': 'int'}, + 'current': {'key': 'properties.score.current', 'type': 'float'}, + 'percentage': {'key': 'properties.score.percentage', 'type': 'float'}, } def __init__( self, - *, - value: Optional[List["Scan"]] = None, **kwargs ): - super(Scans, self).__init__(**kwargs) - self.value = value + super(SecureScoreItem, self).__init__(**kwargs) + self.display_name = None + self.weight = None + self.max = None + self.current = None + self.percentage = None -class ScopeElement(msrest.serialization.Model): - """A more specific scope used to identify the alerts to suppress. +class SecureScoresList(msrest.serialization.Model): + """List of secure scores. - :param additional_properties: Unmatched properties from the message are deserialized to this - collection. - :type additional_properties: dict[str, any] - :param field: The alert entity type to suppress by. - :type field: str + Variables are only populated by the server, and will be ignored when sending a request. + + :ivar value: Collection of secure scores in this page. + :vartype value: list[~azure.mgmt.security.models.SecureScoreItem] + :ivar next_link: The URI to fetch the next page. + :vartype next_link: str """ + _validation = { + 'value': {'readonly': True}, + 'next_link': {'readonly': True}, + } + _attribute_map = { - 'additional_properties': {'key': '', 'type': '{object}'}, - 'field': {'key': 'field', 'type': 'str'}, + 'value': {'key': 'value', 'type': '[SecureScoreItem]'}, + 'next_link': {'key': 'nextLink', 'type': 'str'}, } def __init__( self, - *, - additional_properties: Optional[Dict[str, Any]] = None, - field: Optional[str] = None, **kwargs ): - super(ScopeElement, self).__init__(**kwargs) - self.additional_properties = additional_properties - self.field = field + super(SecureScoresList, self).__init__(**kwargs) + self.value = None + self.next_link = None -class SecureScoreControlDefinitionItem(Resource): - """Information about the security control. +class SecurityAssessment(Resource): + """Security assessment on a resource. Variables are only populated by the server, and will be ignored when sending a request. @@ -7923,17 +9046,20 @@ class SecureScoreControlDefinitionItem(Resource): :vartype name: str :ivar type: Resource type. :vartype type: str - :ivar display_name: User friendly display name of the control. + :param resource_details: Details of the resource that was assessed. + :type resource_details: ~azure.mgmt.security.models.ResourceDetails + :ivar display_name: User friendly display name of the assessment. :vartype display_name: str - :ivar description: User friendly description of the control. - :vartype description: str - :ivar max_score: Maximum control score (0..10). - :vartype max_score: int - :ivar source: Source object from which the control was created. - :vartype source: ~azure.mgmt.security.models.SecureScoreControlDefinitionSource - :ivar assessment_definitions: Array of assessments metadata IDs that are included in this - security control. - :vartype assessment_definitions: list[~azure.mgmt.security.models.AzureResourceLink] + :param additional_data: Additional data regarding the assessment. + :type additional_data: dict[str, str] + :ivar links: Links relevant to the assessment. + :vartype links: ~azure.mgmt.security.models.AssessmentLinks + :param metadata: Describes properties of an assessment metadata. + :type metadata: ~azure.mgmt.security.models.SecurityAssessmentMetadataProperties + :param partners_data: Data regarding 3rd party partner integration. + :type partners_data: ~azure.mgmt.security.models.SecurityAssessmentPartnerData + :param status: The result of the assessment. + :type status: ~azure.mgmt.security.models.AssessmentStatus """ _validation = { @@ -7941,42 +9067,49 @@ class SecureScoreControlDefinitionItem(Resource): 'name': {'readonly': True}, 'type': {'readonly': True}, 'display_name': {'readonly': True}, - 'description': {'readonly': True, 'max_length': 256, 'min_length': 0}, - 'max_score': {'readonly': True, 'maximum': 10, 'minimum': 0}, - 'source': {'readonly': True}, - 'assessment_definitions': {'readonly': True}, + 'links': {'readonly': True}, } _attribute_map = { 'id': {'key': 'id', 'type': 'str'}, 'name': {'key': 'name', 'type': 'str'}, 'type': {'key': 'type', 'type': 'str'}, + 'resource_details': {'key': 'properties.resourceDetails', 'type': 'ResourceDetails'}, 'display_name': {'key': 'properties.displayName', 'type': 'str'}, - 'description': {'key': 'properties.description', 'type': 'str'}, - 'max_score': {'key': 'properties.maxScore', 'type': 'int'}, - 'source': {'key': 'properties.source', 'type': 'SecureScoreControlDefinitionSource'}, - 'assessment_definitions': {'key': 'properties.assessmentDefinitions', 'type': '[AzureResourceLink]'}, + 'additional_data': {'key': 'properties.additionalData', 'type': '{str}'}, + 'links': {'key': 'properties.links', 'type': 'AssessmentLinks'}, + 'metadata': {'key': 'properties.metadata', 'type': 'SecurityAssessmentMetadataProperties'}, + 'partners_data': {'key': 'properties.partnersData', 'type': 'SecurityAssessmentPartnerData'}, + 'status': {'key': 'properties.status', 'type': 'AssessmentStatus'}, } def __init__( self, + *, + resource_details: Optional["ResourceDetails"] = None, + additional_data: Optional[Dict[str, str]] = None, + metadata: Optional["SecurityAssessmentMetadataProperties"] = None, + partners_data: Optional["SecurityAssessmentPartnerData"] = None, + status: Optional["AssessmentStatus"] = None, **kwargs ): - super(SecureScoreControlDefinitionItem, self).__init__(**kwargs) + super(SecurityAssessment, self).__init__(**kwargs) + self.resource_details = resource_details self.display_name = None - self.description = None - self.max_score = None - self.source = None - self.assessment_definitions = None + self.additional_data = additional_data + self.links = None + self.metadata = metadata + self.partners_data = partners_data + self.status = status -class SecureScoreControlDefinitionList(msrest.serialization.Model): - """List of security controls definition. +class SecurityAssessmentList(msrest.serialization.Model): + """Page of a security assessments list. Variables are only populated by the server, and will be ignored when sending a request. - :ivar value: Collection of security controls definition in this page. - :vartype value: list[~azure.mgmt.security.models.SecureScoreControlDefinitionItem] + :ivar value: Collection of security assessments in this page. + :vartype value: list[~azure.mgmt.security.models.SecurityAssessmentResponse] :ivar next_link: The URI to fetch the next page. :vartype next_link: str """ @@ -7987,7 +9120,7 @@ class SecureScoreControlDefinitionList(msrest.serialization.Model): } _attribute_map = { - 'value': {'key': 'value', 'type': '[SecureScoreControlDefinitionItem]'}, + 'value': {'key': 'value', 'type': '[SecurityAssessmentResponse]'}, 'next_link': {'key': 'nextLink', 'type': 'str'}, } @@ -7995,182 +9128,381 @@ def __init__( self, **kwargs ): - super(SecureScoreControlDefinitionList, self).__init__(**kwargs) + super(SecurityAssessmentList, self).__init__(**kwargs) self.value = None self.next_link = None -class SecureScoreControlDefinitionSource(msrest.serialization.Model): - """The type of the security control (For example, BuiltIn). +class SecurityAssessmentMetadata(Resource): + """Security assessment metadata. - :param source_type: The type of security control (for example, BuiltIn). Possible values - include: "BuiltIn", "Custom". - :type source_type: str or ~azure.mgmt.security.models.ControlType + Variables are only populated by the server, and will be ignored when sending a request. + + :ivar id: Resource Id. + :vartype id: str + :ivar name: Resource name. + :vartype name: str + :ivar type: Resource type. + :vartype type: str + :param display_name: User friendly display name of the assessment. + :type display_name: str + :ivar policy_definition_id: Azure resource ID of the policy definition that turns this + assessment calculation on. + :vartype policy_definition_id: str + :param description: Human readable description of the assessment. + :type description: str + :param remediation_description: Human readable description of what you should do to mitigate + this security issue. + :type remediation_description: str + :param categories: + :type categories: list[str or ~azure.mgmt.security.models.Categories] + :param severity: The severity level of the assessment. Possible values include: "Low", + "Medium", "High". + :type severity: str or ~azure.mgmt.security.models.Severity + :param user_impact: The user impact of the assessment. Possible values include: "Low", + "Moderate", "High". + :type user_impact: str or ~azure.mgmt.security.models.UserImpact + :param implementation_effort: The implementation effort required to remediate this assessment. + Possible values include: "Low", "Moderate", "High". + :type implementation_effort: str or ~azure.mgmt.security.models.ImplementationEffort + :param threats: + :type threats: list[str or ~azure.mgmt.security.models.Threats] + :param preview: True if this assessment is in preview release status. + :type preview: bool + :param assessment_type: BuiltIn if the assessment based on built-in Azure Policy definition, + Custom if the assessment based on custom Azure Policy definition. Possible values include: + "BuiltIn", "CustomPolicy", "CustomerManaged", "VerifiedPartner". + :type assessment_type: str or ~azure.mgmt.security.models.AssessmentType + :param partner_data: Describes the partner that created the assessment. + :type partner_data: ~azure.mgmt.security.models.SecurityAssessmentMetadataPartnerData """ + _validation = { + 'id': {'readonly': True}, + 'name': {'readonly': True}, + 'type': {'readonly': True}, + 'policy_definition_id': {'readonly': True}, + } + _attribute_map = { - 'source_type': {'key': 'sourceType', 'type': 'str'}, + 'id': {'key': 'id', 'type': 'str'}, + 'name': {'key': 'name', 'type': 'str'}, + 'type': {'key': 'type', 'type': 'str'}, + 'display_name': {'key': 'properties.displayName', 'type': 'str'}, + 'policy_definition_id': {'key': 'properties.policyDefinitionId', 'type': 'str'}, + 'description': {'key': 'properties.description', 'type': 'str'}, + 'remediation_description': {'key': 'properties.remediationDescription', 'type': 'str'}, + 'categories': {'key': 'properties.categories', 'type': '[str]'}, + 'severity': {'key': 'properties.severity', 'type': 'str'}, + 'user_impact': {'key': 'properties.userImpact', 'type': 'str'}, + 'implementation_effort': {'key': 'properties.implementationEffort', 'type': 'str'}, + 'threats': {'key': 'properties.threats', 'type': '[str]'}, + 'preview': {'key': 'properties.preview', 'type': 'bool'}, + 'assessment_type': {'key': 'properties.assessmentType', 'type': 'str'}, + 'partner_data': {'key': 'properties.partnerData', 'type': 'SecurityAssessmentMetadataPartnerData'}, } def __init__( self, *, - source_type: Optional[Union[str, "ControlType"]] = None, + display_name: Optional[str] = None, + description: Optional[str] = None, + remediation_description: Optional[str] = None, + categories: Optional[List[Union[str, "Categories"]]] = None, + severity: Optional[Union[str, "Severity"]] = None, + user_impact: Optional[Union[str, "UserImpact"]] = None, + implementation_effort: Optional[Union[str, "ImplementationEffort"]] = None, + threats: Optional[List[Union[str, "Threats"]]] = None, + preview: Optional[bool] = None, + assessment_type: Optional[Union[str, "AssessmentType"]] = None, + partner_data: Optional["SecurityAssessmentMetadataPartnerData"] = None, **kwargs ): - super(SecureScoreControlDefinitionSource, self).__init__(**kwargs) - self.source_type = source_type + super(SecurityAssessmentMetadata, self).__init__(**kwargs) + self.display_name = display_name + self.policy_definition_id = None + self.description = description + self.remediation_description = remediation_description + self.categories = categories + self.severity = severity + self.user_impact = user_impact + self.implementation_effort = implementation_effort + self.threats = threats + self.preview = preview + self.assessment_type = assessment_type + self.partner_data = partner_data + + +class SecurityAssessmentMetadataPartnerData(msrest.serialization.Model): + """Describes the partner that created the assessment. + + All required parameters must be populated in order to send to Azure. + + :param partner_name: Required. Name of the company of the partner. + :type partner_name: str + :param product_name: Name of the product of the partner that created the assessment. + :type product_name: str + :param secret: Required. Secret to authenticate the partner and verify it created the + assessment - write only. + :type secret: str + """ + + _validation = { + 'partner_name': {'required': True}, + 'secret': {'required': True}, + } + + _attribute_map = { + 'partner_name': {'key': 'partnerName', 'type': 'str'}, + 'product_name': {'key': 'productName', 'type': 'str'}, + 'secret': {'key': 'secret', 'type': 'str'}, + } + + def __init__( + self, + *, + partner_name: str, + secret: str, + product_name: Optional[str] = None, + **kwargs + ): + super(SecurityAssessmentMetadataPartnerData, self).__init__(**kwargs) + self.partner_name = partner_name + self.product_name = product_name + self.secret = secret -class SecureScoreControlDetails(Resource): - """Details of the security control, its score, and the health status of the relevant resources. +class SecurityAssessmentMetadataProperties(msrest.serialization.Model): + """Describes properties of an assessment metadata. Variables are only populated by the server, and will be ignored when sending a request. - :ivar id: Resource Id. - :vartype id: str - :ivar name: Resource name. - :vartype name: str - :ivar type: Resource type. - :vartype type: str - :ivar display_name: User friendly display name of the control. - :vartype display_name: str - :ivar healthy_resource_count: Number of healthy resources in the control. - :vartype healthy_resource_count: int - :ivar unhealthy_resource_count: Number of unhealthy resources in the control. - :vartype unhealthy_resource_count: int - :ivar not_applicable_resource_count: Number of not applicable resources in the control. - :vartype not_applicable_resource_count: int - :ivar weight: The relative weight for this specific control in each of your subscriptions. Used - when calculating an aggregated score for this control across all of your subscriptions. - :vartype weight: long - :param definition: Information about the security control. - :type definition: ~azure.mgmt.security.models.SecureScoreControlDefinitionItem - :ivar max: Maximum score available. - :vartype max: int - :ivar current: Current score. - :vartype current: float - :ivar percentage: Ratio of the current score divided by the maximum. Rounded to 4 digits after - the decimal point. - :vartype percentage: float + All required parameters must be populated in order to send to Azure. + + :param display_name: Required. User friendly display name of the assessment. + :type display_name: str + :ivar policy_definition_id: Azure resource ID of the policy definition that turns this + assessment calculation on. + :vartype policy_definition_id: str + :param description: Human readable description of the assessment. + :type description: str + :param remediation_description: Human readable description of what you should do to mitigate + this security issue. + :type remediation_description: str + :param categories: + :type categories: list[str or ~azure.mgmt.security.models.Categories] + :param severity: Required. The severity level of the assessment. Possible values include: + "Low", "Medium", "High". + :type severity: str or ~azure.mgmt.security.models.Severity + :param user_impact: The user impact of the assessment. Possible values include: "Low", + "Moderate", "High". + :type user_impact: str or ~azure.mgmt.security.models.UserImpact + :param implementation_effort: The implementation effort required to remediate this assessment. + Possible values include: "Low", "Moderate", "High". + :type implementation_effort: str or ~azure.mgmt.security.models.ImplementationEffort + :param threats: + :type threats: list[str or ~azure.mgmt.security.models.Threats] + :param preview: True if this assessment is in preview release status. + :type preview: bool + :param assessment_type: Required. BuiltIn if the assessment based on built-in Azure Policy + definition, Custom if the assessment based on custom Azure Policy definition. Possible values + include: "BuiltIn", "CustomPolicy", "CustomerManaged", "VerifiedPartner". + :type assessment_type: str or ~azure.mgmt.security.models.AssessmentType + :param partner_data: Describes the partner that created the assessment. + :type partner_data: ~azure.mgmt.security.models.SecurityAssessmentMetadataPartnerData """ _validation = { - 'id': {'readonly': True}, - 'name': {'readonly': True}, - 'type': {'readonly': True}, - 'display_name': {'readonly': True}, - 'healthy_resource_count': {'readonly': True}, - 'unhealthy_resource_count': {'readonly': True}, - 'not_applicable_resource_count': {'readonly': True}, - 'weight': {'readonly': True, 'minimum': 0}, - 'max': {'readonly': True, 'minimum': 0}, - 'current': {'readonly': True, 'minimum': 0}, - 'percentage': {'readonly': True, 'maximum': 1, 'minimum': 0}, + 'display_name': {'required': True}, + 'policy_definition_id': {'readonly': True}, + 'severity': {'required': True}, + 'assessment_type': {'required': True}, } _attribute_map = { - 'id': {'key': 'id', 'type': 'str'}, - 'name': {'key': 'name', 'type': 'str'}, - 'type': {'key': 'type', 'type': 'str'}, - 'display_name': {'key': 'properties.displayName', 'type': 'str'}, - 'healthy_resource_count': {'key': 'properties.healthyResourceCount', 'type': 'int'}, - 'unhealthy_resource_count': {'key': 'properties.unhealthyResourceCount', 'type': 'int'}, - 'not_applicable_resource_count': {'key': 'properties.notApplicableResourceCount', 'type': 'int'}, - 'weight': {'key': 'properties.weight', 'type': 'long'}, - 'definition': {'key': 'properties.definition', 'type': 'SecureScoreControlDefinitionItem'}, - 'max': {'key': 'properties.score.max', 'type': 'int'}, - 'current': {'key': 'properties.score.current', 'type': 'float'}, - 'percentage': {'key': 'properties.score.percentage', 'type': 'float'}, + 'display_name': {'key': 'displayName', 'type': 'str'}, + 'policy_definition_id': {'key': 'policyDefinitionId', 'type': 'str'}, + 'description': {'key': 'description', 'type': 'str'}, + 'remediation_description': {'key': 'remediationDescription', 'type': 'str'}, + 'categories': {'key': 'categories', 'type': '[str]'}, + 'severity': {'key': 'severity', 'type': 'str'}, + 'user_impact': {'key': 'userImpact', 'type': 'str'}, + 'implementation_effort': {'key': 'implementationEffort', 'type': 'str'}, + 'threats': {'key': 'threats', 'type': '[str]'}, + 'preview': {'key': 'preview', 'type': 'bool'}, + 'assessment_type': {'key': 'assessmentType', 'type': 'str'}, + 'partner_data': {'key': 'partnerData', 'type': 'SecurityAssessmentMetadataPartnerData'}, } def __init__( self, *, - definition: Optional["SecureScoreControlDefinitionItem"] = None, + display_name: str, + severity: Union[str, "Severity"], + assessment_type: Union[str, "AssessmentType"], + description: Optional[str] = None, + remediation_description: Optional[str] = None, + categories: Optional[List[Union[str, "Categories"]]] = None, + user_impact: Optional[Union[str, "UserImpact"]] = None, + implementation_effort: Optional[Union[str, "ImplementationEffort"]] = None, + threats: Optional[List[Union[str, "Threats"]]] = None, + preview: Optional[bool] = None, + partner_data: Optional["SecurityAssessmentMetadataPartnerData"] = None, **kwargs ): - super(SecureScoreControlDetails, self).__init__(**kwargs) - self.display_name = None - self.healthy_resource_count = None - self.unhealthy_resource_count = None - self.not_applicable_resource_count = None - self.weight = None - self.definition = definition - self.max = None - self.current = None - self.percentage = None + super(SecurityAssessmentMetadataProperties, self).