Skip to content
Permalink
Fetching contributors…
Cannot retrieve contributors at this time
8737 lines (7872 sloc) 300 KB
package security
// Copyright (c) Microsoft and contributors. All rights reserved.
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
//
// See the License for the specific language governing permissions and
// limitations under the License.
//
// Code generated by Microsoft (R) AutoRest Code Generator.
// Changes may cause incorrect behavior and will be lost if the code is regenerated.
import (
"context"
"encoding/json"
"github.com/Azure/go-autorest/autorest"
"github.com/Azure/go-autorest/autorest/azure"
"github.com/Azure/go-autorest/autorest/date"
"github.com/Azure/go-autorest/autorest/to"
"github.com/Azure/go-autorest/tracing"
"github.com/satori/go.uuid"
"net/http"
)
// The package's fully qualified name.
const fqdn = "github.com/Azure/azure-sdk-for-go/services/preview/security/mgmt/v2.0/security"
// AadConnectivityState enumerates the values for aad connectivity state.
type AadConnectivityState string
const (
// Connected ...
Connected AadConnectivityState = "Connected"
// Discovered ...
Discovered AadConnectivityState = "Discovered"
// NotLicensed ...
NotLicensed AadConnectivityState = "NotLicensed"
)
// PossibleAadConnectivityStateValues returns an array of possible values for the AadConnectivityState const type.
func PossibleAadConnectivityStateValues() []AadConnectivityState {
return []AadConnectivityState{Connected, Discovered, NotLicensed}
}
// Action enumerates the values for action.
type Action string
const (
// Add ...
Add Action = "Add"
// Recommended ...
Recommended Action = "Recommended"
// Remove ...
Remove Action = "Remove"
)
// PossibleActionValues returns an array of possible values for the Action const type.
func PossibleActionValues() []Action {
return []Action{Add, Recommended, Remove}
}
// AlertNotifications enumerates the values for alert notifications.
type AlertNotifications string
const (
// Off Don't get notifications on new alerts
Off AlertNotifications = "Off"
// On Get notifications on new alerts
On AlertNotifications = "On"
)
// PossibleAlertNotificationsValues returns an array of possible values for the AlertNotifications const type.
func PossibleAlertNotificationsValues() []AlertNotifications {
return []AlertNotifications{Off, On}
}
// AlertsToAdmins enumerates the values for alerts to admins.
type AlertsToAdmins string
const (
// AlertsToAdminsOff Don't send notification on new alerts to the subscription's admins
AlertsToAdminsOff AlertsToAdmins = "Off"
// AlertsToAdminsOn Send notification on new alerts to the subscription's admins
AlertsToAdminsOn AlertsToAdmins = "On"
)
// PossibleAlertsToAdminsValues returns an array of possible values for the AlertsToAdmins const type.
func PossibleAlertsToAdminsValues() []AlertsToAdmins {
return []AlertsToAdmins{AlertsToAdminsOff, AlertsToAdminsOn}
}
// AssessedResourceType enumerates the values for assessed resource type.
type AssessedResourceType string
const (
// AssessedResourceTypeAdditionalData ...
AssessedResourceTypeAdditionalData AssessedResourceType = "AdditionalData"
// AssessedResourceTypeContainerRegistryVulnerability ...
AssessedResourceTypeContainerRegistryVulnerability AssessedResourceType = "ContainerRegistryVulnerability"
// AssessedResourceTypeServerVulnerabilityAssessment ...
AssessedResourceTypeServerVulnerabilityAssessment AssessedResourceType = "ServerVulnerabilityAssessment"
// AssessedResourceTypeSQLServerVulnerability ...
AssessedResourceTypeSQLServerVulnerability AssessedResourceType = "SqlServerVulnerability"
)
// PossibleAssessedResourceTypeValues returns an array of possible values for the AssessedResourceType const type.
func PossibleAssessedResourceTypeValues() []AssessedResourceType {
return []AssessedResourceType{AssessedResourceTypeAdditionalData, AssessedResourceTypeContainerRegistryVulnerability, AssessedResourceTypeServerVulnerabilityAssessment, AssessedResourceTypeSQLServerVulnerability}
}
// AutoProvision enumerates the values for auto provision.
type AutoProvision string
const (
// AutoProvisionOff Do not install security agent on the VMs automatically
AutoProvisionOff AutoProvision = "Off"
// AutoProvisionOn Install missing security agent on VMs automatically
AutoProvisionOn AutoProvision = "On"
)
// PossibleAutoProvisionValues returns an array of possible values for the AutoProvision const type.
func PossibleAutoProvisionValues() []AutoProvision {
return []AutoProvision{AutoProvisionOff, AutoProvisionOn}
}
// ConfigurationStatus enumerates the values for configuration status.
type ConfigurationStatus string
const (
// Configured ...
Configured ConfigurationStatus = "Configured"
// Failed ...
Failed ConfigurationStatus = "Failed"
// InProgress ...
InProgress ConfigurationStatus = "InProgress"
// NoStatus ...
NoStatus ConfigurationStatus = "NoStatus"
// NotConfigured ...
