diff --git a/sdk/security/arm-security/CHANGELOG.md b/sdk/security/arm-security/CHANGELOG.md index 57cda3d881dd..0ccdc9ffbdf9 100644 --- a/sdk/security/arm-security/CHANGELOG.md +++ b/sdk/security/arm-security/CHANGELOG.md @@ -1,16 +1,6 @@ # Release History - -## 6.0.0-beta.2 (Unreleased) - -### Features Added - -### Breaking Changes - -### Bugs Fixed - -### Other Changes - -## 6.0.0-beta.1 (2022-09-14) + +## 6.0.0-beta.2 (2022-11-03) **Features** @@ -66,7 +56,7 @@ - Added Interface AutoProvisioningSetting - Added Interface AwAssumeRoleAuthenticationDetailsProperties - Added Interface AwsCredsAuthenticationDetailsProperties - - Added Interface AWSEnvironmentData + - Added Interface AwsEnvironmentData - Added Interface AwsOrganizationalData - Added Interface AwsOrganizationalDataMaster - Added Interface AwsOrganizationalDataMember @@ -91,9 +81,13 @@ - Added Interface CustomAssessmentAutomationRequest - Added Interface CustomEntityStoreAssignment - Added Interface DataExportSettings + - Added Interface DefenderCspmAwsOffering + - Added Interface DefenderCspmAwsOfferingVmScanners + - Added Interface DefenderCspmAwsOfferingVmScannersConfiguration + - Added Interface DefenderCspmGcpOffering - Added Interface DefenderFoDatabasesAwsOffering - Added Interface DefenderFoDatabasesAwsOfferingArcAutoProvisioning - - Added Interface DefenderFoDatabasesAwsOfferingArcAutoProvisioningServicePrincipalSecretMetadata + - Added Interface DefenderFoDatabasesAwsOfferingRds - Added Interface DefenderForContainersAwsOffering - Added Interface DefenderForContainersAwsOfferingContainerVulnerabilityAssessment - Added Interface DefenderForContainersAwsOfferingContainerVulnerabilityAssessmentTask @@ -102,8 +96,9 @@ - Added Interface DefenderForContainersGcpOfferingNativeCloudConnection - Added Interface DefenderForDatabasesGcpOffering - Added Interface DefenderForDatabasesGcpOfferingArcAutoProvisioning - - Added Interface DefenderForDatabasesGcpOfferingArcAutoProvisioningConfiguration - Added Interface DefenderForDatabasesGcpOfferingDefenderForDatabasesArcAutoProvisioning + - Added Interface DefenderForDevOpsAzureDevOpsOffering + - Added Interface DefenderForDevOpsGithubOffering - Added Interface DefenderForServersAwsOffering - Added Interface DefenderForServersAwsOfferingMdeAutoProvisioning - Added Interface DefenderForServersAwsOfferingSubPlan @@ -113,7 +108,6 @@ - Added Interface DefenderForServersAwsOfferingVmScannersConfiguration - Added Interface DefenderForServersGcpOffering - Added Interface DefenderForServersGcpOfferingArcAutoProvisioning - - Added Interface DefenderForServersGcpOfferingArcAutoProvisioningConfiguration - Added Interface DefenderForServersGcpOfferingDefenderForServers - Added Interface DefenderForServersGcpOfferingMdeAutoProvisioning - Added Interface DefenderForServersGcpOfferingSubPlan @@ -240,6 +234,7 @@ - Added Type Alias ApplicationsListResponse - Added Type Alias ApplicationSourceResourceType - Added Type Alias AwsOrganizationalDataUnion + - Added Type Alias ConnectionType - Added Type Alias EnvironmentDataUnion - Added Type Alias EnvironmentType - Added Type Alias GcpOrganizationalDataUnion @@ -305,9 +300,13 @@ - Enum KnownOfferingType has a new value CspmMonitorAzureDevOps - Enum KnownOfferingType has a new value CspmMonitorGcp - Enum KnownOfferingType has a new value CspmMonitorGithub + - Enum KnownOfferingType has a new value DefenderCspmAws + - Enum KnownOfferingType has a new value DefenderCspmGcp - Enum KnownOfferingType has a new value DefenderForContainersGcp - Enum KnownOfferingType has a new value DefenderForDatabasesAws - Enum KnownOfferingType has a new value DefenderForDatabasesGcp + - Enum KnownOfferingType has a new value DefenderForDevOpsAzureDevOps + - Enum KnownOfferingType has a new value DefenderForDevOpsGithub - Enum KnownOfferingType has a new value DefenderForServersGcp - Enum KnownSettingName has a new value WdatpUnifiedSolution @@ -315,6 +314,8 @@ - Removed operation Alerts.simulate - Removed operation SecurityContacts.update + - Operation AllowedConnections.get has a new signature + - Interface DefenderForServersAwsOfferingArcAutoProvisioning no longer has parameter servicePrincipalSecretMetadata - Removed Enum KnownAlertNotifications - Removed Enum KnownAlertsToAdmins diff --git a/sdk/security/arm-security/README.md b/sdk/security/arm-security/README.md index bca29e8e2d37..c7e9e7c191b4 100644 --- a/sdk/security/arm-security/README.md +++ b/sdk/security/arm-security/README.md @@ -1,6 +1,6 @@ -# Azure Service client library for JavaScript +# Azure SecurityCenter client library for JavaScript -This package contains an isomorphic SDK (runs both in Node.js and in browsers) for Azure Service client. +This package contains an isomorphic SDK (runs both in Node.js and in browsers) for Azure SecurityCenter client. API spec for Microsoft.Security (Azure Security Center) resource provider @@ -24,7 +24,7 @@ See our [support policy](https://github.com/Azure/azure-sdk-for-js/blob/main/SUP ### Install the `@azure/arm-security` package -Install the