__init__(**kwargs) + self.display_name = display_name + self.policy_definition_id = None + self.description = description + self.remediation_description = remediation_description + self.categories = categories + self.severity = severity + self.user_impact = user_impact + self.implementation_effort = implementation_effort + self.threats = threats + self.preview = preview + self.assessment_type = assessment_type + self.partner_data = partner_data -class SecureScoreControlList(msrest.serialization.Model): - """List of security controls. +class SecurityAssessmentMetadataPropertiesResponse(SecurityAssessmentMetadataProperties): + """Describes properties of an assessment metadata response. Variables are only populated by the server, and will be ignored when sending a request. - :ivar value: Collection of security controls in this page. - :vartype value: list[~azure.mgmt.security.models.SecureScoreControlDetails] - :ivar next_link: The URI to fetch the next page. - :vartype next_link: str + All required parameters must be populated in order to send to Azure. + + :param display_name: Required. User friendly display name of the assessment. + :type display_name: str + :ivar policy_definition_id: Azure resource ID of the policy definition that turns this + assessment calculation on. + :vartype policy_definition_id: str + :param description: Human readable description of the assessment. + :type description: str + :param remediation_description: Human readable description of what you should do to mitigate + this security issue. + :type remediation_description: str + :param categories: + :type categories: list[str or ~azure.mgmt.security.models.Categories] + :param severity: Required. The severity level of the assessment. Possible values include: + "Low", "Medium", "High". + :type severity: str or ~azure.mgmt.security.models.Severity + :param user_impact: The user impact of the assessment. Possible values include: "Low", + "Moderate", "High". + :type user_impact: str or ~azure.mgmt.security.models.UserImpact + :param implementation_effort: The implementation effort required to remediate this assessment. + Possible values include: "Low", "Moderate", "High". + :type implementation_effort: str or ~azure.mgmt.security.models.ImplementationEffort + :param threats: + :type threats: list[str or ~azure.mgmt.security.models.Threats] + :param preview: True if this assessment is in preview release status. + :type preview: bool + :param assessment_type: Required. BuiltIn if the assessment based on built-in Azure Policy + definition, Custom if the assessment based on custom Azure Policy definition. Possible values + include: "BuiltIn", "CustomPolicy", "CustomerManaged", "VerifiedPartner". + :type assessment_type: str or ~azure.mgmt.security.models.AssessmentType + :param partner_data: Describes the partner that created the assessment. + :type partner_data: ~azure.mgmt.security.models.SecurityAssessmentMetadataPartnerData + :param publish_dates: + :type publish_dates: + ~azure.mgmt.security.models.SecurityAssessmentMetadataPropertiesResponsePublishDates + :param planned_deprecation_date: + :type planned_deprecation_date: str + :param tactics: + :type tactics: list[str or ~azure.mgmt.security.models.Tactics] + :param techniques: + :type techniques: list[str or ~azure.mgmt.security.models.Techniques] """ _validation = { - 'value': {'readonly': True}, - 'next_link': {'readonly': True}, + 'display_name': {'required': True}, + 'policy_definition_id': {'readonly': True}, + 'severity': {'required': True}, + 'assessment_type': {'required': True}, + 'planned_deprecation_date': {'pattern': r'^[0-9]{2}/[0-9]{4}$'}, } _attribute_map = { - 'value': {'key': 'value', 'type': '[SecureScoreControlDetails]'}, - 'next_link': {'key': 'nextLink', 'type': 'str'}, + 'display_name': {'key': 'displayName', 'type': 'str'}, + 'policy_definition_id': {'key': 'policyDefinitionId', 'type': 'str'}, + 'description': {'key': 'description', 'type': 'str'}, + 'remediation_description': {'key': 'remediationDescription', 'type': 'str'}, + 'categories': {'key': 'categories', 'type': '[str]'}, + 'severity': {'key': 'severity', 'type': 'str'}, + 'user_impact': {'key': 'userImpact', 'type': 'str'}, + 'implementation_effort': {'key': 'implementationEffort', 'type': 'str'}, + 'threats': {'key': 'threats', 'type': '[str]'}, + 'preview': {'key': 'preview', 'type': 'bool'}, + 'assessment_type': {'key': 'assessmentType', 'type': 'str'}, + 'partner_data': {'key': 'partnerData', 'type': 'SecurityAssessmentMetadataPartnerData'}, + 'publish_dates': {'key': 'publishDates', 'type': 'SecurityAssessmentMetadataPropertiesResponsePublishDates'}, + 'planned_deprecation_date': {'key': 'plannedDeprecationDate', 'type': 'str'}, + 'tactics': {'key': 'tactics', 'type': '[str]'}, + 'techniques': {'key': 'techniques', 'type': '[str]'}, } def __init__( self, + *, + display_name: str, + severity: Union[str, "Severity"], + assessment_type: Union[str, "AssessmentType"], + description: Optional[str] = None, + remediation_description: Optional[str] = None, + categories: Optional[List[Union[str, "Categories"]]] = None, + user_impact: Optional[Union[str, "UserImpact"]] = None, + implementation_effort: Optional[Union[str, "ImplementationEffort"]] = None, + threats: Optional[List[Union[str, "Threats"]]] = None, + preview: Optional[bool] = None, + partner_data: Optional["SecurityAssessmentMetadataPartnerData"] = None, + publish_dates: Optional["SecurityAssessmentMetadataPropertiesResponsePublishDates"] = None, + planned_deprecation_date: Optional[str] = None, + tactics: Optional[List[Union[str, "Tactics"]]] = None, + techniques: Optional[List[Union[str, "Techniques"]]] = None, **kwargs ): - super(SecureScoreControlList, self).__init__(**kwargs) - self.value = None - self.next_link = None + super(SecurityAssessmentMetadataPropertiesResponse, self).__init__(display_name=display_name, description=description, remediation_description=remediation_description, categories=categories, severity=severity, user_impact=user_impact, implementation_effort=implementation_effort, threats=threats, preview=preview, assessment_type=assessment_type, partner_data=partner_data, **kwargs) + self.publish_dates = publish_dates + self.planned_deprecation_date = planned_deprecation_date + self.tactics = tactics + self.techniques = techniques -class SecureScoreControlScore(msrest.serialization.Model): - """Calculation result data. +class SecurityAssessmentMetadataPropertiesResponsePublishDates(msrest.serialization.Model): + """SecurityAssessmentMetadataPropertiesResponsePublishDates. - Variables are only populated by the server, and will be ignored when sending a request. + All required parameters must be populated in order to send to Azure. - :ivar max: Maximum control score (0..10). - :vartype max: int - :ivar current: Actual score for the control = (achieved points / total points) * max score. if - total points is zeroed, the return number is 0.00. - :vartype current: float - :ivar percentage: Ratio of the current score divided by the maximum. Rounded to 4 digits after - the decimal point. - :vartype percentage: float + :param ga: + :type ga: str + :param public: Required. + :type public: str """ _validation = { - 'max': {'readonly': True, 'maximum': 10, 'minimum': 0}, - 'current': {'readonly': True, 'maximum': 10, 'minimum': 0}, - 'percentage': {'readonly': True, 'maximum': 1, 'minimum': 0}, + 'ga': {'pattern': r'^([0-9]{2}/){2}[0-9]{4}$'}, + 'public': {'required': True, 'pattern': r'^([0-9]{2}/){2}[0-9]{4}$'}, } _attribute_map = { - 'max': {'key': 'max', 'type': 'int'}, - 'current': {'key': 'current', 'type': 'float'}, - 'percentage': {'key': 'percentage', 'type': 'float'}, + 'ga': {'key': 'GA', 'type': 'str'}, + 'public': {'key': 'public', 'type': 'str'}, } def __init__( self, + *, + public: str, + ga: Optional[str] = None, **kwargs ): - super(SecureScoreControlScore, self).__init__(**kwargs) - self.max = None - self.current = None - self.percentage = None + super(SecurityAssessmentMetadataPropertiesResponsePublishDates, self).__init__(**kwargs) + self.ga = ga + self.public = public -class SecureScoreItem(Resource): - """Secure score item data model. +class SecurityAssessmentMetadataResponse(Resource): + """Security assessment metadata response. Variables are only populated by the server, and will be ignored when sending a request. @@ -8180,29 +9512,54 @@ class SecureScoreItem(Resource): :vartype name: str :ivar type: Resource type. :vartype type: str - :ivar display_name: The initiative’s name. - :vartype display_name: str - :ivar weight: The relative weight for each subscription. Used when calculating an aggregated - secure score for multiple subscriptions. - :vartype weight: long - :ivar max: Maximum score available. - :vartype max: int - :ivar current: Current score. - :vartype current: float - :ivar percentage: Ratio of the current score divided by the maximum. Rounded to 4 digits after - the decimal point. - :vartype percentage: float + :param display_name: User friendly display name of the assessment. + :type display_name: str + :ivar policy_definition_id: Azure resource ID of the policy definition that turns this + assessment calculation on. + :vartype policy_definition_id: str + :param description: Human readable description of the assessment. + :type description: str + :param remediation_description: Human readable description of what you should do to mitigate + this security issue. + :type remediation_description: str + :param categories: + :type categories: list[str or ~azure.mgmt.security.models.Categories] + :param severity: The severity level of the assessment. Possible values include: "Low", + "Medium", "High". + :type severity: str or ~azure.mgmt.security.models.Severity + :param user_impact: The user impact of the assessment. Possible values include: "Low", + "Moderate", "High". + :type user_impact: str or ~azure.mgmt.security.models.UserImpact + :param implementation_effort: The implementation effort required to remediate this assessment. + Possible values include: "Low", "Moderate", "High". + :type implementation_effort: str or ~azure.mgmt.security.models.ImplementationEffort + :param threats: + :type threats: list[str or ~azure.mgmt.security.models.Threats] + :param preview: True if this assessment is in preview release status. + :type preview: bool + :param assessment_type: BuiltIn if the assessment based on built-in Azure Policy definition, + Custom if the assessment based on custom Azure Policy definition. Possible values include: + "BuiltIn", "CustomPolicy", "CustomerManaged", "VerifiedPartner". + :type assessment_type: str or ~azure.mgmt.security.models.AssessmentType + :param partner_data: Describes the partner that created the assessment. + :type partner_data: ~azure.mgmt.security.models.SecurityAssessmentMetadataPartnerData + :param publish_dates: + :type publish_dates: + ~azure.mgmt.security.models.SecurityAssessmentMetadataPropertiesResponsePublishDates + :param planned_deprecation_date: + :type planned_deprecation_date: str + :param tactics: + :type tactics: list[str or ~azure.mgmt.security.models.Tactics] + :param techniques: + :type techniques: list[str or ~azure.mgmt.security.models.Techniques] """ _validation = { 'id': {'readonly': True}, 'name': {'readonly': True}, 'type': {'readonly': True}, - 'display_name': {'readonly': True}, - 'weight': {'readonly': True, 'minimum': 0}, - 'max': {'readonly': True, 'minimum': 0}, - 'current': {'readonly': True, 'minimum': 0}, - 'percentage': {'readonly': True, 'maximum': 1, 'minimum': 0}, + 'policy_definition_id': {'readonly': True}, + 'planned_deprecation_date': {'pattern': r'^[0-9]{2}/[0-9]{4}$'}, } _attribute_map = { @@ -8210,31 +9567,69 @@ class SecureScoreItem(Resource): 'name': {'key': 'name', 'type': 'str'}, 'type': {'key': 'type', 'type': 'str'}, 'display_name': {'key': 'properties.displayName', 'type': 'str'}, - 'weight': {'key': 'properties.weight', 'type': 'long'}, - 'max': {'key': 'properties.score.max', 'type': 'int'}, - 'current': {'key': 'properties.score.current', 'type': 'float'}, - 'percentage': {'key': 'properties.score.percentage', 'type': 'float'}, + 'policy_definition_id': {'key': 'properties.policyDefinitionId', 'type': 'str'}, + 'description': {'key': 'properties.description', 'type': 'str'}, + 'remediation_description': {'key': 'properties.remediationDescription', 'type': 'str'}, + 'categories': {'key': 'properties.categories', 'type': '[str]'}, + 'severity': {'key': 'properties.severity', 'type': 'str'}, + 'user_impact': {'key': 'properties.userImpact', 'type': 'str'}, + 'implementation_effort': {'key': 'properties.implementationEffort', 'type': 'str'}, + 'threats': {'key': 'properties.threats', 'type': '[str]'}, + 'preview': {'key': 'properties.preview', 'type': 'bool'}, + 'assessment_type': {'key': 'properties.assessmentType', 'type': 'str'}, + 'partner_data': {'key': 'properties.partnerData', 'type': 'SecurityAssessmentMetadataPartnerData'}, + 'publish_dates': {'key': 'properties.publishDates', 'type': 'SecurityAssessmentMetadataPropertiesResponsePublishDates'}, + 'planned_deprecation_date': {'key': 'properties.plannedDeprecationDate', 'type': 'str'}, + 'tactics': {'key': 'properties.tactics', 'type': '[str]'}, + 'techniques': {'key': 'properties.techniques', 'type': '[str]'}, } def __init__( self, + *, + display_name: Optional[str] = None, + description: Optional[str] = None, + remediation_description: Optional[str] = None, + categories: Optional[List[Union[str, "Categories"]]] = None, + severity: Optional[Union[str, "Severity"]] = None, + user_impact: Optional[Union[str, "UserImpact"]] = None, + implementation_effort: Optional[Union[str, "ImplementationEffort"]] = None, + threats: Optional[List[Union[str, "Threats"]]] = None, + preview: Optional[bool] = None, + assessment_type: Optional[Union[str, "AssessmentType"]] = None, + partner_data: Optional["SecurityAssessmentMetadataPartnerData"] = None, + publish_dates: Optional["SecurityAssessmentMetadataPropertiesResponsePublishDates"] = None, + planned_deprecation_date: Optional[str] = None, + tactics: Optional[List[Union[str, "Tactics"]]] = None, + techniques: Optional[List[Union[str, "Techniques"]]] = None, **kwargs ): - super(SecureScoreItem, self).__init__(**kwargs) - self.display_name = None - self.weight = None - self.max = None - self.current = None - self.percentage = None + super(SecurityAssessmentMetadataResponse, self).__init__(**kwargs) + self.display_name = display_name + self.policy_definition_id = None + self.description = description + self.remediation_description = remediation_description + self.categories = categories + self.severity = severity + self.user_impact = user_impact + self.implementation_effort = implementation_effort + self.threats = threats + self.preview = preview + self.assessment_type = assessment_type + self.partner_data = partner_data + self.publish_dates = publish_dates + self.planned_deprecation_date = planned_deprecation_date + self.tactics = tactics + self.techniques = techniques -class SecureScoresList(msrest.serialization.Model): - """List of secure scores. +class SecurityAssessmentMetadataResponseList(msrest.serialization.Model): + """List of security assessment metadata. Variables are only populated by the server, and will be ignored when sending a request. - :ivar value: Collection of secure scores in this page. - :vartype value: list[~azure.mgmt.security.models.SecureScoreItem] + :ivar value: + :vartype value: list[~azure.mgmt.security.models.SecurityAssessmentMetadataResponse] :ivar next_link: The URI to fetch the next page. :vartype next_link: str """ @@ -8245,7 +9640,7 @@ class SecureScoresList(msrest.serialization.Model): } _attribute_map = { - 'value': {'key': 'value', 'type': '[SecureScoreItem]'}, + 'value': {'key': 'value', 'type': '[SecurityAssessmentMetadataResponse]'}, 'next_link': {'key': 'nextLink', 'type': 'str'}, } @@ -8253,28 +9648,55 @@ def __init__( self, **kwargs ): - super(SecureScoresList, self).__init__(**kwargs) + super(SecurityAssessmentMetadataResponseList, self).__init__(**kwargs) self.value = None self.next_link = None -class SecurityAssessment(Resource): - """Security assessment on a resource. +class SecurityAssessmentPartnerData(msrest.serialization.Model): + """Data regarding 3rd party partner integration. + + All required parameters must be populated in order to send to Azure. + + :param partner_name: Required. Name of the company of the partner. + :type partner_name: str + :param secret: Required. secret to authenticate the partner - write only. + :type secret: str + """ + + _validation = { + 'partner_name': {'required': True}, + 'secret': {'required': True}, + } + + _attribute_map = { + 'partner_name': {'key': 'partnerName', 'type': 'str'}, + 'secret': {'key': 'secret', 'type': 'str'}, + } + + def __init__( + self, + *, + partner_name: str, + secret: str, + **kwargs + ): + super(SecurityAssessmentPartnerData, self).__init__(**kwargs) + self.partner_name = partner_name + self.secret = secret + + +class SecurityAssessmentPropertiesBase(msrest.serialization.Model): + """Describes properties of an assessment. Variables are only populated by the server, and will be ignored when sending a request. - :ivar id: Resource Id. - :vartype id: str - :ivar name: Resource name. - :vartype name: str - :ivar type: Resource type. - :vartype type: str - :param resource_details: Details of the resource that was assessed. + All required parameters must be populated in order to send to Azure. + + :param resource_details: Required. Details of the resource that was assessed. :type resource_details: ~azure.mgmt.security.models.ResourceDetails :ivar display_name: User friendly display name of the assessment. :vartype display_name: str - :param status: The result of the assessment. - :type status: ~azure.mgmt.security.models.AssessmentStatus :param additional_data: Additional data regarding the assessment. :type additional_data: dict[str, str] :ivar links: Links relevant to the assessment. @@ -8286,369 +9708,366 @@ class SecurityAssessment(Resource): """ _validation = { - 'id': {'readonly': True}, - 'name': {'readonly': True}, - 'type': {'readonly': True}, + 'resource_details': {'required': True}, 'display_name': {'readonly': True}, 'links': {'readonly': True}, } _attribute_map = { - 'id': {'key': 'id', 'type': 'str'}, - 'name': {'key': 'name', 'type': 'str'}, - 'type': {'key': 'type', 'type': 'str'}, - 'resource_details': {'key': 'properties.resourceDetails', 'type': 'ResourceDetails'}, - 'display_name': {'key': 'properties.displayName', 'type': 'str'}, - 'status': {'key': 'properties.status', 'type': 'AssessmentStatus'}, - 'additional_data': {'key': 'properties.additionalData', 'type': '{str}'}, - 'links': {'key': 'properties.links', 'type': 'AssessmentLinks'}, - 'metadata': {'key': 'properties.metadata', 'type': 'SecurityAssessmentMetadataProperties'}, - 'partners_data': {'key': 'properties.partnersData', 'type': 'SecurityAssessmentPartnerData'}, + 'resource_details': {'key': 'resourceDetails', 'type': 'ResourceDetails'}, + 'display_name': {'key': 'displayName', 'type': 'str'}, + 'additional_data': {'key': 'additionalData', 'type': '{str}'}, + 'links': {'key': 'links', 'type': 'AssessmentLinks'}, + 'metadata': {'key': 'metadata', 'type': 'SecurityAssessmentMetadataProperties'}, + 'partners_data': {'key': 'partnersData', 'type': 'SecurityAssessmentPartnerData'}, } def __init__( self, *, - resource_details: Optional["ResourceDetails"] = None, - status: Optional["AssessmentStatus"] = None, + resource_details: "ResourceDetails", additional_data: Optional[Dict[str, str]] = None, metadata: Optional["SecurityAssessmentMetadataProperties"] = None, partners_data: Optional["SecurityAssessmentPartnerData"] = None, **kwargs ): - super(SecurityAssessment, self).__init__(**kwargs) + super(SecurityAssessmentPropertiesBase, self).