NotConfigured ConfigurationStatus = "NotConfigured"
)
// PossibleConfigurationStatusValues returns an array of possible values for the ConfigurationStatus const type.
func PossibleConfigurationStatusValues() []ConfigurationStatus {
return []ConfigurationStatus{Configured, Failed, InProgress, NoStatus, NotConfigured}
}
// ConfigurationStatus1 enumerates the values for configuration status 1.
type ConfigurationStatus1 string
const (
// ConfigurationStatus1Configured ...
ConfigurationStatus1Configured ConfigurationStatus1 = "Configured"
// ConfigurationStatus1Failed ...
ConfigurationStatus1Failed ConfigurationStatus1 = "Failed"
// ConfigurationStatus1InProgress ...
ConfigurationStatus1InProgress ConfigurationStatus1 = "InProgress"
// ConfigurationStatus1NoStatus ...
ConfigurationStatus1NoStatus ConfigurationStatus1 = "NoStatus"
// ConfigurationStatus1NotConfigured ...
ConfigurationStatus1NotConfigured ConfigurationStatus1 = "NotConfigured"
)
// PossibleConfigurationStatus1Values returns an array of possible values for the ConfigurationStatus1 const type.
func PossibleConfigurationStatus1Values() []ConfigurationStatus1 {
return []ConfigurationStatus1{ConfigurationStatus1Configured, ConfigurationStatus1Failed, ConfigurationStatus1InProgress, ConfigurationStatus1NoStatus, ConfigurationStatus1NotConfigured}
}
// ConfigurationStatus2 enumerates the values for configuration status 2.
type ConfigurationStatus2 string
const (
// ConfigurationStatus2Configured ...
ConfigurationStatus2Configured ConfigurationStatus2 = "Configured"
// ConfigurationStatus2Failed ...
ConfigurationStatus2Failed ConfigurationStatus2 = "Failed"
// ConfigurationStatus2InProgress ...
ConfigurationStatus2InProgress ConfigurationStatus2 = "InProgress"
// ConfigurationStatus2NoStatus ...
ConfigurationStatus2NoStatus ConfigurationStatus2 = "NoStatus"
// ConfigurationStatus2NotConfigured ...
ConfigurationStatus2NotConfigured ConfigurationStatus2 = "NotConfigured"
)
// PossibleConfigurationStatus2Values returns an array of possible values for the ConfigurationStatus2 const type.
func PossibleConfigurationStatus2Values() []ConfigurationStatus2 {
return []ConfigurationStatus2{ConfigurationStatus2Configured, ConfigurationStatus2Failed, ConfigurationStatus2InProgress, ConfigurationStatus2NoStatus, ConfigurationStatus2NotConfigured}
}
// ConnectionType enumerates the values for connection type.
type ConnectionType string
const (
// External ...
External ConnectionType = "External"
// Internal ...
Internal ConnectionType = "Internal"
)
// PossibleConnectionTypeValues returns an array of possible values for the ConnectionType const type.
func PossibleConnectionTypeValues() []ConnectionType {
return []ConnectionType{External, Internal}
}
// DataSource enumerates the values for data source.
type DataSource string
const (
// TwinData Devices twin data
TwinData DataSource = "TwinData"
)
// PossibleDataSourceValues returns an array of possible values for the DataSource const type.
func PossibleDataSourceValues() []DataSource {
return []DataSource{TwinData}
}
// Direction enumerates the values for direction.
type Direction string
const (
// Inbound ...
Inbound Direction = "Inbound"
// Outbound ...
Outbound Direction = "Outbound"
)
// PossibleDirectionValues returns an array of possible values for the Direction const type.
func PossibleDirectionValues() []Direction {
return []Direction{Inbound, Outbound}
}
// EnforcementMode enumerates the values for enforcement mode.
type EnforcementMode string
const (
// Audit ...
Audit EnforcementMode = "Audit"
// Enforce ...
Enforce EnforcementMode = "Enforce"
// None ...
None EnforcementMode = "None"
)
// PossibleEnforcementModeValues returns an array of possible values for the EnforcementMode const type.
func PossibleEnforcementModeValues() []EnforcementMode {
return []EnforcementMode{Audit, Enforce, None}
}
// EnforcementMode1 enumerates the values for enforcement mode 1.
type EnforcementMode1 string
const (
// EnforcementMode1Audit ...
EnforcementMode1Audit EnforcementMode1 = "Audit"
// EnforcementMode1Enforce ...
EnforcementMode1Enforce EnforcementMode1 = "Enforce"
// EnforcementMode1None ...
EnforcementMode1None EnforcementMode1 = "None"
)
// PossibleEnforcementMode1Values returns an array of possible values for the EnforcementMode1 const type.
func PossibleEnforcementMode1Values() []EnforcementMode1 {
return []EnforcementMode1{EnforcementMode1Audit, EnforcementMode1Enforce, EnforcementMode1None}
}
// Exe enumerates the values for exe.
type Exe string
const (
// ExeAudit ...
ExeAudit Exe = "Audit"
// ExeEnforce ...
ExeEnforce Exe = "Enforce"
// ExeNone ...
ExeNone Exe = "None"
)
// PossibleExeValues returns an array of possible values for the Exe const type.
func PossibleExeValues() []Exe {
return []Exe{ExeAudit, ExeEnforce, ExeNone}
}
// Executable enumerates the values for executable.
type Executable string
const (
// ExecutableAudit ...