Azure Service client library for JavaScript with `npm`: +Install the Azure SecurityCenter client library for JavaScript with `npm`: ```bash npm install @azure/arm-security @@ -32,8 +32,8 @@ npm install @azure/arm-security ### Create and authenticate a `SecurityCenter` -To create a client object to access the Azure Service API, you will need the `endpoint` of your Azure Service resource and a `credential`. The Azure Service client can use Azure Active Directory credentials to authenticate. -You can find the endpoint for your Azure Service resource in the [Azure Portal][azure_portal]. +To create a client object to access the Azure SecurityCenter API, you will need the `endpoint` of your Azure SecurityCenter resource and a `credential`. The Azure SecurityCenter client can use Azure Active Directory credentials to authenticate. +You can find the endpoint for your Azure SecurityCenter resource in the [Azure Portal][azure_portal]. You can authenticate with Azure Active Directory using a credential from the [@azure/identity][azure_identity] library or [an existing AAD Token](https://github.com/Azure/azure-sdk-for-js/blob/master/sdk/identity/identity/samples/AzureIdentityExamples.md#authenticating-with-a-pre-fetched-access-token). @@ -43,7 +43,7 @@ To use the [DefaultAzureCredential][defaultazurecredential] provider shown below npm install @azure/identity ``` -You will also need to **register a new AAD application and grant access to Azure Service** by assigning the suitable role to your service principal (note: roles such as `"Owner"` will not grant the necessary permissions). +You will also need to **register a new AAD application and grant access to Azure SecurityCenter** by assigning the suitable role to your service principal (note: roles such as `"Owner"` will not grant the necessary permissions). Set the values of the client ID, tenant ID, and client secret of the AAD application as environment variables: `AZURE_CLIENT_ID`, `AZURE_TENANT_ID`, `AZURE_CLIENT_SECRET`. For more information about how to create an Azure AD Application check out [this guide](https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal). @@ -72,7 +72,7 @@ To use this client library in the browser, first you need to use a bundler. For ### SecurityCenter -`SecurityCenter` is the primary interface for developers using the Azure Service client library. Explore the methods on this client object to understand the different features of the Azure Service service that you can access. +`SecurityCenter` is the primary interface for developers using the Azure SecurityCenter client library. Explore the methods on this client object to understand the different features of the Azure SecurityCenter service that you can access. ## Troubleshooting diff --git a/sdk/security/arm-security/_meta.json b/sdk/security/arm-security/_meta.json index 128c276cb60e..f4e4a369e21e 100644 --- a/sdk/security/arm-security/_meta.json +++ b/sdk/security/arm-security/_meta.json @@ -1,8 +1,8 @@ { - "commit": "af1be2677e619e483210064ff658e62ec25053aa", + "commit": "f3204698625c0aa0b4c1ebf4cfa1a8bcc890a134", "readme": "specification/security/resource-manager/readme.md", - "autorest_command": "autorest --version=3.8.4 --typescript --modelerfour.lenient-model-deduplication --azure-arm --head-as-boolean=true --license-header=MICROSOFT_MIT_NO_VERSION --generate-test --typescript-sdks-folder=D:\\Git\\azure-sdk-for-js ..\\azure-rest-api-specs\\specification\\security\\resource-manager\\readme.md --use=@autorest/typescript@6.0.0-rc.1.20220727.1 --generate-sample=true", + "autorest_command": "autorest --version=3.8.4 --typescript --modelerfour.lenient-model-deduplication --azure-arm --head-as-boolean=true --license-header=MICROSOFT_MIT_NO_VERSION --generate-test --typescript-sdks-folder=/mnt/vss/_work/1/s/azure-sdk-for-js ../azure-rest-api-specs/specification/security/resource-manager/readme.md --use=@autorest/typescript@6.0.0-rc.2", "repository_url": "https://github.com/Azure/azure-rest-api-specs.git", - "release_tool": "@azure-tools/js-sdk-release-tools@2.4.2", - "use": "@autorest/typescript@6.0.0-rc.1.20220727.1" + "release_tool": "@azure-tools/js-sdk-release-tools@2.5.0", + "use": "@autorest/typescript@6.0.0-rc.2" } \ No newline at end of file diff --git a/sdk/security/arm-security/package.json b/sdk/security/arm-security/package.json index f9c00e5b0838..0675bbcd6501 100644 --- a/sdk/security/arm-security/package.json +++ b/sdk/security/arm-security/package.json @@ -109,13 +109,5 @@ } ] }, - "autoPublish": true, - "//sampleConfiguration": { - "productName": "", - "productSlugs": [ - "azure" - ], - "disableDocsMs": true, - "apiRefLink": "https://docs.microsoft.com/javascript/api/@azure/arm-security?view=azure-node-preview" - } -} + "autoPublish": true +} \ No newline at end of file diff --git a/sdk/security/arm-security/review/arm-security.api.md b/sdk/security/arm-security/review/arm-security.api.md index d5a8bf0090ee..7fdeda3566f7 100644 --- a/sdk/security/arm-security/review/arm-security.api.md +++ b/sdk/security/arm-security/review/arm-security.api.md @@ -995,7 +995,7 @@ export interface AwsCredsAuthenticationDetailsProperties extends AuthenticationD } // @public -export interface AWSEnvironmentData extends EnvironmentData { +export interface AwsEnvironmentData extends EnvironmentData { environmentType: "AwsAccount"; organizationalData?: AwsOrganizationalDataUnion; } @@ -1113,11 +1113,11 @@ export type CloudName = string; // @public export interface CloudOffering { readonly description?: string; - offeringType: "CspmMonitorAws" | "DefenderForContainersAws" | "DefenderForServersAws" | "DefenderForDatabasesAws" | "InformationProtectionAws" | "CspmMonitorGcp" | "DefenderForServersGcp" | "DefenderForDatabasesGcp" | "DefenderForContainersGcp" | "CspmMonitorGithub" | "CspmMonitorAzureDevOps"; + offeringType: "CspmMonitorAws" | "DefenderForContainersAws" | "DefenderForServersAws" | "DefenderForDatabasesAws" | "InformationProtectionAws" | "CspmMonitorGcp" | "DefenderForServersGcp" | "DefenderForDatabasesGcp" | "DefenderForContainersGcp" | "CspmMonitorGithub" | "CspmMonitorAzureDevOps" | "DefenderCspmAws" | "DefenderCspmGcp" | "DefenderForDevOpsGithub" | "DefenderForDevOpsAzureDevOps"; } // @public (undocumented) -export type CloudOfferingUnion = CloudOffering | CspmMonitorAwsOffering | DefenderForContainersAwsOffering | DefenderForServersAwsOffering | DefenderFoDatabasesAwsOffering | InformationProtectionAwsOffering | CspmMonitorGcpOffering | DefenderForServersGcpOffering | DefenderForDatabasesGcpOffering | DefenderForContainersGcpOffering | CspmMonitorGithubOffering | CspmMonitorAzureDevOpsOffering; +export type CloudOfferingUnion = CloudOffering | CspmMonitorAwsOffering | DefenderForContainersAwsOffering | DefenderForServersAwsOffering | DefenderFoDatabasesAwsOffering | InformationProtectionAwsOffering | CspmMonitorGcpOffering | DefenderForServersGcpOffering | DefenderForDatabasesGcpOffering | DefenderForContainersGcpOffering | CspmMonitorGithubOffering | CspmMonitorAzureDevOpsOffering | DefenderCspmAwsOffering | DefenderCspmGcpOffering | DefenderForDevOpsGithubOffering | DefenderForDevOpsAzureDevOpsOffering; // @public export interface Compliance extends Resource { @@ -1543,24 +1543,49 @@ export interface DataExportSettings extends Setting { // @public export type DataSource = string; +// @public +export interface DefenderCspmAwsOffering extends CloudOffering { + offeringType: "DefenderCspmAws"; + vmScanners?: DefenderCspmAwsOfferingVmScanners; +} + +// @public +export interface DefenderCspmAwsOfferingVmScanners { + configuration?: DefenderCspmAwsOfferingVmScannersConfiguration; + enabled?: boolean; +} + +// @public +export interface DefenderCspmAwsOfferingVmScannersConfiguration { + cloudRoleArn?: string; + exclusionTags?: { + [propertyName: string]: string; + }; + scanningMode?: ScanningMode; +} + +// @public +export interface DefenderCspmGcpOffering extends CloudOffering { + offeringType: "DefenderCspmGcp"; +} + // @public export interface DefenderFoDatabasesAwsOffering extends CloudOffering { arcAutoProvisioning?: DefenderFoDatabasesAwsOfferingArcAutoProvisioning; offeringType: "DefenderForDatabasesAws"; + rds?: DefenderFoDatabasesAwsOfferingRds; } // @public export interface DefenderFoDatabasesAwsOfferingArcAutoProvisioning { cloudRoleArn?: string; enabled?: boolean; - servicePrincipalSecretMetadata?: DefenderFoDatabasesAwsOfferingArcAutoProvisioningServicePrincipalSecretMetadata; } // @public -export interface DefenderFoDatabasesAwsOfferingArcAutoProvisioningServicePrincipalSecretMetadata { - expiryDate?: Date; - parameterNameInStore?: string; - parameterStoreRegion?: string; +export interface DefenderFoDatabasesAwsOfferingRds { + cloudRoleArn?: string; + enabled?: boolean; } // @public @@ -1639,22 +1664,25 @@ export interface DefenderForDatabasesGcpOffering extends CloudOffering { // @public export interface DefenderForDatabasesGcpOfferingArcAutoProvisioning { - configuration?: DefenderForDatabasesGcpOfferingArcAutoProvisioningConfiguration; enabled?: boolean; } -// @public -export interface DefenderForDatabasesGcpOfferingArcAutoProvisioningConfiguration { - agentOnboardingServiceAccountNumericId?: string; - clientId?: string; -} - // @public export interface DefenderForDatabasesGcpOfferingDefenderForDatabasesArcAutoProvisioning { serviceAccountEmailAddress?: string; workloadIdentityProviderId?: string; } +// @public +export interface DefenderForDevOpsAzureDevOpsOffering extends CloudOffering { + offeringType: "DefenderForDevOpsAzureDevOps"; +} + +// @public +export interface DefenderForDevOpsGithubOffering extends CloudOffering { + offeringType: "DefenderForDevOpsGithub"; +} + // @public export interface DefenderForServersAwsOffering extends CloudOffering { arcAutoProvisioning?: DefenderForServersAwsOfferingArcAutoProvisioning; @@ -1670,14 +1698,6 @@ export interface DefenderForServersAwsOffering extends CloudOffering { export interface DefenderForServersAwsOfferingArcAutoProvisioning { cloudRoleArn?: string; enabled?: boolean; - servicePrincipalSecretMetadata?: DefenderForServersAwsOfferingArcAutoProvisioningServicePrincipalSecretMetadata; -} - -// @public -export interface DefenderForServersAwsOfferingArcAutoProvisioningServicePrincipalSecretMetadata { - expiryDate?: string; - parameterNameInStore?: string; - parameterStoreRegion?: string; } // @public @@ -1716,7 +1736,9 @@ export interface DefenderForServersAwsOfferingVmScanners { // @public export interface DefenderForServersAwsOfferingVmScannersConfiguration { cloudRoleArn?: string; - exclusionTags?: Record; + exclusionTags?: { + [propertyName: string]: string; + }; scanningMode?: ScanningMode; } @@ -1732,16 +1754,9 @@ export interface DefenderForServersGcpOffering extends CloudOffering { // @public export interface DefenderForServersGcpOfferingArcAutoProvisioning { - configuration?: DefenderForServersGcpOfferingArcAutoProvisioningConfiguration; enabled?: boolean; } -// @public -export interface DefenderForServersGcpOfferingArcAutoProvisioningConfiguration { - agentOnboardingServiceAccountNumericId?: string; - clientId?: string; -} - // @public export interface DefenderForServersGcpOfferingDefenderForServers { serviceAccountEmailAddress?: string; @@ -1916,7 +1931,7 @@ export interface EnvironmentData { } // @public (undocumented) -export type EnvironmentDataUnion = EnvironmentData | AWSEnvironmentData | GcpProjectEnvironmentData | GithubScopeEnvironmentData | AzureDevOpsScopeEnvironmentData; +export type EnvironmentDataUnion = EnvironmentData | AwsEnvironmentData | GcpProjectEnvironmentData | GithubScopeEnvironmentData | AzureDevOpsScopeEnvironmentData; // @public export type EnvironmentType = string; @@ -2994,6 +3009,7 @@ export enum KnownAlertStatus { // @public export enum KnownApplicationConditionOperator { Contains = "Contains", + Equals = "Equals", In = "In" } @@ -3276,10 +3292,14 @@ export enum KnownOfferingType { CspmMonitorAzureDevOps = "CspmMonitorAzureDevOps", CspmMonitorGcp = "CspmMonitorGcp", CspmMonitorGithub = "CspmMonitorGithub", + DefenderCspmAws = "DefenderCspmAws", + DefenderCspmGcp = "DefenderCspmGcp", DefenderForContainersAws = "DefenderForContainersAws", DefenderForContainersGcp = "DefenderForContainersGcp", DefenderForDatabasesAws = "DefenderForDatabasesAws", DefenderForDatabasesGcp = "DefenderForDatabasesGcp", + DefenderForDevOpsAzureDevOps = "DefenderForDevOpsAzureDevOps", + DefenderForDevOpsGithub = "DefenderForDevOpsGithub", DefenderForServersAws = "DefenderForServersAws", DefenderForServersGcp = "DefenderForServersGcp", InformationProtectionAws = "InformationProtectionAws" diff --git a/sdk/security/arm-security/src/models/index.ts b/sdk/security/arm-security/src/models/index.ts index 3b0aa93b527e..aa306fb09722 100644 --- a/sdk/security/arm-security/src/models/index.ts +++ b/sdk/security/arm-security/src/models/index.ts @@ -50,10 +50,14 @@ export type CloudOfferingUnion = | DefenderForDatabasesGcpOffering | DefenderForContainersGcpOffering | CspmMonitorGithubOffering - | CspmMonitorAzureDevOpsOffering; + | CspmMonitorAzureDevOpsOffering + | DefenderCspmAwsOffering + | DefenderCspmGcpOffering + | DefenderForDevOpsGithubOffering + | DefenderForDevOpsAzureDevOpsOffering; export type EnvironmentDataUnion = | EnvironmentData - | AWSEnvironmentData + | AwsEnvironmentData | GcpProjectEnvironmentData | GithubScopeEnvironmentData | AzureDevOpsScopeEnvironmentData; @@ -1794,7 +1798,11 @@ export interface CloudOffering { | "DefenderForDatabasesGcp" | "DefenderForContainersGcp" | "CspmMonitorGithub" - | "CspmMonitorAzureDevOps"; + | "CspmMonitorAzureDevOps" + | "DefenderCspmAws" + | "DefenderCspmGcp" + | "DefenderForDevOpsGithub" + | "DefenderForDevOpsAzureDevOps"; /** * The offering description. * NOTE: This property will not be serialized. It can only be populated by the server. @@ -2068,18 +2076,6 @@ export interface DefenderForServersAwsOfferingArcAutoProvisioning { enabled?: boolean; /** The cloud role ARN in AWS for this feature */ cloudRoleArn?: string; - /** Metadata of Service Principal secret for autoprovisioning */ - servicePrincipalSecretMetadata?: DefenderForServersAwsOfferingArcAutoProvisioningServicePrincipalSecretMetadata; -} - -/** Metadata of Service Principal secret for autoprovisioning */ -export interface DefenderForServersAwsOfferingArcAutoProvisioningServicePrincipalSecretMetadata { - /** expiration date of service principal secret */ - expiryDate?: string; - /** region of parameter store where secret is kept */ - parameterStoreRegion?: string; - /** name of secret resource in parameter store */ - parameterNameInStore?: string; } /** The Vulnerability Assessment autoprovisioning configuration */ @@ -2125,7 +2121,7 @@ export interface DefenderForServersAwsOfferingVmScannersConfiguration { /** The scanning mode for the vm scan. */ scanningMode?: ScanningMode; /** VM tags that indicates that VM should not be scanned */ - exclusionTags?: Record; + exclusionTags?: { [propertyName: string]: string }; } /** The ARC autoprovisioning configuration */ @@ -2134,18 +2130,14 @@ export interface DefenderFoDatabasesAwsOfferingArcAutoProvisioning { enabled?: boolean; /** The cloud role ARN in AWS for this feature */ cloudRoleArn?: string; - /** Metadata of Service Principal secret for autoprovisioning */ - servicePrincipalSecretMetadata?: DefenderFoDatabasesAwsOfferingArcAutoProvisioningServicePrincipalSecretMetadata; } -/** Metadata of Service Principal secret for autoprovisioning */ -export interface DefenderFoDatabasesAwsOfferingArcAutoProvisioningServicePrincipalSecretMetadata { - /** expiration date of service principal secret */ - expiryDate?: Date; - /** region of parameter store where secret is kept */ - parameterStoreRegion?: string; - /** name of secret resource in parameter store */ - parameterNameInStore?: string; +/** The RDS configuration */ +export interface DefenderFoDatabasesAwsOfferingRds { + /** Is RDS protection enabled */ + enabled?: boolean; + /** The cloud role ARN in AWS for this feature */ + cloudRoleArn?: string; } /** The native cloud connection configuration */ @@ -2174,16 +2166,6 @@ export interface DefenderForServersGcpOfferingDefenderForServers { export interface DefenderForServersGcpOfferingArcAutoProvisioning { /** Is arc auto provisioning enabled */ enabled?: boolean; - /** Configuration for ARC autoprovisioning */ - configuration?: DefenderForServersGcpOfferingArcAutoProvisioningConfiguration; -} - -/** Configuration for ARC autoprovisioning */ -export interface DefenderForServersGcpOfferingArcAutoProvisioningConfiguration { - /** The Azure service principal client id for agent onboarding */ - clientId?: string; - /** The agent onboarding service account numeric id */ - agentOnboardingServiceAccountNumericId?: string; } /** The Vulnerability Assessment autoprovisioning configuration */ @@ -2218,16 +2200,6 @@ export interface DefenderForServersGcpOfferingSubPlan { export interface DefenderForDatabasesGcpOfferingArcAutoProvisioning { /** Is arc auto provisioning enabled */ enabled?: boolean; - /** Configuration for ARC autoprovisioning */ - configuration?: DefenderForDatabasesGcpOfferingArcAutoProvisioningConfiguration; -} - -/** Configuration for ARC autoprovisioning */ -export interface DefenderForDatabasesGcpOfferingArcAutoProvisioningConfiguration { - /** The Azure service principal client id for agent onboarding */ - clientId?: string; - /** The agent onboarding service account numeric id */ - agentOnboardingServiceAccountNumericId?: string; } /** The native cloud connection configuration */ @@ -2254,6 +2226,24 @@ export interface DefenderForContainersGcpOfferingDataPipelineNativeCloudConnecti workloadIdentityProviderId?: string; } +/** The Microsoft Defender for Server VM scanning configuration */ +export interface DefenderCspmAwsOfferingVmScanners { + /** Is Microsoft Defender for Server VM scanning enabled */ + enabled?: boolean; + /** configuration for Microsoft Defender for Server VM scanning */ + configuration?: DefenderCspmAwsOfferingVmScannersConfiguration; +} + +/** configuration for Microsoft Defender for Server VM scanning */ +export interface DefenderCspmAwsOfferingVmScannersConfiguration { + /** The cloud role ARN in AWS for this feature */ + cloudRoleArn?: string; + /** The scanning mode for the vm scan. */ + scanningMode?: ScanningMode; + /** VM tags that indicates that VM should not be scanned */ + exclusionTags?: { [propertyName: string]: string }; +} + /** Governance rule's condition */ export interface Condition { /** The governance rule Condition's Property, e.g. Severity or AssessmentKey, see examples */ @@ -3832,6 +3822,8 @@ export interface DefenderFoDatabasesAwsOffering extends CloudOffering { offeringType: "DefenderForDatabasesAws"; /** The ARC autoprovisioning configuration */ arcAutoProvisioning?: DefenderFoDatabasesAwsOfferingArcAutoProvisioning; + /** The RDS configuration */ + rds?: DefenderFoDatabasesAwsOfferingRds; } /** The information protection for AWS offering */ @@ -3904,8 +3896,34 @@ export interface CspmMonitorAzureDevOpsOffering extends CloudOffering { offeringType: "CspmMonitorAzureDevOps"; } +/** The CSPM P1 for Aws offering */ +export interface DefenderCspmAwsOffering extends CloudOffering { + /** Polymorphic discriminator, which specifies the different types this object can be */ + offeringType: "DefenderCspmAws"; + /** The Microsoft Defender for Server VM scanning configuration */ + vmScanners?: DefenderCspmAwsOfferingVmScanners; +} + +/** The CSPM P1 for GCP offering */ +export interface DefenderCspmGcpOffering extends CloudOffering { + /** Polymorphic discriminator, which specifies the different types this object can be */ + offeringType: "DefenderCspmGcp"; +} + +/** The Defender for DevOps for Github offering */ +export interface DefenderForDevOpsGithubOffering extends CloudOffering { + /** Polymorphic discriminator, which specifies the different types this object can be */ + offeringType: "DefenderForDevOpsGithub"; +} + +/** The Defender for DevOps for Azure DevOps offering */ +export interface DefenderForDevOpsAzureDevOpsOffering extends CloudOffering { + /** Polymorphic discriminator, which specifies the different types this object