__init__(**kwargs) self.resource_details = resource_details self.display_name = None - self.status = status self.additional_data = additional_data self.links = None self.metadata = metadata self.partners_data = partners_data -class SecurityAssessmentList(msrest.serialization.Model): - """Page of a security assessments list. +class SecurityAssessmentProperties(SecurityAssessmentPropertiesBase): + """Describes properties of an assessment. Variables are only populated by the server, and will be ignored when sending a request. - :ivar value: Collection of security assessments in this page. - :vartype value: list[~azure.mgmt.security.models.SecurityAssessment] - :ivar next_link: The URI to fetch the next page. - :vartype next_link: str + All required parameters must be populated in order to send to Azure. + + :param resource_details: Required. Details of the resource that was assessed. + :type resource_details: ~azure.mgmt.security.models.ResourceDetails + :ivar display_name: User friendly display name of the assessment. + :vartype display_name: str + :param additional_data: Additional data regarding the assessment. + :type additional_data: dict[str, str] + :ivar links: Links relevant to the assessment. + :vartype links: ~azure.mgmt.security.models.AssessmentLinks + :param metadata: Describes properties of an assessment metadata. + :type metadata: ~azure.mgmt.security.models.SecurityAssessmentMetadataProperties + :param partners_data: Data regarding 3rd party partner integration. + :type partners_data: ~azure.mgmt.security.models.SecurityAssessmentPartnerData + :param status: Required. The result of the assessment. + :type status: ~azure.mgmt.security.models.AssessmentStatus """ _validation = { - 'value': {'readonly': True}, - 'next_link': {'readonly': True}, + 'resource_details': {'required': True}, + 'display_name': {'readonly': True}, + 'links': {'readonly': True}, + 'status': {'required': True}, } _attribute_map = { - 'value': {'key': 'value', 'type': '[SecurityAssessment]'}, - 'next_link': {'key': 'nextLink', 'type': 'str'}, + 'resource_details': {'key': 'resourceDetails', 'type': 'ResourceDetails'}, + 'display_name': {'key': 'displayName', 'type': 'str'}, + 'additional_data': {'key': 'additionalData', 'type': '{str}'}, + 'links': {'key': 'links', 'type': 'AssessmentLinks'}, + 'metadata': {'key': 'metadata', 'type': 'SecurityAssessmentMetadataProperties'}, + 'partners_data': {'key': 'partnersData', 'type': 'SecurityAssessmentPartnerData'}, + 'status': {'key': 'status', 'type': 'AssessmentStatus'}, } def __init__( self, + *, + resource_details: "ResourceDetails", + status: "AssessmentStatus", + additional_data: Optional[Dict[str, str]] = None, + metadata: Optional["SecurityAssessmentMetadataProperties"] = None, + partners_data: Optional["SecurityAssessmentPartnerData"] = None, **kwargs ): - super(SecurityAssessmentList, self).__init__(**kwargs) - self.value = None - self.next_link = None + super(SecurityAssessmentProperties, self).__init__(resource_details=resource_details, additional_data=additional_data, metadata=metadata, partners_data=partners_data, **kwargs) + self.status = status -class SecurityAssessmentMetadata(Resource): - """Security assessment metadata. +class SecurityAssessmentPropertiesResponse(SecurityAssessmentPropertiesBase): + """Describes properties of an assessment. Variables are only populated by the server, and will be ignored when sending a request. - :ivar id: Resource Id. - :vartype id: str - :ivar name: Resource name. - :vartype name: str - :ivar type: Resource type. - :vartype type: str - :param display_name: User friendly display name of the assessment. - :type display_name: str - :ivar policy_definition_id: Azure resource ID of the policy definition that turns this - assessment calculation on. - :vartype policy_definition_id: str - :param description: Human readable description of the assessment. - :type description: str - :param remediation_description: Human readable description of what you should do to mitigate - this security issue. - :type remediation_description: str - :param categories: - :type categories: list[str or ~azure.mgmt.security.models.Categories] - :param severity: The severity level of the assessment. Possible values include: "Low", - "Medium", "High". - :type severity: str or ~azure.mgmt.security.models.Severity - :param user_impact: The user impact of the assessment. Possible values include: "Low", - "Moderate", "High". - :type user_impact: str or ~azure.mgmt.security.models.UserImpact - :param implementation_effort: The implementation effort required to remediate this assessment. - Possible values include: "Low", "Moderate", "High". - :type implementation_effort: str or ~azure.mgmt.security.models.ImplementationEffort - :param threats: - :type threats: list[str or ~azure.mgmt.security.models.Threats] - :param preview: True if this assessment is in preview release status. - :type preview: bool - :param assessment_type: BuiltIn if the assessment based on built-in Azure Policy definition, - Custom if the assessment based on custom Azure Policy definition. Possible values include: - "BuiltIn", "CustomPolicy", "CustomerManaged", "VerifiedPartner". - :type assessment_type: str or ~azure.mgmt.security.models.AssessmentType - :param partner_data: Describes the partner that created the assessment. - :type partner_data: ~azure.mgmt.security.models.SecurityAssessmentMetadataPartnerData - """ - - _validation = { - 'id': {'readonly': True}, - 'name': {'readonly': True}, - 'type': {'readonly': True}, - 'policy_definition_id': {'readonly': True}, - } + All required parameters must be populated in order to send to Azure. - _attribute_map = { - 'id': {'key': 'id', 'type': 'str'}, - 'name': {'key': 'name', 'type': 'str'}, - 'type': {'key': 'type', 'type': 'str'}, - 'display_name': {'key': 'properties.displayName', 'type': 'str'}, - 'policy_definition_id': {'key': 'properties.policyDefinitionId', 'type': 'str'}, - 'description': {'key': 'properties.description', 'type': 'str'}, - 'remediation_description': {'key': 'properties.remediationDescription', 'type': 'str'}, - 'categories': {'key': 'properties.categories', 'type': '[str]'}, - 'severity': {'key': 'properties.severity', 'type': 'str'}, - 'user_impact': {'key': 'properties.userImpact', 'type': 'str'}, - 'implementation_effort': {'key': 'properties.implementationEffort', 'type': 'str'}, - 'threats': {'key': 'properties.threats', 'type': '[str]'}, - 'preview': {'key': 'properties.preview', 'type': 'bool'}, - 'assessment_type': {'key': 'properties.assessmentType', 'type': 'str'}, - 'partner_data': {'key': 'properties.partnerData', 'type': 'SecurityAssessmentMetadataPartnerData'}, + :param resource_details: Required. Details of the resource that was assessed. + :type resource_details: ~azure.mgmt.security.models.ResourceDetails + :ivar display_name: User friendly display name of the assessment. + :vartype display_name: str + :param additional_data: Additional data regarding the assessment. + :type additional_data: dict[str, str] + :ivar links: Links relevant to the assessment. + :vartype links: ~azure.mgmt.security.models.AssessmentLinks + :param metadata: Describes properties of an assessment metadata. + :type metadata: ~azure.mgmt.security.models.SecurityAssessmentMetadataProperties + :param partners_data: Data regarding 3rd party partner integration. + :type partners_data: ~azure.mgmt.security.models.SecurityAssessmentPartnerData + :param status: Required. The result of the assessment. + :type status: ~azure.mgmt.security.models.AssessmentStatusResponse + """ + + _validation = { + 'resource_details': {'required': True}, + 'display_name': {'readonly': True}, + 'links': {'readonly': True}, + 'status': {'required': True}, + } + + _attribute_map = { + 'resource_details': {'key': 'resourceDetails', 'type': 'ResourceDetails'}, + 'display_name': {'key': 'displayName', 'type': 'str'}, + 'additional_data': {'key': 'additionalData', 'type': '{str}'}, + 'links': {'key': 'links', 'type': 'AssessmentLinks'}, + 'metadata': {'key': 'metadata', 'type': 'SecurityAssessmentMetadataProperties'}, + 'partners_data': {'key': 'partnersData', 'type': 'SecurityAssessmentPartnerData'}, + 'status': {'key': 'status', 'type': 'AssessmentStatusResponse'}, } def __init__( self, *, - display_name: Optional[str] = None, - description: Optional[str] = None, - remediation_description: Optional[str] = None, - categories: Optional[List[Union[str, "Categories"]]] = None, - severity: Optional[Union[str, "Severity"]] = None, - user_impact: Optional[Union[str, "UserImpact"]] = None, - implementation_effort: Optional[Union[str, "ImplementationEffort"]] = None, - threats: Optional[List[Union[str, "Threats"]]] = None, - preview: Optional[bool] = None, - assessment_type: Optional[Union[str, "AssessmentType"]] = None, - partner_data: Optional["SecurityAssessmentMetadataPartnerData"] = None, + resource_details: "ResourceDetails", + status: "AssessmentStatusResponse", + additional_data: Optional[Dict[str, str]] = None, + metadata: Optional["SecurityAssessmentMetadataProperties"] = None, + partners_data: Optional["SecurityAssessmentPartnerData"] = None, **kwargs ): - super(SecurityAssessmentMetadata, self).__init__(**kwargs) - self.display_name = display_name - self.policy_definition_id = None - self.description = description - self.remediation_description = remediation_description - self.categories = categories - self.severity = severity - self.user_impact = user_impact - self.implementation_effort = implementation_effort - self.threats = threats - self.preview = preview - self.assessment_type = assessment_type - self.partner_data = partner_data + super(SecurityAssessmentPropertiesResponse, self).__init__(resource_details=resource_details, additional_data=additional_data, metadata=metadata, partners_data=partners_data, **kwargs) + self.status = status -class SecurityAssessmentMetadataList(msrest.serialization.Model): - """List of security assessment metadata. +class SecurityAssessmentResponse(Resource): + """Security assessment on a resource - response format. Variables are only populated by the server, and will be ignored when sending a request. - :ivar value: - :vartype value: list[~azure.mgmt.security.models.SecurityAssessmentMetadata] - :ivar next_link: The URI to fetch the next page. - :vartype next_link: str + :ivar id: Resource Id. + :vartype id: str + :ivar name: Resource name. + :vartype name: str + :ivar type: Resource type. + :vartype type: str + :param resource_details: Details of the resource that was assessed. + :type resource_details: ~azure.mgmt.security.models.ResourceDetails + :ivar display_name: User friendly display name of the assessment. + :vartype display_name: str + :param additional_data: Additional data regarding the assessment. + :type additional_data: dict[str, str] + :ivar links: Links relevant to the assessment. + :vartype links: ~azure.mgmt.security.models.AssessmentLinks + :param metadata: Describes properties of an assessment metadata. + :type metadata: ~azure.mgmt.security.models.SecurityAssessmentMetadataProperties + :param partners_data: Data regarding 3rd party partner integration. + :type partners_data: ~azure.mgmt.security.models.SecurityAssessmentPartnerData + :param status: The result of the assessment. + :type status: ~azure.mgmt.security.models.AssessmentStatusResponse """ _validation = { - 'value': {'readonly': True}, - 'next_link': {'readonly': True}, + 'id': {'readonly': True}, + 'name': {'readonly': True}, + 'type': {'readonly': True}, + 'display_name': {'readonly': True}, + 'links': {'readonly': True}, } _attribute_map = { - 'value': {'key': 'value', 'type': '[SecurityAssessmentMetadata]'}, - 'next_link': {'key': 'nextLink', 'type': 'str'}, + 'id': {'key': 'id', 'type': 'str'}, + 'name': {'key': 'name', 'type': 'str'}, + 'type': {'key': 'type', 'type': 'str'}, + 'resource_details': {'key': 'properties.resourceDetails', 'type': 'ResourceDetails'}, + 'display_name': {'key': 'properties.displayName', 'type': 'str'}, + 'additional_data': {'key': 'properties.additionalData', 'type': '{str}'}, + 'links': {'key': 'properties.links', 'type': 'AssessmentLinks'}, + 'metadata': {'key': 'properties.metadata', 'type': 'SecurityAssessmentMetadataProperties'}, + 'partners_data': {'key': 'properties.partnersData', 'type': 'SecurityAssessmentPartnerData'}, + 'status': {'key': 'properties.status', 'type': 'AssessmentStatusResponse'}, } def __init__( self, + *, + resource_details: Optional["ResourceDetails"] = None, + additional_data: Optional[Dict[str, str]] = None, + metadata: Optional["SecurityAssessmentMetadataProperties"] = None, + partners_data: Optional["SecurityAssessmentPartnerData"] = None, + status: Optional["AssessmentStatusResponse"] = None, **kwargs ): - super(SecurityAssessmentMetadataList, self).__init__(**kwargs) - self.value = None - self.next_link = None + super(SecurityAssessmentResponse, self).__init__(**kwargs) + self.resource_details = resource_details + self.display_name = None + self.additional_data = additional_data + self.links = None + self.metadata = metadata + self.partners_data = partners_data + self.status = status -class SecurityAssessmentMetadataPartnerData(msrest.serialization.Model): - """Describes the partner that created the assessment. +class SecurityConnector(TrackedResource): + """The security connector resource. - All required parameters must be populated in order to send to Azure. + Variables are only populated by the server, and will be ignored when sending a request. - :param partner_name: Required. Name of the company of the partner. - :type partner_name: str - :param product_name: Name of the product of the partner that created the assessment. - :type product_name: str - :param secret: Required. Secret to authenticate the partner and verify it created the - assessment - write only. - :type secret: str + :param tags: A set of tags. A list of key value pairs that describe the resource. + :type tags: dict[str, str] + :param etag: Entity tag is used for comparing two or more entities from the same requested + resource. + :type etag: str + :param kind: Kind of the resource. + :type kind: str + :param location: Location where the resource is stored. + :type location: str + :ivar id: Resource Id. + :vartype id: str + :ivar name: Resource name. + :vartype name: str + :ivar type: Resource type. + :vartype type: str + :ivar system_data: Azure Resource Manager metadata containing createdBy and modifiedBy + information. + :vartype system_data: ~azure.mgmt.security.models.SystemData + :param hierarchy_identifier: The multi cloud resource identifier (account id in case of AWS + connector). + :type hierarchy_identifier: str + :param cloud_name: The multi cloud resource's cloud name. Possible values include: "Azure", + "AWS", "GCP". + :type cloud_name: str or ~azure.mgmt.security.models.CloudName + :param offerings: A collection of offerings for the security connector. + :type offerings: list[~azure.mgmt.security.models.CloudOffering] + :param organizational_data: The multi cloud account's organizational data. + :type organizational_data: + ~azure.mgmt.security.models.SecurityConnectorPropertiesOrganizationalData """ _validation = { - 'partner_name': {'required': True}, - 'secret': {'required': True}, + 'id': {'readonly': True}, + 'name': {'readonly': True}, + 'type': {'readonly': True}, + 'system_data': {'readonly': True}, } _attribute_map = { - 'partner_name': {'key': 'partnerName', 'type': 'str'}, - 'product_name': {'key': 'productName', 'type': 'str'}, - 'secret': {'key': 'secret', 'type': 'str'}, + 'tags': {'key': 'tags', 'type': '{str}'}, + 'etag': {'key': 'etag', 'type': 'str'}, + 'kind': {'key': 'kind', 'type': 'str'}, + 'location': {'key': 'location', 'type': 'str'}, + 'id': {'key': 'id', 'type': 'str'}, + 'name': {'key': 'name', 'type': 'str'}, + 'type': {'key': 'type', 'type': 'str'}, + 'system_data': {'key': 'systemData', 'type': 'SystemData'}, + 'hierarchy_identifier': {'key': 'properties.hierarchyIdentifier', 'type': 'str'}, + 'cloud_name': {'key': 'properties.cloudName', 'type': 'str'}, + 'offerings': {'key': 'properties.offerings', 'type': '[CloudOffering]'}, + 'organizational_data': {'key': 'properties.organizationalData', 'type': 'SecurityConnectorPropertiesOrganizationalData'}, } def __init__( self, *, - partner_name: str, - secret: str, - product_name: Optional[str] = None, + tags: Optional[Dict[str, str]] = None, + etag: Optional[str] = None, + kind: Optional[str] = None, + location: Optional[str] = None, + hierarchy_identifier: Optional[str] = None, + cloud_name: Optional[Union[str, "CloudName"]] = None, + offerings: Optional[List["CloudOffering"]] = None, + organizational_data: Optional["SecurityConnectorPropertiesOrganizationalData"] = None, **kwargs ): - super(SecurityAssessmentMetadataPartnerData, self).__init__(**kwargs) - self.partner_name = partner_name - self.product_name = product_name - self.secret = secret - - -class SecurityAssessmentMetadataProperties(msrest.serialization.Model): - """Describes properties of an assessment metadata. + super(SecurityConnector, self).__init__(tags=tags, etag=etag, kind=kind, location=location, **kwargs) + self.system_data = None + self.hierarchy_identifier = hierarchy_identifier + self.cloud_name = cloud_name + self.offerings = offerings + self.organizational_data = organizational_data - Variables are only populated by the server, and will be ignored when sending a request. - All required parameters must be populated in order to send to Azure. +class SecurityConnectorPropertiesOrganizationalData(msrest.serialization.Model): + """The multi cloud account's organizational data. - :param display_name: Required. User friendly display name of the assessment. - :type display_name: str - :ivar policy_definition_id: Azure resource ID of the policy definition that turns this - assessment calculation on. - :vartype policy_definition_id: str - :param description: Human readable description of the assessment. - :type description: str - :param remediation_description: Human readable description of what you should do to mitigate - this security issue. - :type remediation_description: str - :param categories: - :type categories: list[str or ~azure.mgmt.security.models.Categories] - :param severity: Required. The severity level of the assessment. Possible values include: - "Low", "Medium", "High". - :type severity: str or ~azure.mgmt.security.models.Severity - :param user_impact: The user impact of the assessment. Possible values include: "Low", - "Moderate", "High". - :type user_impact: str or ~azure.mgmt.security.models.UserImpact - :param implementation_effort: The implementation effort required to remediate this assessment. - Possible values include: "Low", "Moderate", "High". - :type implementation_effort: str or ~azure.mgmt.security.models.ImplementationEffort - :param threats: - :type threats: list[str or ~azure.mgmt.security.models.Threats] - :param preview: True if this assessment is in preview release status. - :type preview: bool - :param assessment_type: Required. BuiltIn if the assessment based on built-in Azure Policy - definition, Custom if the assessment based on custom Azure Policy definition. Possible values - include: "BuiltIn", "CustomPolicy", "CustomerManaged", "VerifiedPartner". - :type assessment_type: str or ~azure.mgmt.security.models.AssessmentType - :param partner_data: Describes the partner that created the assessment. - :type partner_data: ~azure.mgmt.security.models.SecurityAssessmentMetadataPartnerData + :param organization_membership_type: The multi cloud account's membership type in the + organization. Possible values include: "Member", "Organization". + :type organization_membership_type: str or + ~azure.mgmt.security.models.OrganizationMembershipType + :param parent_hierarchy_id: If the multi cloud account is not of membership type organization, + this will be the ID of the account's parent. + :type parent_hierarchy_id: str + :param stackset_name: If the multi cloud account is of membership type organization, this will + be the name of the onboarding stackset. + :type stackset_name: str + :param excluded_account_ids: If the multi cloud account is of membership type organization, + list of accounts excluded from offering. + :type excluded_account_ids: list[str] """ - _validation = { - 'display_name': {'required': True}, - 'policy_definition_id': {'readonly': True}, - 'severity': {'required': True}, - 'assessment_type': {'required': True}, - } - _attribute_map = { - 'display_name': {'key': 'displayName', 'type': 'str'}, - 'policy_definition_id': {'key': 'policyDefinitionId', 'type': 'str'}, - 'description': {'key': 'description', 'type': 'str'}, - 'remediation_description': {'key': 'remediationDescription', 'type': 'str'}, - 'categories': {'key': 'categories', 'type': '[str]'}, - 'severity': {'key': 'severity', 'type': 'str'}, - 'user_impact': {'key': 'userImpact', 'type': 'str'}, - 'implementation_effort': {'key': 'implementationEffort', 'type': 'str'}, - 'threats': {'key': 'threats', 'type': '[str]'}, - 'preview': {'key': 'preview', 'type': 'bool'}, - 'assessment_type': {'key': 'assessmentType', 'type': 'str'}, - 'partner_data': {'key': 'partnerData', 'type': 'SecurityAssessmentMetadataPartnerData'}, + 'organization_membership_type': {'key': 'organizationMembershipType', 'type': 'str'}, + 'parent_hierarchy_id': {'key': 'parentHierarchyId', 'type': 'str'}, + 'stackset_name': {'key': 'stacksetName', 'type': 'str'}, + 'excluded_account_ids': {'key': 'excludedAccountIds', 'type': '[str]'}, } def __init__( self, *, - display_name: str, - severity: Union[str, "Severity"], - assessment_type: Union[str, "AssessmentType"], - description: Optional[str] = None, - remediation_description: Optional[str] = None, - categories: Optional[List[Union[str, "Categories"]]] = None, - user_impact: Optional[Union[str, "UserImpact"]] = None, - implementation_effort: Optional[Union[str, "ImplementationEffort"]] = None, - threats: Optional[List[Union[str, "Threats"]]] = None, - preview: Optional[bool] = None, - partner_data: Optional["SecurityAssessmentMetadataPartnerData"] = None, + organization_membership_type: Optional[Union[str, "OrganizationMembershipType"]] = None, + parent_hierarchy_id: Optional[str] = None, + stackset_name: Optional[str] = None, + excluded_account_ids: Optional[List[str]] = None, **kwargs ): - super(SecurityAssessmentMetadataProperties, self).