ExecutableAudit Executable = "Audit"
// ExecutableEnforce ...
ExecutableEnforce Executable = "Enforce"
// ExecutableNone ...
ExecutableNone Executable = "None"
)
// PossibleExecutableValues returns an array of possible values for the Executable const type.
func PossibleExecutableValues() []Executable {
return []Executable{ExecutableAudit, ExecutableEnforce, ExecutableNone}
}
// ExportData enumerates the values for export data.
type ExportData string
const (
// RawEvents Agent raw events
RawEvents ExportData = "RawEvents"
)
// PossibleExportDataValues returns an array of possible values for the ExportData const type.
func PossibleExportDataValues() []ExportData {
return []ExportData{RawEvents}
}
// ExternalSecuritySolutionKind enumerates the values for external security solution kind.
type ExternalSecuritySolutionKind string
const (
// AAD ...
AAD ExternalSecuritySolutionKind = "AAD"
// ATA ...
ATA ExternalSecuritySolutionKind = "ATA"
// CEF ...
CEF ExternalSecuritySolutionKind = "CEF"
)
// PossibleExternalSecuritySolutionKindValues returns an array of possible values for the ExternalSecuritySolutionKind const type.
func PossibleExternalSecuritySolutionKindValues() []ExternalSecuritySolutionKind {
return []ExternalSecuritySolutionKind{AAD, ATA, CEF}
}
// Family enumerates the values for family.
type Family string
const (
// Ngfw ...
Ngfw Family = "Ngfw"
// SaasWaf ...
SaasWaf Family = "SaasWaf"
// Va ...
Va Family = "Va"
// Waf ...
Waf Family = "Waf"
)
// PossibleFamilyValues returns an array of possible values for the Family const type.
func PossibleFamilyValues() []Family {
return []Family{Ngfw, SaasWaf, Va, Waf}
}
// FileType enumerates the values for file type.
type FileType string
const (
// FileTypeDll ...
FileTypeDll FileType = "Dll"
// FileTypeExe ...
FileTypeExe FileType = "Exe"
// FileTypeExecutable ...
FileTypeExecutable FileType = "Executable"
// FileTypeMsi ...
FileTypeMsi FileType = "Msi"
// FileTypeScript ...
FileTypeScript FileType = "Script"
// FileTypeUnknown ...
FileTypeUnknown FileType = "Unknown"
)
// PossibleFileTypeValues returns an array of possible values for the FileType const type.
func PossibleFileTypeValues() []FileType {
return []FileType{FileTypeDll, FileTypeExe, FileTypeExecutable, FileTypeMsi, FileTypeScript, FileTypeUnknown}
}
// Issue enumerates the values for issue.
type Issue string
const (
// ExecutableViolationsAudited ...
ExecutableViolationsAudited Issue = "ExecutableViolationsAudited"
// MsiAndScriptViolationsAudited ...
MsiAndScriptViolationsAudited Issue = "MsiAndScriptViolationsAudited"
// MsiAndScriptViolationsBlocked ...
MsiAndScriptViolationsBlocked Issue = "MsiAndScriptViolationsBlocked"
// RulesViolatedManually ...
RulesViolatedManually Issue = "RulesViolatedManually"
// ViolationsAudited ...
ViolationsAudited Issue = "ViolationsAudited"
// ViolationsBlocked ...
ViolationsBlocked Issue = "ViolationsBlocked"
)
// PossibleIssueValues returns an array of possible values for the Issue const type.
func PossibleIssueValues() []Issue {
return []Issue{ExecutableViolationsAudited, MsiAndScriptViolationsAudited, MsiAndScriptViolationsBlocked, RulesViolatedManually, ViolationsAudited, ViolationsBlocked}
}
// KindEnum enumerates the values for kind enum.
type KindEnum string
const (
// KindAAD ...
KindAAD KindEnum = "AAD"
// KindATA ...
KindATA KindEnum = "ATA"
// KindCEF ...
KindCEF KindEnum = "CEF"
// KindExternalSecuritySolution ...
KindExternalSecuritySolution KindEnum = "ExternalSecuritySolution"
)
// PossibleKindEnumValues returns an array of possible values for the KindEnum const type.
func PossibleKindEnumValues() []KindEnum {
return []KindEnum{KindAAD, KindATA, KindCEF, KindExternalSecuritySolution}
}
// Msi enumerates the values for msi.
type Msi string
const (
// MsiAudit ...
MsiAudit Msi = "Audit"
// MsiEnforce ...
MsiEnforce Msi = "Enforce"
// MsiNone ...
MsiNone Msi = "None"
)
// PossibleMsiValues returns an array of possible values for the Msi const type.
func PossibleMsiValues() []Msi {
return []Msi{MsiAudit, MsiEnforce, MsiNone}
}
// PricingTier enumerates the values for pricing tier.
type PricingTier string
const (
// Free Get free Azure security center experience with basic security features
Free PricingTier = "Free"
// Standard Get the standard Azure security center experience with advanced security features
Standard PricingTier = "Standard"
)
// PossiblePricingTierValues returns an array of possible values for the PricingTier const type.
func PossiblePricingTierValues() []PricingTier {
return []PricingTier{Free, Standard}
}
// Protocol enumerates the values for protocol.
type Protocol string
const (
// All ...