can be */ + offeringType: "DefenderForDevOpsAzureDevOps"; +} + /** The aws connector environment data */ -export interface AWSEnvironmentData extends EnvironmentData { +export interface AwsEnvironmentData extends EnvironmentData { /** Polymorphic discriminator, which specifies the different types this object can be */ environmentType: "AwsAccount"; /** The AWS account's organizational data */ @@ -6406,7 +6424,15 @@ export enum KnownOfferingType { /** DefenderForContainersGcp */ DefenderForContainersGcp = "DefenderForContainersGcp", /** DefenderForDatabasesGcp */ - DefenderForDatabasesGcp = "DefenderForDatabasesGcp" + DefenderForDatabasesGcp = "DefenderForDatabasesGcp", + /** DefenderCspmAws */ + DefenderCspmAws = "DefenderCspmAws", + /** DefenderCspmGcp */ + DefenderCspmGcp = "DefenderCspmGcp", + /** DefenderForDevOpsGithub */ + DefenderForDevOpsGithub = "DefenderForDevOpsGithub", + /** DefenderForDevOpsAzureDevOps */ + DefenderForDevOpsAzureDevOps = "DefenderForDevOpsAzureDevOps" } /** @@ -6424,7 +6450,11 @@ export enum KnownOfferingType { * **CspmMonitorAzureDevOps** \ * **DefenderForServersGcp** \ * **DefenderForContainersGcp** \ - * **DefenderForDatabasesGcp** + * **DefenderForDatabasesGcp** \ + * **DefenderCspmAws** \ + * **DefenderCspmGcp** \ + * **DefenderForDevOpsGithub** \ + * **DefenderForDevOpsAzureDevOps** */ export type OfferingType = string; @@ -6669,6 +6699,8 @@ export type GovernanceRuleConditionOperator = string; export enum KnownApplicationConditionOperator { /** Checks that the string value of the data defined in Property contains the given value */ Contains = "Contains", + /** Checks that the string value of the data defined in Property equals the given value */ + Equals = "Equals", /** Checks that the string value of the data defined in Property equals any of the given values (exact fit) */ In = "In" } @@ -6679,6 +6711,7 @@ export enum KnownApplicationConditionOperator { * this enum contains the known values that the service supports. * ### Known values supported by the service * **Contains**: Checks that the string value of the data defined in Property contains the given value \ + * **Equals**: Checks that the string value of the data defined in Property equals the given value \ * **In**: Checks that the string value of the data defined in Property equals any of the given values (exact fit) */ export type ApplicationConditionOperator = string; diff --git a/sdk/security/arm-security/src/models/mappers.ts b/sdk/security/arm-security/src/models/mappers.ts index a95f3f2f349c..75aec6379647 100644 --- a/sdk/security/arm-security/src/models/mappers.ts +++ b/sdk/security/arm-security/src/models/mappers.ts @@ -5066,42 +5066,6 @@ export const DefenderForServersAwsOfferingArcAutoProvisioning: coreClient.Compos type: { name: "String" } - }, - servicePrincipalSecretMetadata: { - serializedName: "servicePrincipalSecretMetadata", - type: { - name: "Composite", - className: - "DefenderForServersAwsOfferingArcAutoProvisioningServicePrincipalSecretMetadata" - } - } - } - } -}; - -export const DefenderForServersAwsOfferingArcAutoProvisioningServicePrincipalSecretMetadata: coreClient.CompositeMapper = { - type: { - name: "Composite", - className: - "DefenderForServersAwsOfferingArcAutoProvisioningServicePrincipalSecretMetadata", - modelProperties: { - expiryDate: { - serializedName: "expiryDate", - type: { - name: "String" - } - }, - parameterStoreRegion: { - serializedName: "parameterStoreRegion", - type: { - name: "String" - } - }, - parameterNameInStore: { - serializedName: "parameterNameInStore", - type: { - name: "String" - } } } } @@ -5225,7 +5189,7 @@ export const DefenderForServersAwsOfferingVmScannersConfiguration: coreClient.Co serializedName: "exclusionTags", type: { name: "Dictionary", - value: { type: { name: "any" } } + value: { type: { name: "String" } } } } } @@ -5248,39 +5212,24 @@ export const DefenderFoDatabasesAwsOfferingArcAutoProvisioning: coreClient.Compo type: { name: "String" } - }, - servicePrincipalSecretMetadata: { - serializedName: "servicePrincipalSecretMetadata", - type: { - name: "Composite", - className: - "DefenderFoDatabasesAwsOfferingArcAutoProvisioningServicePrincipalSecretMetadata" - } } } } }; -export const DefenderFoDatabasesAwsOfferingArcAutoProvisioningServicePrincipalSecretMetadata: coreClient.CompositeMapper = { +export const DefenderFoDatabasesAwsOfferingRds: coreClient.CompositeMapper = { type: { name: "Composite", - className: - "DefenderFoDatabasesAwsOfferingArcAutoProvisioningServicePrincipalSecretMetadata", + className: "DefenderFoDatabasesAwsOfferingRds", modelProperties: { - expiryDate: { - serializedName: "expiryDate", - type: { - name: "DateTime" - } - }, - parameterStoreRegion: { - serializedName: "parameterStoreRegion", + enabled: { + serializedName: "enabled", type: { - name: "String" + name: "Boolean" } }, - parameterNameInStore: { - serializedName: "parameterNameInStore", + cloudRoleArn: { + serializedName: "cloudRoleArn", type: { name: "String" } @@ -5356,35 +5305,6 @@ export const