__init__(**kwargs) - self.display_name = display_name - self.policy_definition_id = None - self.description = description - self.remediation_description = remediation_description - self.categories = categories - self.severity = severity - self.user_impact = user_impact - self.implementation_effort = implementation_effort - self.threats = threats - self.preview = preview - self.assessment_type = assessment_type - self.partner_data = partner_data + super(SecurityConnectorPropertiesOrganizationalData, self).__init__(**kwargs) + self.organization_membership_type = organization_membership_type + self.parent_hierarchy_id = parent_hierarchy_id + self.stackset_name = stackset_name + self.excluded_account_ids = excluded_account_ids -class SecurityAssessmentPartnerData(msrest.serialization.Model): - """Data regarding 3rd party partner integration. +class SecurityConnectorsList(msrest.serialization.Model): + """List of security connectors response. + + Variables are only populated by the server, and will be ignored when sending a request. All required parameters must be populated in order to send to Azure. - :param partner_name: Required. Name of the company of the partner. - :type partner_name: str - :param secret: Required. secret to authenticate the partner - write only. - :type secret: str + :param value: Required. The list of security connectors under the given scope. + :type value: list[~azure.mgmt.security.models.SecurityConnector] + :ivar next_link: The URI to fetch the next page. + :vartype next_link: str """ _validation = { - 'partner_name': {'required': True}, - 'secret': {'required': True}, + 'value': {'required': True}, + 'next_link': {'readonly': True}, } _attribute_map = { - 'partner_name': {'key': 'partnerName', 'type': 'str'}, - 'secret': {'key': 'secret', 'type': 'str'}, + 'value': {'key': 'value', 'type': '[SecurityConnector]'}, + 'next_link': {'key': 'nextLink', 'type': 'str'}, } def __init__( self, *, - partner_name: str, - secret: str, + value: List["SecurityConnector"], **kwargs ): - super(SecurityAssessmentPartnerData, self).__init__(**kwargs) - self.partner_name = partner_name - self.secret = secret + super(SecurityConnectorsList, self).__init__(**kwargs) + self.value = value + self.next_link = None class SecurityContact(Resource): diff --git a/sdk/security/azure-mgmt-security/azure/mgmt/security/models/_security_center_enums.py b/sdk/security/azure-mgmt-security/azure/mgmt/security/models/_security_center_enums.py index 5a8510226b69..320fc7953e08 100644 --- a/sdk/security/azure-mgmt-security/azure/mgmt/security/models/_security_center_enums.py +++ b/sdk/security/azure-mgmt-security/azure/mgmt/security/models/_security_center_enums.py @@ -200,6 +200,14 @@ class Categories(with_metaclass(_CaseInsensitiveEnumMeta, str, Enum)): IDENTITY_AND_ACCESS = "IdentityAndAccess" IO_T = "IoT" +class CloudName(with_metaclass(_CaseInsensitiveEnumMeta, str, Enum)): + """The multi cloud resource's cloud name. + """ + + AZURE = "Azure" + AWS = "AWS" + GCP = "GCP" + class ConfigurationStatus(with_metaclass(_CaseInsensitiveEnumMeta, str, Enum)): """The configuration status of the machines group or machine or rule """ @@ -271,7 +279,7 @@ class EnforcementSupport(with_metaclass(_CaseInsensitiveEnumMeta, str, Enum)): NOT_SUPPORTED = "NotSupported" UNKNOWN = "Unknown" -class Enum13(with_metaclass(_CaseInsensitiveEnumMeta, str, Enum)): +class Enum17(with_metaclass(_CaseInsensitiveEnumMeta, str, Enum)): ACTIVATE = "Activate" DISMISS = "Dismiss" @@ -279,12 +287,12 @@ class Enum13(with_metaclass(_CaseInsensitiveEnumMeta, str, Enum)): RESOLVE = "Resolve" CLOSE = "Close" -class Enum15(with_metaclass(_CaseInsensitiveEnumMeta, str, Enum)): +class Enum19(with_metaclass(_CaseInsensitiveEnumMeta, str, Enum)): EFFECTIVE = "effective" CUSTOM = "custom" -class Enum69(with_metaclass(_CaseInsensitiveEnumMeta, str, Enum)): +class Enum75(with_metaclass(_CaseInsensitiveEnumMeta, str, Enum)): MCAS = "MCAS" WDATP = "WDATP" @@ -296,7 +304,9 @@ class EventSource(with_metaclass(_CaseInsensitiveEnumMeta, str, Enum)): """ ASSESSMENTS = "Assessments" + ASSESSMENTS_SNAPSHOT = "AssessmentsSnapshot" SUB_ASSESSMENTS = "SubAssessments" + SUB_ASSESSMENTS_SNAPSHOT = "SubAssessmentsSnapshot" ALERTS = "Alerts" SECURE_SCORES = "SecureScores" SECURE_SCORES_SNAPSHOT = "SecureScoresSnapshot" @@ -360,6 +370,14 @@ class ImplementationEffort(with_metaclass(_CaseInsensitiveEnumMeta, str, Enum)): MODERATE = "Moderate" HIGH = "High" +class ImplementationEffortEnum(with_metaclass(_CaseInsensitiveEnumMeta, str, Enum)): + """The implementation effort to relate to the assessments generated by this assessment automation. + """ + + HIGH = "High" + MODERATE = "Moderate" + LOW = "Low" + class Intent(with_metaclass(_CaseInsensitiveEnumMeta, str, Enum)): """The kill chain related intent behind the alert. For list of supported values, and explanations of Azure Security Center's supported kill chain intents. @@ -425,6 +443,14 @@ class KindEnum(with_metaclass(_CaseInsensitiveEnumMeta, str, Enum)): #: Simulate alerts according to bundles. BUNDLES = "Bundles" +class OfferingType(with_metaclass(_CaseInsensitiveEnumMeta, str, Enum)): + """The type of the security offering. + """ + + CSPM_MONITOR_AWS = "CspmMonitorAws" + DEFENDER_FOR_CONTAINERS_AWS = "DefenderForContainersAws" + DEFENDER_FOR_SERVERS_AWS = "DefenderForServersAws" + class Operator(with_metaclass(_CaseInsensitiveEnumMeta, str, Enum)): """A valid comparer operator to use. A case-insensitive comparison will be applied for String PropertyType. @@ -449,6 +475,13 @@ class Operator(with_metaclass(_CaseInsensitiveEnumMeta, str, Enum)): #: Applies only for non-decimal operands. ENDS_WITH = "EndsWith" +class OrganizationMembershipType(with_metaclass(_CaseInsensitiveEnumMeta, str, Enum)): + """The multi cloud account's membership type in the organization + """ + + MEMBER = "Member" + ORGANIZATION = "Organization" + class PermissionProperty(with_metaclass(_CaseInsensitiveEnumMeta, str, Enum)): """A permission detected in the cloud account. """ @@ -723,6 +756,14 @@ class Severity(with_metaclass(_CaseInsensitiveEnumMeta, str, Enum)): MEDIUM = "Medium" HIGH = "High" +class SeverityEnum(with_metaclass(_CaseInsensitiveEnumMeta, str, Enum)): + """The severity to relate to the assessments generated by this assessment automation. + """ + + HIGH = "High" + MEDIUM = "Medium" + LOW = "Low" + class Source(with_metaclass(_CaseInsensitiveEnumMeta, str, Enum)): """The platform where the assessed resource resides """ @@ -784,6 +825,140 @@ class SubAssessmentStatusCode(with_metaclass(_CaseInsensitiveEnumMeta, str, Enum #: Assessment for this resource did not happen. NOT_APPLICABLE = "NotApplicable" +class SupportedCloudEnum(with_metaclass(_CaseInsensitiveEnumMeta, str, Enum)): + """Relevant cloud for the custom assessment automation. + """ + + AWS = "AWS" + +class Tactics(with_metaclass(_CaseInsensitiveEnumMeta, str, Enum)): + """Tactic of the assessment + """ + + RECONNAISSANCE = "Reconnaissance" + RESOURCE_DEVELOPMENT = "Resource Development" + INITIAL_ACCESS = "Initial Access" + EXECUTION = "Execution" + PERSISTENCE = "Persistence" + PRIVILEGE_ESCALATION = "Privilege Escalation" + DEFENSE_EVASION = "Defense Evasion" + CREDENTIAL_ACCESS = "Credential Access" + DISCOVERY = "Discovery" + LATERAL_MOVEMENT = "Lateral Movement" + COLLECTION = "Collection" + COMMAND_AND_CONTROL = "Command and Control" + EXFILTRATION = "Exfiltration" + IMPACT = "Impact" + +class Techniques(with_metaclass(_CaseInsensitiveEnumMeta, str, Enum)): + """Techniques of the assessment + """ + + ABUSE_ELEVATION_CONTROL_MECHANISM = "Abuse Elevation Control Mechanism" + ACCESS_TOKEN_MANIPULATION = "Access Token Manipulation" + ACCOUNT_DISCOVERY = "Account Discovery" + ACCOUNT_MANIPULATION = "Account Manipulation" + ACTIVE_SCANNING = "Active Scanning" + APPLICATION_LAYER_PROTOCOL = "Application Layer Protocol" + AUDIO_CAPTURE = "Audio Capture" + BOOT_OR_LOGON_AUTOSTART_EXECUTION = "Boot or Logon Autostart Execution" + BOOT_OR_LOGON_INITIALIZATION_SCRIPTS = "Boot or Logon Initialization Scripts" + BRUTE_FORCE = "Brute Force" + CLOUD_INFRASTRUCTURE_DISCOVERY = "Cloud Infrastructure Discovery" + CLOUD_SERVICE_DASHBOARD = "Cloud Service Dashboard" + CLOUD_SERVICE_DISCOVERY = "Cloud Service Discovery" + COMMAND_AND_SCRIPTING_INTERPRETER = "Command and Scripting Interpreter" + COMPROMISE_CLIENT_SOFTWARE_BINARY = "Compromise Client Software Binary" + COMPROMISE_INFRASTRUCTURE = "Compromise Infrastructure" + CONTAINER_AND_RESOURCE_DISCOVERY = "Container and Resource Discovery" + CREATE_ACCOUNT = "Create Account" + CREATE_OR_MODIFY_SYSTEM_PROCESS = "Create or Modify System Process" + CREDENTIALS_FROM_PASSWORD_STORES = "Credentials from Password Stores" + DATA_DESTRUCTION = "Data Destruction" + DATA_ENCRYPTED_FOR_IMPACT = "Data Encrypted for Impact" + DATA_FROM_CLOUD_STORAGE_OBJECT = "Data from Cloud Storage Object" + DATA_FROM_CONFIGURATION_REPOSITORY = "Data from Configuration Repository" + DATA_FROM_INFORMATION_REPOSITORIES = "Data from Information Repositories" + DATA_FROM_LOCAL_SYSTEM = "Data from Local System" + DATA_MANIPULATION = "Data Manipulation" + DATA_STAGED = "Data Staged" + DEFACEMENT = "Defacement" + DEOBFUSCATE_DECODE_FILES_OR_INFORMATION = "Deobfuscate/Decode Files or Information" + DISK_WIPE = "Disk Wipe" + DOMAIN_TRUST_DISCOVERY = "Domain Trust Discovery" + DRIVE_BY_COMPROMISE = "Drive-by Compromise" + DYNAMIC_RESOLUTION = "Dynamic Resolution" + ENDPOINT_DENIAL_OF_SERVICE = "Endpoint Denial of Service" + EVENT_TRIGGERED_EXECUTION = "Event Triggered Execution" + EXFILTRATION_OVER_ALTERNATIVE_PROTOCOL = "Exfiltration Over Alternative Protocol" + EXPLOIT_PUBLIC_FACING_APPLICATION = "Exploit Public-Facing Application" + EXPLOITATION_FOR_CLIENT_EXECUTION = "Exploitation for Client Execution" + EXPLOITATION_FOR_CREDENTIAL_ACCESS = "Exploitation for Credential Access" + EXPLOITATION_FOR_DEFENSE_EVASION = "Exploitation for Defense Evasion" + EXPLOITATION_FOR_PRIVILEGE_ESCALATION = "Exploitation for Privilege Escalation" + EXPLOITATION_OF_REMOTE_SERVICES = "Exploitation of Remote Services" + EXTERNAL_REMOTE_SERVICES = "External Remote Services" + FALLBACK_CHANNELS = "Fallback Channels" + FILE_AND_DIRECTORY_DISCOVERY = "File and Directory Discovery" + GATHER_VICTIM_NETWORK_INFORMATION = "Gather Victim Network Information" + HIDE_ARTIFACTS = "Hide Artifacts" + HIJACK_EXECUTION_FLOW = "Hijack Execution Flow" + IMPAIR_DEFENSES = "Impair Defenses" + IMPLANT_CONTAINER_IMAGE = "Implant Container Image" + INDICATOR_REMOVAL_ON_HOST = "Indicator Removal on Host" + INDIRECT_COMMAND_EXECUTION = "Indirect Command Execution" + INGRESS_TOOL_TRANSFER = "Ingress Tool Transfer" + INPUT_CAPTURE = "Input Capture" + INTER_PROCESS_COMMUNICATION = "Inter-Process Communication" + LATERAL_TOOL_TRANSFER = "Lateral Tool Transfer" + MAN_IN_THE_MIDDLE = "Man-in-the-Middle" + MASQUERADING = "Masquerading" + MODIFY_AUTHENTICATION_PROCESS = "Modify Authentication Process" + MODIFY_REGISTRY = "Modify Registry" + NETWORK_DENIAL_OF_SERVICE = "Network Denial of Service" + NETWORK_SERVICE_SCANNING = "Network Service Scanning" + NETWORK_SNIFFING = "Network Sniffing" + NON_APPLICATION_LAYER_PROTOCOL = "Non-Application Layer Protocol" + NON_STANDARD_PORT = "Non-Standard Port" + OBTAIN_CAPABILITIES = "Obtain Capabilities" + OBFUSCATED_FILES_OR_INFORMATION = "Obfuscated Files or Information" + OFFICE_APPLICATION_STARTUP = "Office Application Startup" + OS_CREDENTIAL_DUMPING = "OS Credential Dumping" + PERMISSION_GROUPS_DISCOVERY = "Permission Groups Discovery" + PHISHING = "Phishing" + PRE_OS_BOOT = "Pre-OS Boot" + PROCESS_DISCOVERY = "Process Discovery" + PROCESS_INJECTION = "Process Injection" + PROTOCOL_TUNNELING = "Protocol Tunneling" + PROXY = "Proxy" + QUERY_REGISTRY = "Query Registry" + REMOTE_ACCESS_SOFTWARE = "Remote Access Software" + REMOTE_SERVICE_SESSION_HIJACKING = "Remote Service Session Hijacking" + REMOTE_SERVICES = "Remote Services" + REMOTE_SYSTEM_DISCOVERY = "Remote System Discovery" + RESOURCE_HIJACKING = "Resource Hijacking" + SCHEDULED_TASK_JOB = "Scheduled Task/Job" + SCREEN_CAPTURE = "Screen Capture" + SEARCH_VICTIM_OWNED_WEBSITES = "Search Victim-Owned Websites" + SERVER_SOFTWARE_COMPONENT = "Server Software Component" + SERVICE_STOP = "Service Stop" + SIGNED_BINARY_PROXY_EXECUTION = "Signed Binary Proxy Execution" + SOFTWARE_DEPLOYMENT_TOOLS = "Software Deployment Tools" + SQL_STORED_PROCEDURES = "SQL Stored Procedures" + STEAL_OR_FORGE_KERBEROS_TICKETS = "Steal or Forge Kerberos Tickets" + SUBVERT_TRUST_CONTROLS = "Subvert Trust Controls" + SUPPLY_CHAIN_COMPROMISE = "Supply Chain Compromise" + SYSTEM_INFORMATION_DISCOVERY = "System Information Discovery" + TAINT_SHARED_CONTENT = "Taint Shared Content" + TRAFFIC_SIGNALING = "Traffic Signaling" + TRANSFER_DATA_TO_CLOUD_ACCOUNT = "Transfer Data to Cloud Account" + TRUSTED_RELATIONSHIP = "Trusted Relationship" + UNSECURED_CREDENTIALS = "Unsecured Credentials" + USER_EXECUTION = "User Execution" + VALID_ACCOUNTS = "Valid Accounts" + WINDOWS_MANAGEMENT_INSTRUMENTATION = "Windows Management Instrumentation" + FILE_AND_DIRECTORY_PERMISSIONS_MODIFICATION = "File and Directory Permissions Modification" + class Threats(with_metaclass(_CaseInsensitiveEnumMeta, str, Enum)): """Threats impact of the assessment """ @@ -819,6 +994,14 @@ class UserImpact(with_metaclass(_CaseInsensitiveEnumMeta, str, Enum)): MODERATE = "Moderate" HIGH = "High" +class UserImpactEnum(with_metaclass(_CaseInsensitiveEnumMeta, str, Enum)): + """The user impact to relate to the assessments generated by this assessment automation. + """ + + HIGH = "High" + MODERATE = "Moderate" + LOW = "Low" + class ValueType(with_metaclass(_CaseInsensitiveEnumMeta, str, Enum)): """The value type of the items in the list. """ diff --git a/sdk/security/azure-mgmt-security/azure/mgmt/security/operations/__init__.py b/sdk/security/azure-mgmt-security/azure/mgmt/security/operations/__init__.py index 65df4fa5ef35..e0a22181ca00 100644 --- a/sdk/security/azure-mgmt-security/azure/mgmt/security/operations/__init__.py +++ b/sdk/security/azure-mgmt-security/azure/mgmt/security/operations/__init__.py @@ -6,6 +6,9 @@ # Changes may cause incorrect behavior and will be lost if the code is regenerated. # -------------------------------------------------------------------------- +from ._mde_onboardings_operations import MdeOnboardingsOperations +from ._custom_assessment_automations_operations import CustomAssessmentAutomationsOperations +from ._custom_entity_store_assignments_operations import CustomEntityStoreAssignmentsOperations from ._compliance_results_operations import ComplianceResultsOperations from ._pricings_operations import PricingsOperations from ._advanced_threat_protection_operations import AdvancedThreatProtectionOperations @@ -51,8 +54,12 @@ from ._settings_operations import SettingsOperations from ._ingestion_settings_operations import IngestionSettingsOperations from ._software_inventories_operations import SoftwareInventoriesOperations +from ._security_connectors_operations import SecurityConnectorsOperations __all__ = [ + 'MdeOnboardingsOperations', + 'CustomAssessmentAutomationsOperations', + 'CustomEntityStoreAssignmentsOperations', 'ComplianceResultsOperations', 'PricingsOperations', 'AdvancedThreatProtectionOperations', @@ -98,4 +105,5 @@ 'SettingsOperations', 'IngestionSettingsOperations', 'SoftwareInventoriesOperations', + 'SecurityConnectorsOperations', ] diff --git a/sdk/security/azure-mgmt-security/azure/mgmt/security/operations/_assessments_metadata_operations.py b/sdk/security/azure-mgmt-security/azure/mgmt/security/operations/_assessments_metadata_operations.py index df24fe791662..5275fc883a14 100644 --- a/sdk/security/azure-mgmt-security/azure/mgmt/security/operations/_assessments_metadata_operations.py +++ b/sdk/security/azure-mgmt-security/azure/mgmt/security/operations/_assessments_metadata_operations.py @@ -49,20 +49,20 @@ def list( self, **kwargs # type: Any ): - # type: (...) -> Iterable["_models.SecurityAssessmentMetadataList"] + # type: (...) -> Iterable["_models.SecurityAssessmentMetadataResponseList"] """Get metadata information on all assessment types. :keyword callable cls: A custom type or function that will be passed the direct response - :return: An iterator like instance of either SecurityAssessmentMetadataList or the result of cls(response) - :rtype: ~azure.core.paging.ItemPaged[~azure.mgmt.security.models.SecurityAssessmentMetadataList] + :return: An iterator like instance of either SecurityAssessmentMetadataResponseList or the result of cls(response) + :rtype: ~azure.core.paging.ItemPaged[~azure.mgmt.security.models.SecurityAssessmentMetadataResponseList] :raises: ~azure.core.exceptions.HttpResponseError """ - cls = kwargs.pop('cls', None) # type: ClsType["_models.SecurityAssessmentMetadataList"] + cls = kwargs.pop('cls', None) # type: ClsType["_models.SecurityAssessmentMetadataResponseList"] error_map = { 401: ClientAuthenticationError, 404: ResourceNotFoundError, 409: ResourceExistsError } error_map.update(kwargs.pop('error_map', {})) - api_version = "2020-01-01" + api_version = "2021-06-01" accept = "application/json" def prepare_request(next_link=None): @@ -85,7 +85,7 @@ def prepare_request(next_link=None): return request def extract_data(pipeline_response): - deserialized = self._deserialize('SecurityAssessmentMetadataList', pipeline_response) + deserialized = self._deserialize('SecurityAssessmentMetadataResponseList', pipeline_response) list_of_elem = deserialized.value if cls: list_of_elem = cls(list_of_elem) @@ -113,22 +113,22 @@ def get( assessment_metadata_name, # type: str **kwargs # type: Any ): - # type: (...) -> "_models.SecurityAssessmentMetadata" + # type: (...) -> "_models.SecurityAssessmentMetadataResponse" """Get metadata information on an assessment type. :param assessment_metadata_name: The Assessment Key - Unique key for the assessment type. :type assessment_metadata_name: str :keyword callable cls: A custom type or function that will be passed the direct response - :return: SecurityAssessmentMetadata, or the result of cls(response) - :rtype: ~azure.mgmt.security.models.SecurityAssessmentMetadata + :return: SecurityAssessmentMetadataResponse, or the result of cls(response) + :rtype: ~azure.mgmt.security.models.SecurityAssessmentMetadataResponse :raises: ~azure.core.exceptions.HttpResponseError """ - cls = kwargs.pop('cls', None) # type: ClsType["_models.SecurityAssessmentMetadata"] + cls = kwargs.pop('cls', None) # type: ClsType["_models.SecurityAssessmentMetadataResponse"] error_map = { 401: ClientAuthenticationError, 404: ResourceNotFoundError, 409: ResourceExistsError } error_map.update(kwargs.pop('error_map', {})) - api_version = "2020-01-01" + api_version = "2021-06-01" accept = "application/json" # Construct URL @@ -154,7 +154,7 @@ def get( map_error(status_code=response.status_code, response=response, error_map=error_map) raise HttpResponseError(response=response, error_format=ARMErrorFormat) - deserialized = self._deserialize('SecurityAssessmentMetadata', pipeline_response) + deserialized = self._deserialize('SecurityAssessmentMetadataResponse', pipeline_response) if cls: return cls(pipeline_response, deserialized, {}) @@ -166,20 +166,20 @@ def list_by_subscription( self, **kwargs # type: Any ): - # type: (...) -> Iterable["_models.SecurityAssessmentMetadataList"] + # type: (...) -> Iterable["_models.SecurityAssessmentMetadataResponseList"] """Get metadata information on all assessment types in a specific subscription. :keyword callable cls: A custom type or function that will be passed the direct response - :return: An iterator like instance of either SecurityAssessmentMetadataList or the result of cls(response) - :rtype: ~azure.core.paging.ItemPaged[~azure.mgmt.security.models.SecurityAssessmentMetadataList] + :return: An iterator like instance of either SecurityAssessmentMetadataResponseList or the result of cls(response) + :rtype: ~azure.core.paging.ItemPaged[~azure.mgmt.security.models.SecurityAssessmentMetadataResponseList] :raises: ~azure.core.exceptions.HttpResponseError """ - cls = kwargs.pop('cls', None) # type: ClsType["_models.SecurityAssessmentMetadataList"] + cls = kwargs.pop('cls', None) # type: ClsType["_models.SecurityAssessmentMetadataResponseList"] error_map = { 401: ClientAuthenticationError, 404: ResourceNotFoundError, 409: ResourceExistsError } error_map.update(kwargs.pop('error_map', {})) - api_version = "2020-01-01" + api_version = "2021-06-01" accept = "application/json" def prepare_request(next_link=None): @@ -206,7 +206,7 @@ def prepare_request(next_link=None): return request def extract_data(pipeline_response): - deserialized = self._deserialize('SecurityAssessmentMetadataList', pipeline_response) + deserialized = self._deserialize('SecurityAssessmentMetadataResponseList', pipeline_response) list_of_elem = deserialized.value if cls: list_of_elem = cls(list_of_elem) @@ -234,22 +234,22 @@ def get_in_subscription( assessment_metadata_name, # type: str **kwargs # type: Any ): - # type: (...) -> "_models.SecurityAssessmentMetadata" + # type: (...) -> "_models.SecurityAssessmentMetadataResponse" """Get metadata information on an assessment type in a specific subscription. :param assessment_metadata_name: The Assessment Key - Unique key for the assessment type. :type assessment_metadata_name: str :keyword callable cls: A custom type or function that will be passed the direct response - :return: SecurityAssessmentMetadata, or the result of cls(response) - :rtype: ~azure.mgmt.security.models.SecurityAssessmentMetadata + :return: SecurityAssessmentMetadataResponse, or the result of cls(response) + :rtype: ~azure.mgmt.security.models.SecurityAssessmentMetadataResponse :raises: ~azure.core.exceptions.HttpResponseError """ - cls = kwargs.pop('cls', None) # type: ClsType["_models.SecurityAssessmentMetadata"] + cls = kwargs.pop('cls', None) # type: ClsType["_models.SecurityAssessmentMetadataResponse"] error_map = { 401: ClientAuthenticationError, 404: ResourceNotFoundError, 409: ResourceExistsError } error_map.update(kwargs.pop('error_map', {})) - api_version = "2020-01-01" + api_version = "2021-06-01" accept = "application/json" # Construct URL @@ -276,7 +276,7 @@ def get_in_subscription( map_error(status_code=response.status_code, response=response, error_map=error_map) raise HttpResponseError(response=response, error_format=ARMErrorFormat) - deserialized = self._deserialize('SecurityAssessmentMetadata', pipeline_response) + deserialized = self._deserialize('SecurityAssessmentMetadataResponse', pipeline_response) if cls: return cls(pipeline_response, deserialized, {}) @@ -287,27 +287,27 @@ def get_in_subscription( def create_in_subscription( self, assessment_metadata_name, # type: str - assessment_metadata, # type: "_models.SecurityAssessmentMetadata" + assessment_metadata, # type: "_models.SecurityAssessmentMetadataResponse" **kwargs # type: Any ): - # type: (...) -> "_models.SecurityAssessmentMetadata" + # type: (...) -> "_models.SecurityAssessmentMetadataResponse" """Create metadata information on an assessment type in a specific subscription. :param assessment_metadata_name: The Assessment Key - Unique key for the assessment type. :type assessment_metadata_name: str :param assessment_metadata: AssessmentMetadata object. - :type assessment_metadata: ~azure.mgmt.security.models.SecurityAssessmentMetadata + :type assessment_metadata: ~azure.mgmt.security.models.SecurityAssessmentMetadataResponse :keyword callable cls: A custom type or function that will be passed the direct response - :return: SecurityAssessmentMetadata, or the result of cls(response) - :rtype: ~azure.mgmt.security.models.SecurityAssessmentMetadata + :return: SecurityAssessmentMetadataResponse, or the result of cls(response) + :rtype: ~azure.mgmt.security.models.SecurityAssessmentMetadataResponse :raises: ~azure.core.exceptions.HttpResponseError """ - cls = kwargs.pop('cls', None) # type: ClsType["_models.SecurityAssessmentMetadata"] + cls = kwargs.pop('cls', None) # type: ClsType["_models.SecurityAssessmentMetadataResponse"] error_map = { 401: ClientAuthenticationError, 404: ResourceNotFoundError, 409: ResourceExistsError } error_map.update(kwargs.pop('error_map', {})) - api_version = "2020-01-01" + api_version = "2021-06-01" content_type = kwargs.pop("content_type", "application/json") accept = "application/json" @@ -329,7 +329,7 @@ def create_in_subscription( header_parameters['Accept'] = self._serialize.header("accept", accept, 'str') body_content_kwargs = {} # type: Dict[str, Any] - body_content = self._serialize.body(assessment_metadata, 'SecurityAssessmentMetadata') + body_content = self._serialize.body(assessment_metadata, 'SecurityAssessmentMetadataResponse') body_content_kwargs['content'] = body_content request = self._client.put(url, query_parameters, header_parameters, **body_content_kwargs) pipeline_response = self._client._pipeline.run(request, stream=False, **kwargs) @@ -339,7 +339,7 @@ def create_in_subscription( map_error(status_code=response.status_code, response=response, error_map=error_map) raise HttpResponseError(response=response, error_format=ARMErrorFormat) - deserialized = self._deserialize('SecurityAssessmentMetadata', pipeline_response) + deserialized = self._deserialize('SecurityAssessmentMetadataResponse', pipeline_response) if cls: return cls(pipeline_response, deserialized, {}) @@ -368,7 +368,7 @@ def delete_in_subscription( 401: ClientAuthenticationError, 404: ResourceNotFoundError, 409: ResourceExistsError } error_map.update(kwargs.pop('error_map', {})) - api_version = "2020-01-01" + api_version = "2021-06-01" accept = "application/json" # Construct URL diff --git a/sdk/security/azure-mgmt-security/azure/mgmt/security/operations/_assessments_operations.py b/sdk/security/azure-mgmt-security/azure/mgmt/security/operations/_assessments_operations.py index 0b7b28c2f6a3..52997d7f4836 100644 --- a/sdk/security/azure-mgmt-security/azure/mgmt/security/operations/_assessments_operations.py +++ b/sdk/security/azure-mgmt-security/azure/mgmt/security/operations/_assessments_operations.py @@ -67,7 +67,7 @@ def list( 401: ClientAuthenticationError, 404: ResourceNotFoundError, 409: ResourceExistsError } error_map.update(kwargs.pop('error_map', {})) - api_version = "2020-01-01" + api_version = "2021-06-01" accept = "application/json" def prepare_request(next_link=None): @@ -124,7 +124,7 @@ def get( expand=None, # type: Optional[Union[str, "_models.ExpandEnum"]] **kwargs # type: Any ): - # type: (...) -> "_models.SecurityAssessment" + # type: (...) -> "_models.SecurityAssessmentResponse" """Get a security assessment on your scanned resource. :param resource_id: The identifier of the resource. @@ -134,16 +134,16 @@ def get( :param expand: OData expand. Optional. :type expand: str or ~azure.mgmt.security.models.ExpandEnum :keyword callable cls: A custom type or function that will be passed the direct response - :return: SecurityAssessment, or the result of cls(response) - :rtype: ~azure.mgmt.security.models.SecurityAssessment + :return: SecurityAssessmentResponse, or the result of cls(response) + :rtype: ~azure.mgmt.security.models.SecurityAssessmentResponse :raises: ~azure.core.exceptions.HttpResponseError """ - cls = kwargs.pop('cls', None) # type: ClsType["_models.SecurityAssessment"] + cls = kwargs.pop('cls', None) # type: ClsType["_models.SecurityAssessmentResponse"] error_map = { 401: ClientAuthenticationError, 404: ResourceNotFoundError, 409: ResourceExistsError } error_map.update(kwargs.pop('error_map', {})) - api_version = "2020-01-01" + api_version = "2021-06-01" accept = "application/json" # Construct URL @@ -172,7 +172,7 @@ def get( map_error(status_code=response.status_code, response=response, error_map=error_map) raise HttpResponseError(response=response, error_format=ARMErrorFormat) - deserialized = self._deserialize('SecurityAssessment', pipeline_response) + deserialized = self._deserialize('SecurityAssessmentResponse', pipeline_response) if cls: return cls(pipeline_response, deserialized, {}) @@ -187,7 +187,7 @@ def create_or_update( assessment, # type: "_models.SecurityAssessment" **kwargs # type: Any ): - # type: (...) -> "_models.SecurityAssessment" + # type: (...) -> "_models.SecurityAssessmentResponse" """Create a security assessment on your resource. An assessment metadata that describes this assessment must be predefined with the same name before inserting the assessment result. @@ -198,16 +198,16 @@ def create_or_update( :param assessment: Calculated assessment on a pre-defined assessment metadata. :type assessment: ~azure.mgmt.security.models.SecurityAssessment :keyword callable cls: A custom type or function that will be passed the direct response - :return: SecurityAssessment, or the result of cls(response) - :rtype: ~azure.mgmt.security.models.SecurityAssessment + :return: SecurityAssessmentResponse, or the result of cls(response) + :rtype: ~azure.mgmt.security.models.SecurityAssessmentResponse :raises: ~azure.core.exceptions.HttpResponseError """ - cls = kwargs.pop('cls', None) # type: ClsType["_models.SecurityAssessment"] + cls = kwargs.pop('cls', None) # type: ClsType["_models.SecurityAssessmentResponse"] error_map = { 401: ClientAuthenticationError, 404: ResourceNotFoundError, 409: ResourceExistsError } error_map.update(kwargs.pop('error_map', {})) - api_version = "2020-01-01" + api_version = "2021-06-01" content_type = kwargs.pop("content_type", "application/json") accept = "application/json" @@ -240,10 +240,10 @@ def create_or_update( raise HttpResponseError(response=response, error_format=ARMErrorFormat) if response.status_code == 200: - deserialized = self._deserialize('SecurityAssessment', pipeline_response) + deserialized = self._deserialize('SecurityAssessmentResponse', pipeline_response) if response.status_code == 201: - deserialized = self._deserialize('SecurityAssessment', pipeline_response) + deserialized = self._deserialize('SecurityAssessmentResponse', pipeline_response) if cls: return cls(pipeline_response, deserialized, {}) @@ -275,7 +275,7 @@ def delete( 401: ClientAuthenticationError, 404: ResourceNotFoundError, 409: ResourceExistsError } error_map.update(kwargs.pop('error_map', {})) - api_version = "2020-01-01" + api_version = "2021-06-01" accept = "application/json" # Construct URL diff --git a/sdk/security/azure-mgmt-security/azure/mgmt/security/operations/_custom_assessment_automations_operations.py b/sdk/security/azure-mgmt-security/azure/mgmt/security/operations/_custom_assessment_automations_operations.py new file mode 100644 index 000000000000..cc64d3499ba9 --- /dev/null +++ b/sdk/security/azure-mgmt-security/azure/mgmt/security/operations/_custom_assessment_automations_operations.py @@ -0,0 +1,386 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for license information. +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is regenerated. +# -------------------------------------------------------------------------- +from typing import TYPE_CHECKING +import warnings + +from azure.core.exceptions import ClientAuthenticationError, HttpResponseError, ResourceExistsError, ResourceNotFoundError, map_error +from azure.core.paging import ItemPaged +from azure.core.pipeline import PipelineResponse +from azure.core.pipeline.transport import HttpRequest, HttpResponse +from azure.mgmt.core.exceptions import ARMErrorFormat + +from .. import models as _models + +if TYPE_CHECKING: + # pylint: disable=unused-import,ungrouped-imports + from typing import Any, Callable, Dict, Generic, Iterable, Optional, TypeVar, Union + + T = TypeVar('T') + ClsType = Optional[Callable[[PipelineResponse[HttpRequest, HttpResponse], T, Dict[str, Any]], Any]] + +class CustomAssessmentAutomationsOperations(object): + """CustomAssessmentAutomationsOperations operations. + + You should not instantiate this class directly. Instead, you should create a Client instance that + instantiates it for you and attaches it as an attribute. + + :ivar models: Alias to model classes used in this operation group. + :type models: ~azure.mgmt.security.models + :param client: Client for service requests. + :param config: Configuration of service client. + :param serializer: An object model serializer. + :param deserializer: An object model deserializer. + """ + + models = _models + + def __init__(self, client, config, serializer, deserializer): + self._client = client + self._serialize = serializer + self._deserialize = deserializer + self._config = config + + def get( + self, + resource_group_name, # type: str + custom_assessment_automation_name, # type: str + **kwargs # type: Any + ): + # type: (...) -> "_models.CustomAssessmentAutomation" + """Gets a custom assessment automation. + + Gets a single custom assessment automation by name for the provided subscription and resource + group. + + :param resource_group_name: The name of the resource group within the user's subscription. The + name is case insensitive. + :type resource_group_name: str + :param custom_assessment_automation_name: Name of the Custom Assessment Automation. + :type custom_assessment_automation_name: str + :keyword callable cls: A custom type or function that will be passed the direct response + :return: CustomAssessmentAutomation, or the result of cls(response) + :rtype: ~azure.mgmt.security.models.CustomAssessmentAutomation + :raises: ~azure.core.exceptions.HttpResponseError + """ + cls = kwargs.pop('cls', None) # type: ClsType["_models.CustomAssessmentAutomation"] + error_map = { + 401: ClientAuthenticationError, 404: ResourceNotFoundError, 409: ResourceExistsError + } + error_map.update(kwargs.pop('error_map', {})) + api_version = "2021-07-01-preview" + accept = "application/json" + + # Construct URL + url = self.get.metadata['url'] # type: ignore + path_format_arguments = { + 'subscriptionId': self._serialize.url("self._config.subscription_id", self._config.subscription_id, 'str', pattern=r'^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$'), + 'resourceGroupName': self._serialize.url("resource_group_name", resource_group_name, 'str', max_length=90, min_length=1, pattern=r'^[-\w\._\(\)]+$'), + 'customAssessmentAutomationName': self._serialize.url("custom_assessment_automation_name", custom_assessment_automation_name, 'str'), + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} # type: Dict[str, Any] + query_parameters['api-version'] = self._serialize.query("api_version", api_version, 'str') + + # Construct headers + header_parameters = {} # type: Dict[str, Any] + header_parameters['Accept'] = self._serialize.header("accept", accept, 'str') + + request = self._client.get(url, query_parameters, header_parameters) + pipeline_response = self._client._pipeline.run(request, stream=False, **kwargs) + response = pipeline_response.http_response + + if response.status_code not in [200]: + map_error(status_code=response.status_code, response=response, error_map=error_map) + raise HttpResponseError(response=response, error_format=ARMErrorFormat) + + deserialized = self._deserialize('CustomAssessmentAutomation', pipeline_response) + + if cls: + return cls(pipeline_response, deserialized, {}) + + return deserialized + get.metadata = {'url': '/subscriptions/{subscriptionId}/resourcegroups/{resourceGroupName}/providers/Microsoft.Security/customAssessmentAutomations/{customAssessmentAutomationName}'} # type: ignore + + def create( + self, + resource_group_name, # type: str + custom_assessment_automation_name, # type: str + custom_assessment_automation_body, # type: "_models.CustomAssessmentAutomationRequest" + **kwargs # type: Any + ): + # type: (...) -> "_models.CustomAssessmentAutomation" + """Creates a custom assessment automation. + + Creates or updates a custom assessment automation for the provided subscription. Please note + that providing an existing custom assessment automation will replace the existing record. + + :param resource_group_name: The name of the resource group within the user's subscription. The + name is case insensitive. + :type resource_group_name: str + :param custom_assessment_automation_name: Name of the Custom Assessment Automation. + :type custom_assessment_automation_name: str + :param custom_assessment_automation_body: Custom Assessment Automation body. + :type custom_assessment_automation_body: ~azure.mgmt.security.models.CustomAssessmentAutomationRequest + :keyword callable cls: A custom type or function that will be passed the direct response + :return: CustomAssessmentAutomation, or the result of cls(response) + :rtype: ~azure.mgmt.security.models.CustomAssessmentAutomation + :raises: ~azure.core.exceptions.HttpResponseError + """ + cls = kwargs.pop('cls', None) # type: ClsType["_models.CustomAssessmentAutomation"] + error_map = { + 401: ClientAuthenticationError, 404: ResourceNotFoundError, 409: ResourceExistsError + } + error_map.update(kwargs.pop('error_map', {})) + api_version = "2021-07-01-preview" + content_type = kwargs.pop("content_type", "application/json") + accept = "application/json" + + # Construct URL + url = self.create.metadata['url'] # type: ignore + path_format_arguments = { + 'subscriptionId': self._serialize.url("self._config.subscription_id", self._config.subscription_id, 'str', pattern=r'^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$'), + 'resourceGroupName': self._serialize.url("resource_group_name", resource_group_name, 'str', max_length=90, min_length=1, pattern=r'^[-\w\._\(\)]+$'), + 'customAssessmentAutomationName': self._serialize.url("custom_assessment_automation_name", custom_assessment_automation_name, 