All Protocol = "*"
// TCP ...
TCP Protocol = "TCP"
// UDP ...
UDP Protocol = "UDP"
)
// PossibleProtocolValues returns an array of possible values for the Protocol const type.
func PossibleProtocolValues() []Protocol {
return []Protocol{All, TCP, UDP}
}
// RecommendationAction enumerates the values for recommendation action.
type RecommendationAction string
const (
// RecommendationActionAdd ...
RecommendationActionAdd RecommendationAction = "Add"
// RecommendationActionRecommended ...
RecommendationActionRecommended RecommendationAction = "Recommended"
// RecommendationActionRemove ...
RecommendationActionRemove RecommendationAction = "Remove"
)
// PossibleRecommendationActionValues returns an array of possible values for the RecommendationAction const type.
func PossibleRecommendationActionValues() []RecommendationAction {
return []RecommendationAction{RecommendationActionAdd, RecommendationActionRecommended, RecommendationActionRemove}
}
// RecommendationAction1 enumerates the values for recommendation action 1.
type RecommendationAction1 string
const (
// RecommendationAction1Add ...
RecommendationAction1Add RecommendationAction1 = "Add"
// RecommendationAction1Recommended ...
RecommendationAction1Recommended RecommendationAction1 = "Recommended"
// RecommendationAction1Remove ...
RecommendationAction1Remove RecommendationAction1 = "Remove"
)
// PossibleRecommendationAction1Values returns an array of possible values for the RecommendationAction1 const type.
func PossibleRecommendationAction1Values() []RecommendationAction1 {
return []RecommendationAction1{RecommendationAction1Add, RecommendationAction1Recommended, RecommendationAction1Remove}
}
// RecommendationConfigStatus enumerates the values for recommendation config status.
type RecommendationConfigStatus string
const (
// Disabled ...
Disabled RecommendationConfigStatus = "Disabled"
// Enabled ...
Enabled RecommendationConfigStatus = "Enabled"
)
// PossibleRecommendationConfigStatusValues returns an array of possible values for the RecommendationConfigStatus const type.
func PossibleRecommendationConfigStatusValues() []RecommendationConfigStatus {
return []RecommendationConfigStatus{Disabled, Enabled}
}
// RecommendationStatus enumerates the values for recommendation status.
type RecommendationStatus string
const (
// RecommendationStatusNoStatus ...
RecommendationStatusNoStatus RecommendationStatus = "NoStatus"
// RecommendationStatusNotAvailable ...
RecommendationStatusNotAvailable RecommendationStatus = "NotAvailable"
// RecommendationStatusNotRecommended ...
RecommendationStatusNotRecommended RecommendationStatus = "NotRecommended"
// RecommendationStatusRecommended ...
RecommendationStatusRecommended RecommendationStatus = "Recommended"
)
// PossibleRecommendationStatusValues returns an array of possible values for the RecommendationStatus const type.
func PossibleRecommendationStatusValues() []RecommendationStatus {
return []RecommendationStatus{RecommendationStatusNoStatus, RecommendationStatusNotAvailable, RecommendationStatusNotRecommended, RecommendationStatusRecommended}
}
// RecommendationType enumerates the values for recommendation type.
type RecommendationType string
const (
// IoTACRAuthentication Authentication schema used for pull an edge module from an ACR repository does not
// use Service Principal Authentication.
IoTACRAuthentication RecommendationType = "IoT_ACRAuthentication"
// IoTAgentSendsUnutilizedMessages IoT agent message size capacity is currently underutilized, causing an
// increase in the number of sent messages. Adjust message intervals for better utilization.
IoTAgentSendsUnutilizedMessages RecommendationType = "IoT_AgentSendsUnutilizedMessages"
// IoTBaseline Identified security related system configuration issues.
IoTBaseline RecommendationType = "IoT_Baseline"
// IoTEdgeHubMemOptimize You can optimize Edge Hub memory usage by turning off protocol heads for any
// protocols not used by Edge modules in your solution.
IoTEdgeHubMemOptimize RecommendationType = "IoT_EdgeHubMemOptimize"
// IoTEdgeLoggingOptions Logging is disabled for this edge module.
IoTEdgeLoggingOptions RecommendationType = "IoT_EdgeLoggingOptions"
// IoTInconsistentModuleSettings A minority within a device security group has inconsistent Edge Module
// settings with the rest of their group.
IoTInconsistentModuleSettings RecommendationType = "IoT_InconsistentModuleSettings"
// IoTInstallAgent Install the Azure Security of Things Agent.
IoTInstallAgent RecommendationType = "IoT_InstallAgent"
// IoTIPFilterDenyAll IP Filter Configuration should have rules defined for allowed traffic and should deny
// all other traffic by default.
IoTIPFilterDenyAll RecommendationType = "IoT_IPFilter_DenyAll"
// IoTIPFilterPermissiveRule An Allow IP Filter rules source IP range is too large. Overly permissive rules
// might expose your IoT hub to malicious intenders.