DefenderForServersGcpOfferingArcAutoProvisioning: coreClient.Compos type: { name: "Boolean" } - }, - configuration: { - serializedName: "configuration", - type: { - name: "Composite", - className: - "DefenderForServersGcpOfferingArcAutoProvisioningConfiguration" - } - } - } - } -}; - -export const DefenderForServersGcpOfferingArcAutoProvisioningConfiguration: coreClient.CompositeMapper = { - type: { - name: "Composite", - className: "DefenderForServersGcpOfferingArcAutoProvisioningConfiguration", - modelProperties: { - clientId: { - serializedName: "clientId", - type: { - name: "String" - } - }, - agentOnboardingServiceAccountNumericId: { - serializedName: "agentOnboardingServiceAccountNumericId", - type: { - name: "String" - } } } } @@ -5475,33 +5395,25 @@ export const DefenderForDatabasesGcpOfferingArcAutoProvisioning: coreClient.Comp type: { name: "Boolean" } - }, - configuration: { - serializedName: "configuration", - type: { - name: "Composite", - className: - "DefenderForDatabasesGcpOfferingArcAutoProvisioningConfiguration" - } } } } }; -export const DefenderForDatabasesGcpOfferingArcAutoProvisioningConfiguration: coreClient.CompositeMapper = { +export const DefenderForDatabasesGcpOfferingDefenderForDatabasesArcAutoProvisioning: coreClient.CompositeMapper = { type: { name: "Composite", className: - "DefenderForDatabasesGcpOfferingArcAutoProvisioningConfiguration", + "DefenderForDatabasesGcpOfferingDefenderForDatabasesArcAutoProvisioning", modelProperties: { - clientId: { - serializedName: "clientId", + serviceAccountEmailAddress: { + serializedName: "serviceAccountEmailAddress", type: { name: "String" } }, - agentOnboardingServiceAccountNumericId: { - serializedName: "agentOnboardingServiceAccountNumericId", + workloadIdentityProviderId: { + serializedName: "workloadIdentityProviderId", type: { name: "String" } @@ -5510,11 +5422,10 @@ export const DefenderForDatabasesGcpOfferingArcAutoProvisioningConfiguration: co } }; -export const DefenderForDatabasesGcpOfferingDefenderForDatabasesArcAutoProvisioning: coreClient.CompositeMapper = { +export const DefenderForContainersGcpOfferingNativeCloudConnection: coreClient.CompositeMapper = { type: { name: "Composite", - className: - "DefenderForDatabasesGcpOfferingDefenderForDatabasesArcAutoProvisioning", + className: "DefenderForContainersGcpOfferingNativeCloudConnection", modelProperties: { serviceAccountEmailAddress: { serializedName: "serviceAccountEmailAddress", @@ -5532,10 +5443,11 @@ export const DefenderForDatabasesGcpOfferingDefenderForDatabasesArcAutoProvision } }; -export const DefenderForContainersGcpOfferingNativeCloudConnection: coreClient.CompositeMapper = { +export const DefenderForContainersGcpOfferingDataPipelineNativeCloudConnection: coreClient.CompositeMapper = { type: { name: "Composite", - className: "DefenderForContainersGcpOfferingNativeCloudConnection", + className: + "DefenderForContainersGcpOfferingDataPipelineNativeCloudConnection", modelProperties: { serviceAccountEmailAddress: { serializedName: "serviceAccountEmailAddress", @@ -5553,23 +5465,51 @@ export const DefenderForContainersGcpOfferingNativeCloudConnection: coreClient.C } }; -export const DefenderForContainersGcpOfferingDataPipelineNativeCloudConnection: coreClient.CompositeMapper = { +export const DefenderCspmAwsOfferingVmScanners: coreClient.CompositeMapper = { type: { name: "Composite", - className: - "DefenderForContainersGcpOfferingDataPipelineNativeCloudConnection", + className: "DefenderCspmAwsOfferingVmScanners", modelProperties: { - serviceAccountEmailAddress: { - serializedName: "serviceAccountEmailAddress", + enabled: { + serializedName: "enabled", + type: { + name: "Boolean" + } + }, + configuration: { + serializedName: "configuration", + type: { + name: "Composite", + className: "DefenderCspmAwsOfferingVmScannersConfiguration" + } + } + } + } +}; + +export const DefenderCspmAwsOfferingVmScannersConfiguration: coreClient.CompositeMapper = { + type: { + name: "Composite", + className: "DefenderCspmAwsOfferingVmScannersConfiguration", + modelProperties: { + cloudRoleArn: { + serializedName: "cloudRoleArn", type: { name: "String" } }, - workloadIdentityProviderId: { - serializedName: "workloadIdentityProviderId", + scanningMode: { + serializedName: "scanningMode", type: { name: "String" } + }, + exclusionTags: { + serializedName: "exclusionTags", + type: { + name: "Dictionary", + value: { type: { name: "String" } } + } } } } @@ -9287,6 +9227,13 @@ export const DefenderFoDatabasesAwsOffering: coreClient.CompositeMapper = { name: "Composite", className: "DefenderFoDatabasesAwsOfferingArcAutoProvisioning" } + }, + rds: { + serializedName: "rds", + type: { + name: "Composite", + className: "DefenderFoDatabasesAwsOfferingRds" + } } } } @@ -9480,11 +9427,70 @@ export const CspmMonitorAzureDevOpsOffering: coreClient.CompositeMapper = { } }; -export const AWSEnvironmentData: coreClient.CompositeMapper = { +export const DefenderCspmAwsOffering: coreClient.CompositeMapper = { + serializedName: "DefenderCspmAws", + type: { + name: "Composite", + className: "DefenderCspmAwsOffering", + uberParent: "CloudOffering", + polymorphicDiscriminator: CloudOffering.type.polymorphicDiscriminator, + modelProperties: { + ...CloudOffering.type.modelProperties, + vmScanners: { + serializedName: "vmScanners", + type: { + name: "Composite", + className: "DefenderCspmAwsOfferingVmScanners" + } + } + } + } +}; + +export const DefenderCspmGcpOffering: coreClient.CompositeMapper = { + serializedName: "DefenderCspmGcp", + type: { + name: "Composite", + className: "DefenderCspmGcpOffering", + uberParent: "CloudOffering", + polymorphicDiscriminator: CloudOffering.type.polymorphicDiscriminator, + modelProperties: { + ...CloudOffering.type.modelProperties + } + } +}; + +export const DefenderForDevOpsGithubOffering: coreClient.CompositeMapper = { + serializedName: "DefenderForDevOpsGithub", + type: { + name: "Composite", + className: "DefenderForDevOpsGithubOffering", + uberParent: "CloudOffering", + polymorphicDiscriminator: CloudOffering.type.polymorphicDiscriminator, + modelProperties: { + ...CloudOffering.type.modelProperties + } + } +}; + +export const DefenderForDevOpsAzureDevOpsOffering: coreClient.CompositeMapper = { + serializedName: "DefenderForDevOpsAzureDevOps", + type: { + name: "Composite", + className: "DefenderForDevOpsAzureDevOpsOffering", + uberParent: "CloudOffering", + polymorphicDiscriminator: CloudOffering.type.polymorphicDiscriminator, + modelProperties: { + ...CloudOffering.type.modelProperties + } + } +}; + +export const AwsEnvironmentData: coreClient.CompositeMapper = { serializedName: "AwsAccount", type: { name: "Composite", - className: "AWSEnvironmentData", + className: "AwsEnvironmentData", uberParent: "EnvironmentData", polymorphicDiscriminator: EnvironmentData.type.polymorphicDiscriminator, modelProperties: { @@ -10423,7 +10429,11 @@ export let discriminators = { "CloudOffering.DefenderForContainersGcp": DefenderForContainersGcpOffering, "CloudOffering.CspmMonitorGithub": CspmMonitorGithubOffering, "CloudOffering.CspmMonitorAzureDevOps": CspmMonitorAzureDevOpsOffering, - "EnvironmentData.AwsAccount": AWSEnvironmentData, + "CloudOffering.DefenderCspmAws": DefenderCspmAwsOffering, + "CloudOffering.DefenderCspmGcp": DefenderCspmGcpOffering, + "CloudOffering.DefenderForDevOpsGithub": DefenderForDevOpsGithubOffering, + "CloudOffering.DefenderForDevOpsAzureDevOps": DefenderForDevOpsAzureDevOpsOffering, + "EnvironmentData.AwsAccount": AwsEnvironmentData, "EnvironmentData.GcpProject": GcpProjectEnvironmentData, "EnvironmentData.GithubScope": GithubScopeEnvironmentData, "EnvironmentData.AzureDevOpsScope": AzureDevOpsScopeEnvironmentData, diff --git a/sdk/security/arm-security/src/models/parameters.ts b/sdk/security/arm-security/src/models/parameters.ts index d6a320eaa07d..19de7536275b 100644 --- a/sdk/security/arm-security/src/models/parameters.ts +++ b/sdk/security/arm-security/src/models/parameters.ts @@ -1093,7 +1093,7 @@ export const softwareName: OperationURLParameter = { export const apiVersion17: OperationQueryParameter = { parameterPath: "apiVersion", mapper: { - defaultValue: "2022-05-01-preview", + defaultValue: "2022-08-01-preview", isConstant: true, serializedName: "api-version", type: { diff --git a/sdk/security/arm-security/test/sampleTest.ts b/sdk/security/arm-security/test/sampleTest.ts new file mode 100644 index 000000000000..25aeb3ebcc36 --- /dev/null +++ b/sdk/security/arm-security/test/sampleTest.ts @@ -0,0 +1,43 @@ +/* + * Copyright (c) Microsoft Corporation. + * Licensed under the MIT License. + * + * Code generated by Microsoft (R) AutoRest Code Generator. + * Changes may cause incorrect behavior and will be lost if the code is regenerated. + */ + +import { + Recorder, + RecorderStartOptions, + env +} from "@azure-tools/test-recorder"; +import { assert } from "chai"; +import { Context } from "mocha"; + +const replaceableVariables: Record = { + AZURE_CLIENT_ID: "azure_client_id", + AZURE_CLIENT_SECRET: "azure_client_secret", + AZURE_TENANT_ID: "88888888-8888-8888-8888-888888888888", + SUBSCRIPTION_ID: "azure_subscription_id" +}; + +const recorderOptions: RecorderStartOptions = { + envSetupForPlayback: replaceableVariables +}; + +describe("My test", () => { + let recorder: Recorder; + + beforeEach(async function(this: Context) { + recorder = new Recorder(this.currentTest); + await recorder.start(recorderOptions); + }); + + afterEach(async function() { + await recorder.stop(); + }); + + it("sample test", async function() { + console.log("Hi, I'm a test!"); + }); +}); diff --git a/sdk/security/arm-security/tsconfig.json b/sdk/security/arm-security/tsconfig.json index 3f5144384125..3e6ae96443f3 100644 --- a/sdk/security/arm-security/tsconfig.json +++ b/sdk/security/arm-security/tsconfig.json @@ -15,17 +15,11 @@ ], "declaration": true, "outDir": "./dist-esm", - "importHelpers": true, - "paths": { - "@azure/arm-security": [ - "./src/index" - ] - } + "importHelpers": true }, "include": [ "./src/**/*.ts", - "./test/**/*.ts", - "samples-dev/**/*.ts" + "./test/**/*.ts" ], "exclude": [ "node_modules"