'str'), + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} # type: Dict[str, Any] + query_parameters['api-version'] = self._serialize.query("api_version", api_version, 'str') + + # Construct headers + header_parameters = {} # type: Dict[str, Any] + header_parameters['Content-Type'] = self._serialize.header("content_type", content_type, 'str') + header_parameters['Accept'] = self._serialize.header("accept", accept, 'str') + + body_content_kwargs = {} # type: Dict[str, Any] + body_content = self._serialize.body(custom_assessment_automation_body, 'CustomAssessmentAutomationRequest') + body_content_kwargs['content'] = body_content + request = self._client.put(url, query_parameters, header_parameters, **body_content_kwargs) + pipeline_response = self._client._pipeline.run(request, stream=False, **kwargs) + response = pipeline_response.http_response + + if response.status_code not in [200, 201]: + map_error(status_code=response.status_code, response=response, error_map=error_map) + raise HttpResponseError(response=response, error_format=ARMErrorFormat) + + if response.status_code == 200: + deserialized = self._deserialize('CustomAssessmentAutomation', pipeline_response) + + if response.status_code == 201: + deserialized = self._deserialize('CustomAssessmentAutomation', pipeline_response) + + if cls: + return cls(pipeline_response, deserialized, {}) + + return deserialized + create.metadata = {'url': '/subscriptions/{subscriptionId}/resourcegroups/{resourceGroupName}/providers/Microsoft.Security/customAssessmentAutomations/{customAssessmentAutomationName}'} # type: ignore + + def delete( + self, + resource_group_name, # type: str + custom_assessment_automation_name, # type: str + **kwargs # type: Any + ): + # type: (...) -> None + """Deletes a custom assessment automation. + + Deletes a custom assessment automation by name for a provided subscription. + + :param resource_group_name: The name of the resource group within the user's subscription. The + name is case insensitive. + :type resource_group_name: str + :param custom_assessment_automation_name: Name of the Custom Assessment Automation. + :type custom_assessment_automation_name: str + :keyword callable cls: A custom type or function that will be passed the direct response + :return: None, or the result of cls(response) + :rtype: None + :raises: ~azure.core.exceptions.HttpResponseError + """ + cls = kwargs.pop('cls', None) # type: ClsType[None] + error_map = { + 401: ClientAuthenticationError, 404: ResourceNotFoundError, 409: ResourceExistsError + } + error_map.update(kwargs.pop('error_map', {})) + api_version = "2021-07-01-preview" + accept = "application/json" + + # Construct URL + url = self.delete.metadata['url'] # type: ignore + path_format_arguments = { + 'subscriptionId': self._serialize.url("self._config.subscription_id", self._config.subscription_id, 'str', pattern=r'^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$'), + 'resourceGroupName': self._serialize.url("resource_group_name", resource_group_name, 'str', max_length=90, min_length=1, pattern=r'^[-\w\._\(\)]+$'), + 'customAssessmentAutomationName': self._serialize.url("custom_assessment_automation_name", custom_assessment_automation_name, 'str'), + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} # type: Dict[str, Any] + query_parameters['api-version'] = self._serialize.query("api_version", api_version, 'str') + + # Construct headers + header_parameters = {} # type: Dict[str, Any] + header_parameters['Accept'] = self._serialize.header("accept", accept, 'str') + + request = self._client.delete(url, query_parameters, header_parameters) + pipeline_response = self._client._pipeline.run(request, stream=False, **kwargs) + response = pipeline_response.http_response + + if response.status_code not in [200, 204]: + map_error(status_code=response.status_code, response=response, error_map=error_map) + raise HttpResponseError(response=response, error_format=ARMErrorFormat) + + if cls: + return cls(pipeline_response, None, {}) + + delete.metadata = {'url': '/subscriptions/{subscriptionId}/resourcegroups/{resourceGroupName}/providers/Microsoft.Security/customAssessmentAutomations/{customAssessmentAutomationName}'} # type: ignore + + def list_by_resource_group( + self, + resource_group_name, # type: str + **kwargs # type: Any + ): + # type: (...) -> Iterable["_models.CustomAssessmentAutomationsListResult"] + """List custom assessment automations in a subscription and a resource group. + + List custom assessment automations by provided subscription and resource group. + + :param resource_group_name: The name of the resource group within the user's subscription. The + name is case insensitive. + :type resource_group_name: str + :keyword callable cls: A custom type or function that will be passed the direct response + :return: An iterator like instance of either CustomAssessmentAutomationsListResult or the result of cls(response) + :rtype: ~azure.core.paging.ItemPaged[~azure.mgmt.security.models.CustomAssessmentAutomationsListResult] + :raises: ~azure.core.exceptions.HttpResponseError + """ + cls = kwargs.pop('cls', None) # type: ClsType["_models.CustomAssessmentAutomationsListResult"] + error_map = { + 401: ClientAuthenticationError, 404: ResourceNotFoundError, 409: ResourceExistsError + } + error_map.update(kwargs.pop('error_map', {})) + api_version = "2021-07-01-preview" + accept = "application/json" + + def prepare_request(next_link=None): + # Construct headers + header_parameters = {} # type: Dict[str, Any] + header_parameters['Accept'] = self._serialize.header("accept", accept, 'str') + + if not next_link: + # Construct URL + url = self.list_by_resource_group.metadata['url'] # type: ignore + path_format_arguments = { + 'subscriptionId': self._serialize.url("self._config.subscription_id", self._config.subscription_id, 'str', pattern=r'^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$'), + 'resourceGroupName': self._serialize.url("resource_group_name", resource_group_name, 'str', max_length=90, min_length=1, pattern=r'^[-\w\._\(\)]+$'), + } + url = self._client.format_url(url, **path_format_arguments) + # Construct parameters + query_parameters = {} # type: Dict[str, Any] + query_parameters['api-version'] = self._serialize.query("api_version", api_version, 'str') + + request = self._client.get(url, query_parameters, header_parameters) + else: + url = next_link + query_parameters = {} # type: Dict[str, Any] + request = self._client.get(url, query_parameters, header_parameters) + return request + + def extract_data(pipeline_response): + deserialized = self._deserialize('CustomAssessmentAutomationsListResult', pipeline_response) + list_of_elem = deserialized.value + if cls: + list_of_elem = cls(list_of_elem) + return deserialized.next_link or None, iter(list_of_elem) + + def get_next(next_link=None): + request = prepare_request(next_link) + + pipeline_response = self._client._pipeline.run(request, stream=False, **kwargs) + response = pipeline_response.http_response + + if response.status_code not in [200]: + map_error(status_code=response.status_code, response=response, error_map=error_map) + raise HttpResponseError(response=response, error_format=ARMErrorFormat) + + return pipeline_response + + return ItemPaged( + get_next, extract_data + ) + list_by_resource_group.metadata = {'url': '/subscriptions/{subscriptionId}/resourcegroups/{resourceGroupName}/providers/Microsoft.Security/customAssessmentAutomations'} # type: ignore + + def list_by_subscription( + self, + **kwargs # type: Any + ): + # type: (...) -> Iterable["_models.CustomAssessmentAutomationsListResult"] + """List custom assessment automations in a subscription. + + List custom assessment automations by provided subscription. + + :keyword callable cls: A custom type or function that will be passed the direct response + :return: An iterator like instance of either CustomAssessmentAutomationsListResult or the result of cls(response) + :rtype: ~azure.core.paging.ItemPaged[~azure.mgmt.security.models.CustomAssessmentAutomationsListResult] + :raises: ~azure.core.exceptions.HttpResponseError + """ + cls = kwargs.pop('cls', None) # type: ClsType["_models.CustomAssessmentAutomationsListResult"] + error_map = { + 401: ClientAuthenticationError, 404: ResourceNotFoundError, 409: ResourceExistsError + } + error_map.update(kwargs.pop('error_map', {})) + api_version = "2021-07-01-preview" + accept = "application/json" + + def prepare_request(next_link=None): + # Construct headers + header_parameters = {} # type: Dict[str, Any] + header_parameters['Accept'] = self._serialize.header("accept", accept, 'str') + + if not next_link: + # Construct URL + url = self.list_by_subscription.metadata['url'] # type: ignore + path_format_arguments = { + 'subscriptionId': self._serialize.url("self._config.subscription_id", self._config.subscription_id, 'str', pattern=r'^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$'), + } + url = self._client.format_url(url, **path_format_arguments) + # Construct parameters + query_parameters = {} # type: Dict[str, Any] + query_parameters['api-version'] = self._serialize.query("api_version", api_version, 'str') + + request = self._client.get(url, query_parameters, header_parameters) + else: + url = next_link + query_parameters = {} # type: Dict[str, Any] + request = self._client.get(url, query_parameters, header_parameters) + return request + + def extract_data(pipeline_response): + deserialized = self._deserialize('CustomAssessmentAutomationsListResult', pipeline_response) + list_of_elem = deserialized.value + if cls: + list_of_elem = cls(list_of_elem) + return deserialized.next_link or None, iter(list_of_elem) + + def get_next(next_link=None): + request = prepare_request(next_link) + + pipeline_response = self._client._pipeline.run(request, stream=False, **kwargs) + response = pipeline_response.http_response + + if response.status_code not in [200]: + map_error(status_code=response.status_code, response=response, error_map=error_map) + raise HttpResponseError(response=response, error_format=ARMErrorFormat) + + return pipeline_response + + return ItemPaged( + get_next, extract_data + ) + list_by_subscription.metadata = {'url': '/subscriptions/{subscriptionId}/providers/Microsoft.Security/customAssessmentAutomations'} # type: ignore diff --git a/sdk/security/azure-mgmt-security/azure/mgmt/security/operations/_custom_entity_store_assignments_operations.py b/sdk/security/azure-mgmt-security/azure/mgmt/security/operations/_custom_entity_store_assignments_operations.py new file mode 100644 index 000000000000..65889df2118e --- /dev/null +++ b/sdk/security/azure-mgmt-security/azure/mgmt/security/operations/_custom_entity_store_assignments_operations.py @@ -0,0 +1,388 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for license information. +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is regenerated. +# -------------------------------------------------------------------------- +from typing import TYPE_CHECKING +import warnings + +from azure.core.exceptions import ClientAuthenticationError, HttpResponseError, ResourceExistsError, ResourceNotFoundError, map_error +from azure.core.paging import ItemPaged +from azure.core.pipeline import PipelineResponse +from azure.core.pipeline.transport import HttpRequest, HttpResponse +from azure.mgmt.core.exceptions import ARMErrorFormat + +from .. import models as _models + +if TYPE_CHECKING: + # pylint: disable=unused-import,ungrouped-imports + from typing import Any, Callable, Dict, Generic, Iterable, Optional, TypeVar, Union + + T = TypeVar('T') + ClsType = Optional[Callable[[PipelineResponse[HttpRequest, HttpResponse], T, Dict[str, Any]], Any]] + +class CustomEntityStoreAssignmentsOperations(object): + """CustomEntityStoreAssignmentsOperations operations. + + You should not instantiate this class directly. Instead, you should create a Client instance that + instantiates it for you and attaches it as an attribute. + + :ivar models: Alias to model classes used in this operation group. + :type models: ~azure.mgmt.security.models + :param client: Client for service requests. + :param config: Configuration of service client. + :param serializer: An object model serializer. + :param deserializer: An object model deserializer. + """ + + models = _models + + def __init__(self, client, config, serializer, deserializer): + self._client = client + self._serialize = serializer + self._deserialize = deserializer + self._config = config + + def get( + self, + resource_group_name, # type: str + custom_entity_store_assignment_name, # type: str + **kwargs # type: Any + ): + # type: (...) -> "_models.CustomEntityStoreAssignment" + """Gets a custom entity store assignment. + + Gets a single custom entity store assignment by name for the provided subscription and resource + group. + + :param resource_group_name: The name of the resource group within the user's subscription. The + name is case insensitive. + :type resource_group_name: str + :param custom_entity_store_assignment_name: Name of the custom entity store assignment. + Generated name is GUID. + :type custom_entity_store_assignment_name: str + :keyword callable cls: A custom type or function that will be passed the direct response + :return: CustomEntityStoreAssignment, or the result of cls(response) + :rtype: ~azure.mgmt.security.models.CustomEntityStoreAssignment + :raises: ~azure.core.exceptions.HttpResponseError + """ + cls = kwargs.pop('cls', None) # type: ClsType["_models.CustomEntityStoreAssignment"] + error_map = { + 401: ClientAuthenticationError, 404: ResourceNotFoundError, 409: ResourceExistsError + } + error_map.update(kwargs.pop('error_map', {})) + api_version = "2021-07-01-preview" + accept = "application/json" + + # Construct URL + url = self.get.metadata['url'] # type: ignore + path_format_arguments = { + 'subscriptionId': self._serialize.url("self._config.subscription_id", self._config.subscription_id, 'str', pattern=r'^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$'), + 'resourceGroupName': self._serialize.url("resource_group_name", resource_group_name, 'str', max_length=90, min_length=1, pattern=r'^[-\w\._\(\)]+$'), + 'customEntityStoreAssignmentName': self._serialize.url("custom_entity_store_assignment_name", custom_entity_store_assignment_name, 'str'), + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} # type: Dict[str, Any] + query_parameters['api-version'] = self._serialize.query("api_version", api_version, 'str') + + # Construct headers + header_parameters = {} # type: Dict[str, Any] + header_parameters['Accept'] = self._serialize.header("accept", accept, 'str') + + request = self._client.get(url, query_parameters, header_parameters) + pipeline_response = self._client._pipeline.run(request, stream=False, **kwargs) + response = pipeline_response.http_response + + if response.status_code not in [200]: + map_error(status_code=response.status_code, response=response, error_map=error_map) + raise HttpResponseError(response=response, error_format=ARMErrorFormat) + + deserialized = self._deserialize('CustomEntityStoreAssignment', pipeline_response) + + if cls: + return cls(pipeline_response, deserialized, {}) + + return deserialized + get.metadata = {'url': '/subscriptions/{subscriptionId}/resourcegroups/{resourceGroupName}/providers/Microsoft.Security/customEntityStoreAssignments/{customEntityStoreAssignmentName}'} # type: ignore + + def create( + self, + resource_group_name, # type: str + custom_entity_store_assignment_name, # type: str + custom_entity_store_assignment_request_body, # type: "_models.CustomEntityStoreAssignmentRequest" + **kwargs # type: Any + ): + # type: (...) -> "_models.CustomEntityStoreAssignment" + """Creates a custom entity store assignment. + + Creates a custom entity store assignment for the provided subscription, if not already exists. + + :param resource_group_name: The name of the resource group within the user's subscription. The + name is case insensitive. + :type resource_group_name: str + :param custom_entity_store_assignment_name: Name of the custom entity store assignment. + Generated name is GUID. + :type custom_entity_store_assignment_name: str + :param custom_entity_store_assignment_request_body: Custom entity store assignment body. + :type custom_entity_store_assignment_request_body: ~azure.mgmt.security.models.CustomEntityStoreAssignmentRequest + :keyword callable cls: A custom type or function that will be passed the direct response + :return: CustomEntityStoreAssignment, or the result of cls(response) + :rtype: ~azure.mgmt.security.models.CustomEntityStoreAssignment + :raises: ~azure.core.exceptions.HttpResponseError + """ + cls = kwargs.pop('cls', None) # type: ClsType["_models.CustomEntityStoreAssignment"] + error_map = { + 401: ClientAuthenticationError, 404: ResourceNotFoundError, 409: ResourceExistsError + } + error_map.update(kwargs.pop('error_map', {})) + api_version = "2021-07-01-preview" + content_type = kwargs.pop("content_type", "application/json") + accept = "application/json" + + # Construct URL + url = self.create.metadata['url'] # type: ignore + path_format_arguments = { + 'subscriptionId': self._serialize.url("self._config.subscription_id", self._config.subscription_id, 'str', pattern=r'^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$'), + 'resourceGroupName': self._serialize.url("resource_group_name", resource_group_name, 'str', max_length=90, min_length=1, pattern=r'^[-\w\._\(\)]+$'), + 'customEntityStoreAssignmentName': self._serialize.url("custom_entity_store_assignment_name", custom_entity_store_assignment_name, 'str'), + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} # type: Dict[str, Any] + query_parameters['api-version'] = self._serialize.query("api_version", api_version, 'str') + + # Construct headers + header_parameters = {} # type: Dict[str, Any] + header_parameters['Content-Type'] = self._serialize.header("content_type", content_type, 'str') + header_parameters['Accept'] = self._serialize.header("accept", accept, 'str') + + body_content_kwargs = {} # type: Dict[str, Any] + body_content = self._serialize.body(custom_entity_store_assignment_request_body, 'CustomEntityStoreAssignmentRequest') + body_content_kwargs['content'] = body_content + request = self._client.put(url, query_parameters, header_parameters, **body_content_kwargs) + pipeline_response = self._client._pipeline.run(request, stream=False, **kwargs) + response = pipeline_response.http_response + + if response.status_code not in [200, 201]: + map_error(status_code=response.status_code, response=response, error_map=error_map) + raise HttpResponseError(response=response, error_format=ARMErrorFormat) + + if response.status_code == 200: + deserialized = self._deserialize('CustomEntityStoreAssignment', pipeline_response) + + if response.status_code == 201: + deserialized = self._deserialize('CustomEntityStoreAssignment', pipeline_response) + + if cls: + return cls(pipeline_response, deserialized, {}) + + return deserialized + create.metadata = {'url': '/subscriptions/{subscriptionId}/resourcegroups/{resourceGroupName}/providers/Microsoft.Security/customEntityStoreAssignments/{customEntityStoreAssignmentName}'} # type: ignore + + def delete( + self, + resource_group_name, # type: str + custom_entity_store_assignment_name, # type: str + **kwargs # type: Any + ): + # type: (...) -> None + """Deleted a custom entity store assignment. + + Delete a custom entity store assignment by name for a provided subscription. + + :param resource_group_name: The name of the resource group within the user's subscription. The + name is case insensitive. + :type resource_group_name: str + :param custom_entity_store_assignment_name: Name of the custom entity store assignment. + Generated name is GUID. + :type custom_entity_store_assignment_name: str + :keyword callable cls: A custom type or function that will be passed the direct response + :return: None, or the result of