IoTIPFilterPermissiveRule RecommendationType = "IoT_IPFilter_PermissiveRule"
// IoTOpenPorts A listening endpoint was found on the device.
IoTOpenPorts RecommendationType = "IoT_OpenPorts"
// IoTPermissiveFirewallPolicy An Allowed firewall policy was found (INPUT/OUTPUT). The policy should Deny
// all traffic by default and define rules to allow necessary communication to/from the device.
IoTPermissiveFirewallPolicy RecommendationType = "IoT_PermissiveFirewallPolicy"
// IoTPermissiveInputFirewallRules A rule in the firewall has been found that contains a permissive pattern
// for a wide range of IP addresses or Ports.
IoTPermissiveInputFirewallRules RecommendationType = "IoT_PermissiveInputFirewallRules"
// IoTPermissiveOutputFirewallRules A rule in the firewall has been found that contains a permissive
// pattern for a wide range of IP addresses or Ports.
IoTPermissiveOutputFirewallRules RecommendationType = "IoT_PermissiveOutputFirewallRules"
// IoTPrivilegedDockerOptions Edge module is configured to run in privileged mode, with extensive Linux
// capabilities or with host-level network access (send/receive data to host machine).
IoTPrivilegedDockerOptions RecommendationType = "IoT_PrivilegedDockerOptions"
// IoTSharedCredentials Same authentication credentials to the IoT Hub used by multiple devices. This could
// indicate an illegitimate device impersonating a legitimate device. It also exposes the risk of device
// impersonation by an attacker.
IoTSharedCredentials RecommendationType = "IoT_SharedCredentials"
// IoTVulnerableTLSCipherSuite Insecure TLS configurations detected. Immediate upgrade recommended.
IoTVulnerableTLSCipherSuite RecommendationType = "IoT_VulnerableTLSCipherSuite"
)
// PossibleRecommendationTypeValues returns an array of possible values for the RecommendationType const type.
func PossibleRecommendationTypeValues() []RecommendationType {
return []RecommendationType{IoTACRAuthentication, IoTAgentSendsUnutilizedMessages, IoTBaseline, IoTEdgeHubMemOptimize, IoTEdgeLoggingOptions, IoTInconsistentModuleSettings, IoTInstallAgent, IoTIPFilterDenyAll, IoTIPFilterPermissiveRule, IoTOpenPorts, IoTPermissiveFirewallPolicy, IoTPermissiveInputFirewallRules, IoTPermissiveOutputFirewallRules, IoTPrivilegedDockerOptions, IoTSharedCredentials, IoTVulnerableTLSCipherSuite}
}
// ReportedSeverity enumerates the values for reported severity.
type ReportedSeverity string
const (
// High ...
High ReportedSeverity = "High"
// Informational ...
Informational ReportedSeverity = "Informational"
// Low ...
Low ReportedSeverity = "Low"
// Medium ...
Medium ReportedSeverity = "Medium"
)
// PossibleReportedSeverityValues returns an array of possible values for the ReportedSeverity const type.
func PossibleReportedSeverityValues() []ReportedSeverity {
return []ReportedSeverity{High, Informational, Low, Medium}
}
// Script enumerates the values for script.
type Script string
const (
// ScriptAudit ...
ScriptAudit Script = "Audit"
// ScriptEnforce ...
ScriptEnforce Script = "Enforce"
// ScriptNone ...
ScriptNone Script = "None"
)
// PossibleScriptValues returns an array of possible values for the Script const type.
func PossibleScriptValues() []Script {
return []Script{ScriptAudit, ScriptEnforce, ScriptNone}
}
// SettingKind enumerates the values for setting kind.
type SettingKind string
const (
// SettingKindAlertSuppressionSetting ...
SettingKindAlertSuppressionSetting SettingKind = "AlertSuppressionSetting"
// SettingKindDataExportSetting ...
SettingKindDataExportSetting SettingKind = "DataExportSetting"
)
// PossibleSettingKindValues returns an array of possible values for the SettingKind const type.
func PossibleSettingKindValues() []SettingKind {
return []SettingKind{SettingKindAlertSuppressionSetting, SettingKindDataExportSetting}
}
// Severity enumerates the values for severity.
type Severity string
const (
// SeverityHigh ...
SeverityHigh Severity = "High"
// SeverityLow ...
SeverityLow Severity = "Low"
// SeverityMedium ...
SeverityMedium Severity = "Medium"
)
// PossibleSeverityValues returns an array of possible values for the Severity const type.
func PossibleSeverityValues() []Severity {
return []Severity{SeverityHigh, SeverityLow, SeverityMedium}
}
// SolutionStatus enumerates the values for solution status.
type SolutionStatus string
const (
// SolutionStatusDisabled ...
SolutionStatusDisabled SolutionStatus = "Disabled"
// SolutionStatusEnabled ...
SolutionStatusEnabled SolutionStatus = "Enabled"
)
// PossibleSolutionStatusValues returns an array of possible values for the SolutionStatus const type.
func PossibleSolutionStatusValues() []SolutionStatus {
return []SolutionStatus{SolutionStatusDisabled, SolutionStatusEnabled}
}
// Source enumerates the values for source.
type Source string
const (
// SourceAws ...
SourceAws Source = "Aws"
// SourceAzure ...
SourceAzure Source = "Azure"
// SourceResourceDetails ...
SourceResourceDetails Source = "ResourceDetails"
)
// PossibleSourceValues returns an array of possible values for the Source const type.
func PossibleSourceValues() []Source {
return []Source{SourceAws, SourceAzure, SourceResourceDetails}
}
// SourceSystem enumerates the values for source system.
type SourceSystem string
const (
// SourceSystemAzureAppLocker ...
SourceSystemAzureAppLocker SourceSystem = "Azure_AppLocker"
// SourceSystemAzureAuditD ...
SourceSystemAzureAuditD SourceSystem = "Azure_AuditD"
// SourceSystemNonAzureAppLocker ...
SourceSystemNonAzureAppLocker SourceSystem = "NonAzure_AppLocker"
// SourceSystemNonAzureAuditD ...
SourceSystemNonAzureAuditD SourceSystem = "NonAzure_AuditD"
// SourceSystemNone ...
SourceSystemNone SourceSystem = "None"
)
// PossibleSourceSystemValues returns an array of possible values for the SourceSystem const type.
func PossibleSourceSystemValues() []SourceSystem {
return []SourceSystem{SourceSystemAzureAppLocker, SourceSystemAzureAuditD, SourceSystemNonAzureAppLocker, SourceSystemNonAzureAuditD, SourceSystemNone}
}
// State enumerates the values for state.
type State string
const (
// StateFailed At least one supported regulatory compliance control in the given standard has a state of
// failed
StateFailed State = "Failed"
// StatePassed All supported regulatory compliance controls in the given standard have a passed state
StatePassed State = "Passed"
// StateSkipped All supported regulatory compliance controls in the given standard have a state of skipped
StateSkipped State = "Skipped"
// StateUnsupported No supported regulatory compliance data for the given standard
StateUnsupported State = "Unsupported"
)
// PossibleStateValues returns an array of possible values for the State const type.
func PossibleStateValues() []State {
return []State{StateFailed, StatePassed, StateSkipped, StateUnsupported}
}
// Status enumerates the values for status.
type Status string
const (
// Initiated ...
Initiated Status = "Initiated"
// Revoked ...
Revoked Status = "Revoked"
)
// PossibleStatusValues returns an array of possible values for the Status const type.
func PossibleStatusValues() []Status {
return []Status{Initiated, Revoked}
}
// StatusReason enumerates the values for status reason.
type StatusReason string
const (
// Expired ...
Expired StatusReason = "Expired"
// NewerRequestInitiated ...
NewerRequestInitiated StatusReason = "NewerRequestInitiated"
// UserRequested ...
UserRequested StatusReason = "UserRequested"
)
// PossibleStatusReasonValues returns an array of possible values for the StatusReason const type.
func PossibleStatusReasonValues() []StatusReason {
return []StatusReason{Expired, NewerRequestInitiated, UserRequested}
}
// SubAssessmentStatusCode enumerates the values for sub assessment status code.
type SubAssessmentStatusCode string
const (
// Healthy The resource is healthy
Healthy SubAssessmentStatusCode = "Healthy"
// NotApplicable Assessment for this resource did not happen
NotApplicable SubAssessmentStatusCode = "NotApplicable"
// Unhealthy The resource has a security issue that needs to be addressed
Unhealthy SubAssessmentStatusCode = "Unhealthy"
)
// PossibleSubAssessmentStatusCodeValues returns an array of possible values for the SubAssessmentStatusCode const type.
func PossibleSubAssessmentStatusCodeValues() []SubAssessmentStatusCode {
return []SubAssessmentStatusCode{Healthy, NotApplicable, Unhealthy}
}
// TransportProtocol enumerates the values for transport protocol.
type TransportProtocol string
const (
// TransportProtocolTCP ...
TransportProtocolTCP TransportProtocol = "TCP"
// TransportProtocolUDP ...
TransportProtocolUDP TransportProtocol = "UDP"
)
// PossibleTransportProtocolValues returns an array of possible values for the TransportProtocol const type.
func PossibleTransportProtocolValues() []TransportProtocol {
return []TransportProtocol{TransportProtocolTCP, TransportProtocolUDP}
}
// Type enumerates the values for type.
type Type string
const (
// BinarySignature ...
BinarySignature Type = "BinarySignature"
// File ...
File Type = "File"
// FileHash ...
FileHash Type = "FileHash"
// ProductSignature ...
ProductSignature Type = "ProductSignature"
// PublisherSignature ...
PublisherSignature Type = "PublisherSignature"
// VersionAndAboveSignature ...
VersionAndAboveSignature Type = "VersionAndAboveSignature"
)
// PossibleTypeValues returns an array of possible values for the Type const type.
func PossibleTypeValues() []Type {
return []Type{BinarySignature, File, FileHash, ProductSignature, PublisherSignature, VersionAndAboveSignature}
}
// ValueType enumerates the values for value type.
type ValueType string
const (
// IPCidr An IP range in CIDR format (e.g. '192.168.0.1/8').
IPCidr ValueType = "IpCidr"
// String Any string value.