cls(response) + :rtype: None + :raises: ~azure.core.exceptions.HttpResponseError + """ + cls = kwargs.pop('cls', None) # type: ClsType[None] + error_map = { + 401: ClientAuthenticationError, 404: ResourceNotFoundError, 409: ResourceExistsError + } + error_map.update(kwargs.pop('error_map', {})) + api_version = "2021-07-01-preview" + accept = "application/json" + + # Construct URL + url = self.delete.metadata['url'] # type: ignore + path_format_arguments = { + 'subscriptionId': self._serialize.url("self._config.subscription_id", self._config.subscription_id, 'str', pattern=r'^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$'), + 'resourceGroupName': self._serialize.url("resource_group_name", resource_group_name, 'str', max_length=90, min_length=1, pattern=r'^[-\w\._\(\)]+$'), + 'customEntityStoreAssignmentName': self._serialize.url("custom_entity_store_assignment_name", custom_entity_store_assignment_name, 'str'), + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} # type: Dict[str, Any] + query_parameters['api-version'] = self._serialize.query("api_version", api_version, 'str') + + # Construct headers + header_parameters = {} # type: Dict[str, Any] + header_parameters['Accept'] = self._serialize.header("accept", accept, 'str') + + request = self._client.delete(url, query_parameters, header_parameters) + pipeline_response = self._client._pipeline.run(request, stream=False, **kwargs) + response = pipeline_response.http_response + + if response.status_code not in [200, 204]: + map_error(status_code=response.status_code, response=response, error_map=error_map) + raise HttpResponseError(response=response, error_format=ARMErrorFormat) + + if cls: + return cls(pipeline_response, None, {}) + + delete.metadata = {'url': '/subscriptions/{subscriptionId}/resourcegroups/{resourceGroupName}/providers/Microsoft.Security/customEntityStoreAssignments/{customEntityStoreAssignmentName}'} # type: ignore + + def list_by_resource_group( + self, + resource_group_name, # type: str + **kwargs # type: Any + ): + # type: (...) -> Iterable["_models.CustomEntityStoreAssignmentsListResult"] + """List custom entity store assignments in a subscription and a resource group. + + List custom entity store assignments by a provided subscription and resource group. + + :param resource_group_name: The name of the resource group within the user's subscription. The + name is case insensitive. + :type resource_group_name: str + :keyword callable cls: A custom type or function that will be passed the direct response + :return: An iterator like instance of either CustomEntityStoreAssignmentsListResult or the result of cls(response) + :rtype: ~azure.core.paging.ItemPaged[~azure.mgmt.security.models.CustomEntityStoreAssignmentsListResult] + :raises: ~azure.core.exceptions.HttpResponseError + """ + cls = kwargs.pop('cls', None) # type: ClsType["_models.CustomEntityStoreAssignmentsListResult"] + error_map = { + 401: ClientAuthenticationError, 404: ResourceNotFoundError, 409: ResourceExistsError + } + error_map.update(kwargs.pop('error_map', {})) + api_version = "2021-07-01-preview" + accept = "application/json" + + def prepare_request(next_link=None): + # Construct headers + header_parameters = {} # type: Dict[str, Any] + header_parameters['Accept'] = self._serialize.header("accept", accept, 'str') + + if not next_link: + # Construct URL + url = self.list_by_resource_group.metadata['url'] # type: ignore + path_format_arguments = { + 'subscriptionId': self._serialize.url("self._config.subscription_id", self._config.subscription_id, 'str', pattern=r'^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$'), + 'resourceGroupName': self._serialize.url("resource_group_name", resource_group_name, 'str', max_length=90, min_length=1, pattern=r'^[-\w\._\(\)]+$'), + } + url = self._client.format_url(url, **path_format_arguments) + # Construct parameters + query_parameters = {} # type: Dict[str, Any] + query_parameters['api-version'] = self._serialize.query("api_version", api_version, 'str') + + request = self._client.get(url, query_parameters, header_parameters) + else: + url = next_link + query_parameters = {} # type: Dict[str, Any] + request = self._client.get(url, query_parameters, header_parameters) + return request + + def extract_data(pipeline_response): + deserialized = self._deserialize('CustomEntityStoreAssignmentsListResult', pipeline_response) + list_of_elem = deserialized.value + if cls: + list_of_elem = cls(list_of_elem) + return deserialized.next_link or None, iter(list_of_elem) + + def get_next(next_link=None): + request = prepare_request(next_link) + + pipeline_response = self._client._pipeline.run(request, stream=False, **kwargs) + response = pipeline_response.http_response + + if response.status_code not in [200]: + map_error(status_code=response.status_code, response=response, error_map=error_map) + raise HttpResponseError(response=response, error_format=ARMErrorFormat) + + return pipeline_response + + return ItemPaged( + get_next, extract_data + ) + list_by_resource_group.metadata = {'url': '/subscriptions/{subscriptionId}/resourcegroups/{resourceGroupName}/providers/Microsoft.Security/customEntityStoreAssignments'} # type: ignore + + def list_by_subscription( + self, + **kwargs # type: Any + ): + # type: (...) -> Iterable["_models.CustomEntityStoreAssignmentsListResult"] + """List custom entity store assignments in a subscription. + + List custom entity store assignments by provided subscription. + + :keyword callable cls: A custom type or function that will be passed the direct response + :return: An iterator like instance of either CustomEntityStoreAssignmentsListResult or the result of cls(response) + :rtype: ~azure.core.paging.ItemPaged[~azure.mgmt.security.models.CustomEntityStoreAssignmentsListResult] + :raises: ~azure.core.exceptions.HttpResponseError + """ + cls = kwargs.pop('cls', None) # type: ClsType["_models.CustomEntityStoreAssignmentsListResult"] + error_map = { + 401: ClientAuthenticationError, 404: ResourceNotFoundError, 409: ResourceExistsError + } + error_map.update(kwargs.pop('error_map', {})) + api_version = "2021-07-01-preview" + accept = "application/json" + + def prepare_request(next_link=None): + # Construct headers + header_parameters = {} # type: Dict[str, Any] + header_parameters['Accept'] = self._serialize.header("accept", accept, 'str') + + if not next_link: + # Construct URL + url = self.list_by_subscription.metadata['url'] # type: ignore + path_format_arguments = { + 'subscriptionId': self._serialize.url("self._config.subscription_id", self._config.subscription_id, 'str', pattern=r'^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$'), + } + url = self._client.format_url(url, **path_format_arguments) + # Construct parameters + query_parameters = {} # type: Dict[str, Any] + query_parameters['api-version'] = self._serialize.query("api_version", api_version, 'str') + + request = self._client.get(url, query_parameters, header_parameters) + else: + url = next_link + query_parameters = {} # type: Dict[str, Any] + request = self._client.get(url, query_parameters, header_parameters) + return request + + def extract_data(pipeline_response): + deserialized = self._deserialize('CustomEntityStoreAssignmentsListResult', pipeline_response) + list_of_elem = deserialized.value + if cls: + list_of_elem = cls(list_of_elem) + return deserialized.next_link or None, iter(list_of_elem) + + def get_next(next_link=None): + request = prepare_request(next_link) + + pipeline_response = self._client._pipeline.run(request, stream=False, **kwargs) + response = pipeline_response.http_response + + if response.status_code not in [200]: + map_error(status_code=response.status_code, response=response, error_map=error_map) + raise HttpResponseError(response=response, error_format=ARMErrorFormat) + + return pipeline_response + + return ItemPaged( + get_next, extract_data + ) + list_by_subscription.metadata = {'url': '/subscriptions/{subscriptionId}/providers/Microsoft.Security/customEntityStoreAssignments'} # type: ignore diff --git a/sdk/security/azure-mgmt-security/azure/mgmt/security/operations/_information_protection_policies_operations.py b/sdk/security/azure-mgmt-security/azure/mgmt/security/operations/_information_protection_policies_operations.py index 891af46bac01..0fe614a507ab 100644 --- a/sdk/security/azure-mgmt-security/azure/mgmt/security/operations/_information_protection_policies_operations.py +++ b/sdk/security/azure-mgmt-security/azure/mgmt/security/operations/_information_protection_policies_operations.py @@ -48,7 +48,7 @@ def __init__(self, client, config, serializer, deserializer): def get( self, scope, # type: str - information_protection_policy_name, # type: Union[str, "_models.Enum15"] + information_protection_policy_name, # type: Union[str, "_models.Enum19"] **kwargs # type: Any ): # type: (...) -> "_models.InformationProtectionPolicy" @@ -59,7 +59,7 @@ def get( (/providers/Microsoft.Management/managementGroups/mgName). :type scope: str :param information_protection_policy_name: Name of the information protection policy. - :type information_protection_policy_name: str or ~azure.mgmt.security.models.Enum15 + :type information_protection_policy_name: str or ~azure.mgmt.security.models.Enum19 :keyword callable cls: A custom type or function that will be passed the direct response :return: InformationProtectionPolicy, or the result of cls(response) :rtype: ~azure.mgmt.security.models.InformationProtectionPolicy @@ -108,7 +108,7 @@ def get( def create_or_update( self, scope, # type: str - information_protection_policy_name, # type: Union[str, "_models.Enum15"] + information_protection_policy_name, # type: Union[str, "_models.Enum19"] information_protection_policy, # type: "_models.InformationProtectionPolicy" **kwargs # type: Any ): @@ -120,7 +120,7 @@ def create_or_update( (/providers/Microsoft.Management/managementGroups/mgName). :type scope: str :param information_protection_policy_name: Name of the information protection policy. - :type information_protection_policy_name: str or ~azure.mgmt.security.models.Enum15 + :type information_protection_policy_name: str or ~azure.mgmt.security.models.Enum19 :param information_protection_policy: Information protection policy. :type information_protection_policy: ~azure.mgmt.security.models.InformationProtectionPolicy :keyword callable cls: A custom type or function that will be passed the direct response diff --git a/sdk/security/azure-mgmt-security/azure/mgmt/security/operations/_mde_onboardings_operations.py b/sdk/security/azure-mgmt-security/azure/mgmt/security/operations/_mde_onboardings_operations.py new file mode 100644 index 000000000000..64399695cbac --- /dev/null +++ b/sdk/security/azure-mgmt-security/azure/mgmt/security/operations/_mde_onboardings_operations.py @@ -0,0 +1,147 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for license information. +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is regenerated. +# -------------------------------------------------------------------------- +from typing import TYPE_CHECKING +import warnings + +from azure.core.exceptions import ClientAuthenticationError, HttpResponseError, ResourceExistsError, ResourceNotFoundError, map_error +from azure.core.pipeline import PipelineResponse +from azure.core.pipeline.transport import HttpRequest, HttpResponse +from azure.mgmt.core.exceptions import ARMErrorFormat + +from .. import models as _models + +if TYPE_CHECKING: + # pylint: disable=unused-import,ungrouped-imports + from typing import Any, Callable, Dict, Generic, Optional, TypeVar + + T = TypeVar('T') + ClsType = Optional[Callable[[PipelineResponse[HttpRequest, HttpResponse], T, Dict[str, Any]], Any]] + +class MdeOnboardingsOperations(object): + """MdeOnboardingsOperations operations. + + You should not instantiate this class directly. Instead, you should create a Client instance that + instantiates it for you and attaches it as an attribute. + + :ivar models: Alias to model classes used in this operation group. + :type models: ~azure.mgmt.security.models + :param client: Client for service requests. + :param config: Configuration of service client. + :param serializer: An object model serializer. + :param deserializer: An object model deserializer. + """ + + models = _models + + def __init__(self, client, config, serializer, deserializer): + self._client = client + self._serialize = serializer + self._deserialize = deserializer + self._config = config + + def list( + self, + **kwargs # type: Any + ): + # type: (...) -> "_models.MdeOnboardingDataList" + """The configuration or data needed to onboard the machine to MDE. + + :keyword callable cls: A custom type or function that will be passed the direct response + :return: MdeOnboardingDataList, or the result of cls(response) + :rtype: ~azure.mgmt.security.models.MdeOnboardingDataList + :raises: ~azure.core.exceptions.HttpResponseError + """ + cls = kwargs.pop('cls', None) # type: ClsType["_models.MdeOnboardingDataList"] + error_map = { + 401: ClientAuthenticationError, 404: ResourceNotFoundError, 409: ResourceExistsError + } + error_map.update(kwargs.pop('error_map', {})) + api_version = "2021-10-01-preview" + accept = "application/json" + + # Construct URL + url = self.list.metadata['url'] # type: ignore + path_format_arguments = { + 'subscriptionId': self._serialize.url("self._config.subscription_id", self._config.subscription_id, 'str', pattern=r'^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$'), + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} # type: Dict[str, Any] + query_parameters['api-version'] = self._serialize.query("api_version", api_version, 'str') + + # Construct headers + header_parameters = {} # type: Dict[str, Any] + header_parameters['Accept'] = self._serialize.header("accept", accept, 'str') + + request = self._client.get(url, query_parameters, header_parameters) + pipeline_response = self._client._pipeline.run(request, stream=False, **kwargs) + response = pipeline_response.http_response + + if response.status_code not in [200]: + map_error(status_code=response.status_code, response=response, error_map=error_map) + raise HttpResponseError(response=response, error_format=ARMErrorFormat) + + deserialized = self._deserialize('MdeOnboardingDataList', pipeline_response) + + if cls: + return cls(pipeline_response, deserialized, {}) + + return deserialized + list.metadata = {'url': '/subscriptions/{subscriptionId}/providers/Microsoft.Security/mdeOnboardings'} # type: ignore + + def get( + self, + **kwargs # type: Any + ): + # type: (...) -> "_models.MdeOnboardingData" + """The default configuration or data needed to onboard the machine to MDE. + + :keyword callable cls: A custom type or function that will be passed the direct response + :return: MdeOnboardingData, or the result of cls(response) + :rtype: ~azure.mgmt.security.models.MdeOnboardingData + :raises: ~azure.core.exceptions.HttpResponseError + """ + cls = kwargs.pop('cls', None) # type: ClsType["_models.MdeOnboardingData"] + error_map = { + 401: ClientAuthenticationError, 404: ResourceNotFoundError, 409: ResourceExistsError + } + error_map.update(kwargs.pop('error_map', {})) + api_version = "2021-10-01-preview" + accept = "application/json" + + # Construct URL + url = self.get.metadata['url'] # type: ignore + path_format_arguments = { + 'subscriptionId': self._serialize.url("self._config.subscription_id", self._config.subscription_id, 'str', pattern=r'^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$'), + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} # type: Dict[str, Any] + query_parameters['api-version'] = self._serialize.query("api_version", api_version, 'str') + + # Construct headers + header_parameters = {} # type: Dict[str, Any] + header_parameters['Accept'] = self._serialize.header("accept", accept, 'str') + + request = self._client.get(url, query_parameters, header_parameters) + pipeline_response = self._client._pipeline.run(request, stream=False, **kwargs) + response = pipeline_response.http_response + + if response.status_code not in [200]: + map_error(status_code=response.status_code, response=response, error_map=error_map) + raise HttpResponseError(response=response, error_format=ARMErrorFormat) + + deserialized = self._deserialize('MdeOnboardingData', pipeline_response) + + if cls: + return cls(pipeline_response, deserialized, {}) + + return deserialized + get.metadata = {'url': '/subscriptions/{subscriptionId}/providers/Microsoft.Security/mdeOnboardings/default'} # type: ignore diff --git a/sdk/security/azure-mgmt-security/azure/mgmt/security/operations/_security_connectors_operations.py b/sdk/security/azure-mgmt-security/azure/mgmt/security/operations/_security_connectors_operations.py new file mode 100644 index 000000000000..e48f2ac7fe97 --- /dev/null +++ b/sdk/security/azure-mgmt-security/azure/mgmt/security/operations/_security_connectors_operations.py @@ -0,0 +1,445 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for license information. +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is regenerated. +# -------------------------------------------------------------------------- +from typing import TYPE_CHECKING +import warnings + +from azure.core.exceptions import ClientAuthenticationError, HttpResponseError, ResourceExistsError, ResourceNotFoundError, map_error +from azure.core.paging import ItemPaged +from azure.core.pipeline import PipelineResponse +from azure.core.pipeline.transport import HttpRequest, HttpResponse +from azure.mgmt.core.exceptions import ARMErrorFormat + +from .. import models as _models + +if TYPE_CHECKING: + # pylint: disable=unused-import,ungrouped-imports + from typing import Any, Callable, Dict, Generic, Iterable, Optional, TypeVar, Union + + T = TypeVar('T') + ClsType = Optional[Callable[[PipelineResponse[HttpRequest, HttpResponse], T, Dict[str, Any]], Any]] + +class SecurityConnectorsOperations(object): + """SecurityConnectorsOperations operations. + + You should not instantiate this class directly. Instead, you should create a Client instance that + instantiates it for you and attaches it as an attribute. + + :ivar models: Alias to model classes used in this operation group. + :type models: ~azure.mgmt.security.models + :param client: Client for service requests. + :param config: Configuration of service client. + :param serializer: An object model serializer. + :param deserializer: An object model deserializer. + """ + + models = _models + + def __init__(self, client, config, serializer, deserializer): + self._client = client + self._serialize = serializer + self._deserialize = deserializer + self._config = config + + def list( + self, + **kwargs # type: Any + ): + # type: (...) -> Iterable["_models.SecurityConnectorsList"] + """Lists all the security connectors in the specified subscription. Use the 'nextLink' property in + the response to get the next page of security connectors for the specified subscription. + + :keyword callable cls: A custom type or function that will be passed the direct response + :return: An iterator like instance of either SecurityConnectorsList or the result of cls(response) + :rtype: ~azure.core.paging.ItemPaged[~azure.mgmt.security.models.SecurityConnectorsList] + :raises: ~azure.core.exceptions.HttpResponseError + """ + cls = kwargs.pop('cls', None) # type: ClsType["_models.SecurityConnectorsList"] + error_map = { + 401: ClientAuthenticationError, 404: ResourceNotFoundError, 409: ResourceExistsError + } + error_map.update(kwargs.pop('error_map', {})) + api_version = "2021-07-01-preview" + accept = "application/json" + + def prepare_request(next_link=None): + # Construct headers + header_parameters = {} # type: Dict[str, Any] + header_parameters['Accept'] = self._serialize.header("accept", accept, 'str') + + if not next_link: + # Construct URL + url = self.list.metadata['url'] # type: ignore + path_format_arguments = { + 'subscriptionId': self._serialize.url("self._config.subscription_id", self._config.subscription_id, 