String ValueType = "String"
)
// PossibleValueTypeValues returns an array of possible values for the ValueType const type.
func PossibleValueTypeValues() []ValueType {
return []ValueType{IPCidr, String}
}
// AadConnectivityState1 describes an Azure resource with kind
type AadConnectivityState1 struct {
// ConnectivityState - Possible values include: 'Discovered', 'NotLicensed', 'Connected'
ConnectivityState AadConnectivityState `json:"connectivityState,omitempty"`
}
// AadExternalSecuritySolution represents an AAD identity protection solution which sends logs to an OMS
// workspace.
type AadExternalSecuritySolution struct {
Properties *AadSolutionProperties `json:"properties,omitempty"`
// ID - READ-ONLY; Resource Id
ID *string `json:"id,omitempty"`
// Name - READ-ONLY; Resource name
Name *string `json:"name,omitempty"`
// Type - READ-ONLY; Resource type
Type *string `json:"type,omitempty"`
// Location - READ-ONLY; Location where the resource is stored
Location *string `json:"location,omitempty"`
// Kind - Possible values include: 'KindExternalSecuritySolution', 'KindCEF', 'KindATA', 'KindAAD'
Kind KindEnum `json:"kind,omitempty"`
}
// MarshalJSON is the custom marshaler for AadExternalSecuritySolution.
func (aess AadExternalSecuritySolution) MarshalJSON() ([]byte, error) {
aess.Kind = KindAAD
objectMap := make(map[string]interface{})
if aess.Properties != nil {
objectMap["properties"] = aess.Properties
}
if aess.Kind != "" {
objectMap["kind"] = aess.Kind
}
return json.Marshal(objectMap)
}
// AsCefExternalSecuritySolution is the BasicExternalSecuritySolution implementation for AadExternalSecuritySolution.
func (aess AadExternalSecuritySolution) AsCefExternalSecuritySolution() (*CefExternalSecuritySolution, bool) {
return nil, false
}
// AsAtaExternalSecuritySolution is the BasicExternalSecuritySolution implementation for AadExternalSecuritySolution.
func (aess AadExternalSecuritySolution) AsAtaExternalSecuritySolution() (*AtaExternalSecuritySolution, bool) {
return nil, false
}
// AsAadExternalSecuritySolution is the BasicExternalSecuritySolution implementation for AadExternalSecuritySolution.
func (aess AadExternalSecuritySolution) AsAadExternalSecuritySolution() (*AadExternalSecuritySolution, bool) {
return &aess, true
}
// AsExternalSecuritySolution is the BasicExternalSecuritySolution implementation for AadExternalSecuritySolution.
func (aess AadExternalSecuritySolution) AsExternalSecuritySolution() (*ExternalSecuritySolution, bool) {
return nil, false
}
// AsBasicExternalSecuritySolution is the BasicExternalSecuritySolution implementation for AadExternalSecuritySolution.
func (aess AadExternalSecuritySolution) AsBasicExternalSecuritySolution() (BasicExternalSecuritySolution, bool) {
return &aess, true
}
// AadSolutionProperties ...
type AadSolutionProperties struct {
DeviceVendor *string `json:"deviceVendor,omitempty"`
DeviceType *string `json:"deviceType,omitempty"`
Workspace *ConnectedWorkspace `json:"workspace,omitempty"`
// ConnectivityState - Possible values include: 'Discovered', 'NotLicensed', 'Connected'
ConnectivityState AadConnectivityState `json:"connectivityState,omitempty"`
}
// AdaptiveNetworkHardening the resource whose properties describes the Adaptive Network Hardening settings
// for some Azure resource
type AdaptiveNetworkHardening struct {
autorest.Response `json:"-"`
// AdaptiveNetworkHardeningProperties - Properties of the Adaptive Network Hardening resource
*AdaptiveNetworkHardeningProperties `json:"properties,omitempty"`
// ID - READ-ONLY; Resource Id
ID *string `json:"id,omitempty"`
// Name - READ-ONLY; Resource name
Name *string `json:"name,omitempty"`
// Type - READ-ONLY; Resource type
Type *string `json:"type,omitempty"`
}
// MarshalJSON is the custom marshaler for AdaptiveNetworkHardening.
func (anh AdaptiveNetworkHardening) MarshalJSON() ([]byte, error) {
objectMap := make(map[string]interface{})
if anh.AdaptiveNetworkHardeningProperties != nil {
objectMap["properties"] = anh.AdaptiveNetworkHardeningProperties
}
return json.Marshal(objectMap)
}
// UnmarshalJSON is the custom unmarshaler for AdaptiveNetworkHardening struct.
func (anh *AdaptiveNetworkHardening) UnmarshalJSON(body []byte) error {
var m map[string]*json.RawMessage
err := json.Unmarshal(body, &m)
if err != nil {
return err
}
for k, v := range m {
switch k {
case "properties":
if v != nil {
var adaptiveNetworkHardeningProperties AdaptiveNetworkHardeningProperties
err = json.Unmarshal(*v, &adaptiveNetworkHardeningProperties)
if err != nil {
return err
}
anh.AdaptiveNetworkHardeningProperties = &adaptiveNetworkHardeningProperties
}
case "id":
if v != nil {
var ID string
err = json.Unmarshal(*v, &ID)
if err != nil {
return err
}
anh.ID = &ID
}
case "name":
if v != nil {
var name string
err = json.Unmarshal(*v, &name)
if err != nil {
return err
}
anh.Name = &name
}
case "type":
if v != nil {
var typeVar string
err = json.Unmarshal(*v, &typeVar)
if err != nil {
return err
}
anh.Type = &typeVar
}
}
}
return nil
}
// AdaptiveNetworkHardeningEnforceRequest ...