'str', pattern=r'^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$'), + } + url = self._client.format_url(url, **path_format_arguments) + # Construct parameters + query_parameters = {} # type: Dict[str, Any] + query_parameters['api-version'] = self._serialize.query("api_version", api_version, 'str') + + request = self._client.get(url, query_parameters, header_parameters) + else: + url = next_link + query_parameters = {} # type: Dict[str, Any] + request = self._client.get(url, query_parameters, header_parameters) + return request + + def extract_data(pipeline_response): + deserialized = self._deserialize('SecurityConnectorsList', pipeline_response) + list_of_elem = deserialized.value + if cls: + list_of_elem = cls(list_of_elem) + return deserialized.next_link or None, iter(list_of_elem) + + def get_next(next_link=None): + request = prepare_request(next_link) + + pipeline_response = self._client._pipeline.run(request, stream=False, **kwargs) + response = pipeline_response.http_response + + if response.status_code not in [200]: + map_error(status_code=response.status_code, response=response, error_map=error_map) + raise HttpResponseError(response=response, error_format=ARMErrorFormat) + + return pipeline_response + + return ItemPaged( + get_next, extract_data + ) + list.metadata = {'url': '/subscriptions/{subscriptionId}/providers/Microsoft.Security/securityConnectors'} # type: ignore + + def list_by_resource_group( + self, + resource_group_name, # type: str + **kwargs # type: Any + ): + # type: (...) -> Iterable["_models.SecurityConnectorsList"] + """Lists all the security connectors in the specified resource group. Use the 'nextLink' property + in the response to get the next page of security connectors for the specified resource group. + + :param resource_group_name: The name of the resource group within the user's subscription. The + name is case insensitive. + :type resource_group_name: str + :keyword callable cls: A custom type or function that will be passed the direct response + :return: An iterator like instance of either SecurityConnectorsList or the result of cls(response) + :rtype: ~azure.core.paging.ItemPaged[~azure.mgmt.security.models.SecurityConnectorsList] + :raises: ~azure.core.exceptions.HttpResponseError + """ + cls = kwargs.pop('cls', None) # type: ClsType["_models.SecurityConnectorsList"] + error_map = { + 401: ClientAuthenticationError, 404: ResourceNotFoundError, 409: ResourceExistsError + } + error_map.update(kwargs.pop('error_map', {})) + api_version = "2021-07-01-preview" + accept = "application/json" + + def prepare_request(next_link=None): + # Construct headers + header_parameters = {} # type: Dict[str, Any] + header_parameters['Accept'] = self._serialize.header("accept", accept, 'str') + + if not next_link: + # Construct URL + url = self.list_by_resource_group.metadata['url'] # type: ignore + path_format_arguments = { + 'subscriptionId': self._serialize.url("self._config.subscription_id", self._config.subscription_id, 'str', pattern=r'^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$'), + 'resourceGroupName': self._serialize.url("resource_group_name", resource_group_name, 'str', max_length=90, min_length=1, pattern=r'^[-\w\._\(\)]+$'), + } + url = self._client.format_url(url, **path_format_arguments) + # Construct parameters + query_parameters = {} # type: Dict[str, Any] + query_parameters['api-version'] = self._serialize.query("api_version", api_version, 'str') + + request = self._client.get(url, query_parameters, header_parameters) + else: + url = next_link + query_parameters = {} # type: Dict[str, Any] + request = self._client.get(url, query_parameters, header_parameters) + return request + + def extract_data(pipeline_response): + deserialized = self._deserialize('SecurityConnectorsList', pipeline_response) + list_of_elem = deserialized.value + if cls: + list_of_elem = cls(list_of_elem) + return deserialized.next_link or None, iter(list_of_elem) + + def get_next(next_link=None): + request = prepare_request(next_link) + + pipeline_response = self._client._pipeline.run(request, stream=False, **kwargs) + response = pipeline_response.http_response + + if response.status_code not in [200]: + map_error(status_code=response.status_code, response=response, error_map=error_map) + raise HttpResponseError(response=response, error_format=ARMErrorFormat) + + return pipeline_response + + return ItemPaged( + get_next, extract_data + ) + list_by_resource_group.metadata = {'url': '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/securityConnectors'} # type: ignore + + def get( + self, + resource_group_name, # type: str + security_connector_name, # type: str + **kwargs # type: Any + ): + # type: (...) -> "_models.SecurityConnector" + """Retrieves details of a specific security connector. + + :param resource_group_name: The name of the resource group within the user's subscription. The + name is case insensitive. + :type resource_group_name: str + :param security_connector_name: The security connector name. + :type security_connector_name: str + :keyword callable cls: A custom type or function that will be passed the direct response + :return: SecurityConnector, or the result of cls(response) + :rtype: ~azure.mgmt.security.models.SecurityConnector + :raises: ~azure.core.exceptions.HttpResponseError + """ + cls = kwargs.pop('cls', None) # type: ClsType["_models.SecurityConnector"] + error_map = { + 401: ClientAuthenticationError, 404: ResourceNotFoundError, 409: ResourceExistsError + } + error_map.update(kwargs.pop('error_map', {})) + api_version = "2021-07-01-preview" + accept = "application/json" + + # Construct URL + url = self.get.metadata['url'] # type: ignore + path_format_arguments = { + 'subscriptionId': self._serialize.url("self._config.subscription_id", self._config.subscription_id, 'str', pattern=r'^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$'), + 'resourceGroupName': self._serialize.url("resource_group_name", resource_group_name, 'str', max_length=90, min_length=1, pattern=r'^[-\w\._\(\)]+$'), + 'securityConnectorName': self._serialize.url("security_connector_name", security_connector_name, 'str'), + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} # type: Dict[str, Any] + query_parameters['api-version'] = self._serialize.query("api_version", api_version, 'str') + + # Construct headers + header_parameters = {} # type: Dict[str, Any] + header_parameters['Accept'] = self._serialize.header("accept", accept, 'str') + + request = self._client.get(url, query_parameters, header_parameters) + pipeline_response = self._client._pipeline.run(request, stream=False, **kwargs) + response = pipeline_response.http_response + + if response.status_code not in [200]: + map_error(status_code=response.status_code, response=response, error_map=error_map) + raise HttpResponseError(response=response, error_format=ARMErrorFormat) + + deserialized = self._deserialize('SecurityConnector', pipeline_response) + + if cls: + return cls(pipeline_response, deserialized, {}) + + return deserialized + get.metadata = {'url': '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/securityConnectors/{securityConnectorName}'} # type: ignore + + def create_or_update( + self, + resource_group_name, # type: str + security_connector_name, # type: str + security_connector, # type: "_models.SecurityConnector" + **kwargs # type: Any + ): + # type: (...) -> "_models.SecurityConnector" + """Creates or updates a security connector. If a security connector is already created and a + subsequent request is issued for the same security connector id, then it will be updated. + + :param resource_group_name: The name of the resource group within the user's subscription. The + name is case insensitive. + :type resource_group_name: str + :param security_connector_name: The security connector name. + :type security_connector_name: str + :param security_connector: The security connector resource. + :type security_connector: ~azure.mgmt.security.models.SecurityConnector + :keyword callable cls: A custom type or function that will be passed the direct response + :return: SecurityConnector, or the result of cls(response) + :rtype: ~azure.mgmt.security.models.SecurityConnector + :raises: ~azure.core.exceptions.HttpResponseError + """ + cls = kwargs.pop('cls', None) # type: ClsType["_models.SecurityConnector"] + error_map = { + 401: ClientAuthenticationError, 404: ResourceNotFoundError, 409: ResourceExistsError + } + error_map.update(kwargs.pop('error_map', {})) + api_version = "2021-07-01-preview" + content_type = kwargs.pop("content_type", "application/json") + accept = "application/json" + + # Construct URL + url = self.create_or_update.metadata['url'] # type: ignore + path_format_arguments = { + 'subscriptionId': self._serialize.url("self._config.subscription_id", self._config.subscription_id, 'str', pattern=r'^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$'), + 'resourceGroupName': self._serialize.url("resource_group_name", resource_group_name, 'str', max_length=90, min_length=1, pattern=r'^[-\w\._\(\)]+$'), + 'securityConnectorName': self._serialize.url("security_connector_name", security_connector_name, 'str'), + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} # type: Dict[str, Any] + query_parameters['api-version'] = self._serialize.query("api_version", api_version, 'str') + + # Construct headers + header_parameters = {} # type: Dict[str, Any] + header_parameters['Content-Type'] = self._serialize.header("content_type", content_type, 'str') + header_parameters['Accept'] = self._serialize.header("accept", accept, 'str') + + body_content_kwargs = {} # type: Dict[str, Any] + body_content = self._serialize.body(security_connector, 'SecurityConnector') + body_content_kwargs['content'] = body_content + request = self._client.put(url, query_parameters, header_parameters, **body_content_kwargs) + pipeline_response = self._client._pipeline.run(request, stream=False, **kwargs) + response = pipeline_response.http_response + + if response.status_code not in [200, 201]: + map_error(status_code=response.status_code, response=response, error_map=error_map) + raise HttpResponseError(response=response, error_format=ARMErrorFormat) + + if response.status_code == 200: + deserialized = self._deserialize('SecurityConnector', pipeline_response) + + if response.status_code == 201: + deserialized = self._deserialize('SecurityConnector', pipeline_response) + + if cls: + return cls(pipeline_response, deserialized, {}) + + return deserialized + create_or_update.metadata = {'url': '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/securityConnectors/{securityConnectorName}'} # type: ignore + + def update( + self, + resource_group_name, # type: str + security_connector_name, # type: str + security_connector, # type: "_models.SecurityConnector" + **kwargs # type: Any + ): + # type: (...) -> "_models.SecurityConnector" + """Updates a security connector. + + :param resource_group_name: The name of the resource group within the user's subscription. The + name is case insensitive. + :type resource_group_name: str + :param security_connector_name: The security connector name. + :type security_connector_name: str + :param security_connector: The security connector resource. + :type security_connector: ~azure.mgmt.security.models.SecurityConnector + :keyword callable cls: A custom type or function that will be passed the direct response + :return: SecurityConnector, or the result of cls(response) + :rtype: ~azure.mgmt.security.models.SecurityConnector + :raises: ~azure.core.exceptions.HttpResponseError + """ + cls = kwargs.pop('cls', None) # type: ClsType["_models.SecurityConnector"] + error_map = { + 401: ClientAuthenticationError, 404: ResourceNotFoundError, 409: ResourceExistsError + } + error_map.update(kwargs.pop('error_map', {})) + api_version = "2021-07-01-preview" + content_type = kwargs.pop("content_type", "application/json") + accept = "application/json" + + # Construct URL + url = self.update.metadata['url'] # type: ignore + path_format_arguments = { + 'subscriptionId': self._serialize.url("self._config.subscription_id", self._config.subscription_id, 'str', pattern=r'^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$'), + 'resourceGroupName': self._serialize.url("resource_group_name", resource_group_name, 'str', max_length=90, min_length=1, pattern=r'^[-\w\._\(\)]+$'), + 'securityConnectorName': self._serialize.url("security_connector_name", security_connector_name, 'str'), + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} # type: Dict[str, Any] + query_parameters['api-version'] = self._serialize.query("api_version", api_version, 'str') + + # Construct headers + header_parameters = {} # type: Dict[str, Any] + header_parameters['Content-Type'] = self._serialize.header("content_type", content_type, 'str') + header_parameters['Accept'] = self._serialize.header("accept", accept, 'str') + + body_content_kwargs = {} # type: Dict[str, Any] + body_content = self._serialize.body(security_connector, 'SecurityConnector') + body_content_kwargs['content'] = body_content + request = self._client.patch(url, query_parameters, header_parameters, **body_content_kwargs) + pipeline_response = self._client._pipeline.run(request, stream=False, **kwargs) + response = pipeline_response.http_response + + if response.status_code not in [200]: + map_error(status_code=response.status_code, response=response, error_map=error_map) + raise HttpResponseError(response=response, error_format=ARMErrorFormat) + + deserialized = self._deserialize('SecurityConnector', pipeline_response) + + if cls: + return cls(pipeline_response, deserialized, {}) + + return deserialized + update.metadata = {'url': '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/securityConnectors/{securityConnectorName}'} # type: ignore + + def delete( + self, + resource_group_name, # type: str + security_connector_name, # type: str + **kwargs # type: Any + ): + # type: (...) -> None + """Deletes a security connector. + + :param resource_group_name: The name of the resource group within the user's subscription. The + name is case insensitive. + :type resource_group_name: str + :param security_connector_name: The security connector name. + :type security_connector_name: str + :keyword callable cls: A custom type or function that will be passed the direct response + :return: None, or the result of cls(response) + :rtype: None + :raises: ~azure.core.exceptions.HttpResponseError + """ + cls = kwargs.pop('cls', None) # type: ClsType[None] + error_map = { + 401: ClientAuthenticationError, 404: ResourceNotFoundError, 409: ResourceExistsError + } + error_map.update(kwargs.pop('error_map', {})) + api_version = "2021-07-01-preview" + accept = "application/json" + + # Construct URL + url = self.delete.metadata['url'] # type: ignore + path_format_arguments = { + 'subscriptionId': self._serialize.url("self._config.subscription_id", self._config.subscription_id, 'str', pattern=r'^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$'), + 'resourceGroupName': self._serialize.url("resource_group_name", resource_group_name, 'str', max_length=90, min_length=1, pattern=r'^[-\w\._\(\)]+$'), + 'securityConnectorName': self._serialize.url("security_connector_name", security_connector_name, 'str'), + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} # type: Dict[str, Any] + query_parameters['api-version'] = self._serialize.query("api_version", api_version, 'str') + + # Construct headers + header_parameters = {} # type: Dict[str, Any] + header_parameters['Accept'] = self._serialize.header("accept", accept, 'str') + + request = self._client.delete(url, query_parameters, header_parameters) + pipeline_response = self._client._pipeline.run(request, stream=False, **kwargs) + response = pipeline_response.http_response + + if response.status_code not in [200, 204]: + map_error(status_code=response.status_code, response=response, error_map=error_map) + raise HttpResponseError(response=response, error_format=ARMErrorFormat) + + if cls: + return cls(pipeline_response, None, {}) + + delete.metadata = {'url': '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/securityConnectors/{securityConnectorName}'} # type: ignore diff --git a/sdk/security/azure-mgmt-security/azure/mgmt/security/operations/_settings_operations.py b/sdk/security/azure-mgmt-security/azure/mgmt/security/operations/_settings_operations.py index 6d8ccf6bd044..a23bdcac7ec0 100644 --- a/sdk/security/azure-mgmt-security/azure/mgmt/security/operations/_settings_operations.py +++ b/sdk/security/azure-mgmt-security/azure/mgmt/security/operations/_settings_operations.py @@ -114,14 +114,14 @@ def get_next(next_link=None): def get( self, - setting_name, # type: Union[str, "_models.Enum69"] + setting_name, # type: Union[str, "_models.Enum75"] **kwargs # type: Any ): # type: (...) -> "_models.Setting" """Settings of different configurations in security center. :param setting_name: The name of the setting. - :type setting_name: str or ~azure.mgmt.security.models.Enum69 + :type setting_name: str or ~azure.mgmt.security.models.Enum75 :keyword callable cls: A custom type or function that will be passed the direct response :return: Setting, or the result of cls(response) :rtype: ~azure.mgmt.security.models.Setting @@ -169,7 +169,7 @@ def get( def update( self, - setting_name, # type: Union[str, "_models.Enum69"] + setting_name, # type: Union[str, "_models.Enum75"] setting, # type: "_models.Setting" **kwargs # type: Any ): @@ -177,7 +177,7 @@ def update( """updating settings about different configurations in security center. :param setting_name: The name of the setting. - :type setting_name: str or ~azure.mgmt.security.models.Enum69 + :type setting_name: str or ~azure.mgmt.security.models.Enum75 :param setting: Setting object. :type setting: ~azure.mgmt.security.models.Setting :keyword callable cls: A custom type or function that will be passed the direct response diff --git a/sdk/security/azure-mgmt-security/azure/mgmt/security/operations/_tasks_operations.py b/sdk/security/azure-mgmt-security/azure/mgmt/security/operations/_tasks_operations.py index 387baf6aafbd..96ad0bfa1899 100644 --- a/sdk/security/azure-mgmt-security/azure/mgmt/security/operations/_tasks_operations.py +++ b/sdk/security/azure-mgmt-security/azure/mgmt/security/operations/_tasks_operations.py @@ -249,7 +249,7 @@ def get_subscription_level_task( def update_subscription_level_task_state( self, task_name, # type: str - task_update_action_type, # type: Union[str, "_models.Enum13"] + task_update_action_type, # type: Union[str, "_models.Enum17"] **kwargs # type: Any ): # type: (...) -> None @@ -258,7 +258,7 @@ def update_subscription_level_task_state( :param task_name: Name of the task object, will be a GUID. :type task_name: str :param task_update_action_type: Type of the action to do on the task. - :type task_update_action_type: str or ~azure.mgmt.security.models.Enum13 + :type task_update_action_type: str or ~azure.mgmt.security.models.Enum17 :keyword callable cls: A custom type or function that will be passed the direct response :return: None, or the result of cls(response) :rtype: None @@ -446,7 +446,7 @@ def update_resource_group_level_task_state( self, resource_group_name, # type: str task_name, # type: str - task_update_action_type, # type: Union[str, "_models.Enum13"] + task_update_action_type, # type: Union[str, "_models.Enum17"] **kwargs # type: Any ): # type: (...) -> None @@ -458,7 +458,7 @@ def update_resource_group_level_task_state( :param task_name: Name of the task object, will be a GUID. :type task_name: str :param task_update_action_type: Type of the action to do on the task. - :type task_update_action_type: str or ~azure.mgmt.security.models.Enum13 + :type task_update_action_type: str or ~azure.mgmt.security.models.Enum17 :keyword callable cls: A custom type or function that will be passed the direct response :return: None, or the result of cls(response) :rtype: None