type AdaptiveNetworkHardeningEnforceRequest struct {
// Rules - The rules to enforce
Rules *[]Rule `json:"rules,omitempty"`
// NetworkSecurityGroups - The Azure resource IDs of the effective network security groups that will be updated with the created security rules from the Adaptive Network Hardening rules
NetworkSecurityGroups *[]string `json:"networkSecurityGroups,omitempty"`
}
// AdaptiveNetworkHardeningProperties adaptive Network Hardening resource properties
type AdaptiveNetworkHardeningProperties struct {
// Rules - The security rules which are recommended to be effective on the VM
Rules *[]Rule `json:"rules,omitempty"`
// RulesCalculationTime - The UTC time on which the rules were calculated
RulesCalculationTime *date.Time `json:"rulesCalculationTime,omitempty"`
// EffectiveNetworkSecurityGroups - The Network Security Groups effective on the network interfaces of the protected resource
EffectiveNetworkSecurityGroups *[]EffectiveNetworkSecurityGroups `json:"effectiveNetworkSecurityGroups,omitempty"`
}
// AdaptiveNetworkHardeningsEnforceFuture an abstraction for monitoring and retrieving the results of a
// long-running operation.
type AdaptiveNetworkHardeningsEnforceFuture struct {
azure.Future
}
// Result returns the result of the asynchronous operation.
// If the operation has not completed it will return an error.
func (future *AdaptiveNetworkHardeningsEnforceFuture) Result(client AdaptiveNetworkHardeningsClient) (ar autorest.Response, err error) {
var done bool
done, err = future.DoneWithContext(context.Background(), client)
if err != nil {
err = autorest.NewErrorWithError(err, "security.AdaptiveNetworkHardeningsEnforceFuture", "Result", future.Response(), "Polling failure")
return
}
if !done {
err = azure.NewAsyncOpIncompleteError("security.AdaptiveNetworkHardeningsEnforceFuture")
return
}
ar.Response = future.Response()
return
}
// AdaptiveNetworkHardeningsList response for ListAdaptiveNetworkHardenings API service call
type AdaptiveNetworkHardeningsList struct {
autorest.Response `json:"-"`
// Value - A list of Adaptive Network Hardenings resources
Value *[]AdaptiveNetworkHardening `json:"value,omitempty"`
// NextLink - The URL to get the next set of results
NextLink *string `json:"nextLink,omitempty"`
}
// AdaptiveNetworkHardeningsListIterator provides access to a complete listing of AdaptiveNetworkHardening
// values.
type AdaptiveNetworkHardeningsListIterator struct {
i int
page AdaptiveNetworkHardeningsListPage
}
// NextWithContext advances to the next value. If there was an error making
// the request the iterator does not advance and the error is returned.
func (iter *AdaptiveNetworkHardeningsListIterator) NextWithContext(ctx context.Context) (err error) {
if tracing.IsEnabled() {
ctx = tracing.StartSpan(ctx, fqdn+"/AdaptiveNetworkHardeningsListIterator.NextWithContext")
defer func() {
sc := -1
if iter.Response().Response.Response != nil {
sc = iter.Response().Response.Response.StatusCode
}
tracing.EndSpan(ctx, sc, err)
}()
}
iter.i++
if iter.i < len(iter.page.Values()) {
return nil
}
err = iter.page.NextWithContext(ctx)
if err != nil {
iter.i--
return err
}
iter.i = 0
return nil
}
// Next advances to the next value. If there was an error making
// the request the iterator does not advance and the error is returned.
// Deprecated: Use NextWithContext() instead.
func (iter *AdaptiveNetworkHardeningsListIterator) Next() error {
return iter.NextWithContext(context.Background())
}
// NotDone returns true if the enumeration should be started or is not yet complete.
func (iter AdaptiveNetworkHardeningsListIterator) NotDone() bool {
return iter.page.NotDone() && iter.i < len(iter.page.Values())
}
// Response returns the raw server response from the last page request.
func (iter AdaptiveNetworkHardeningsListIterator) Response() AdaptiveNetworkHardeningsList {
return iter.page.Response()
}
// Value returns the current value or a zero-initialized value if the
// iterator has advanced beyond the end of the collection.
func (iter AdaptiveNetworkHardeningsListIterator) Value() AdaptiveNetworkHardening {
if !iter.page.NotDone() {
return AdaptiveNetworkHardening{}
}
return iter.page.Values()[iter.i]
}
// Creates a new instance of the AdaptiveNetworkHardeningsListIterator type.
func NewAdaptiveNetworkHardeningsListIterator(page AdaptiveNetworkHardeningsListPage) AdaptiveNetworkHardeningsListIterator {
return AdaptiveNetworkHardeningsListIterator{page: page}
}
// IsEmpty returns true if the ListResult contains no values.
func (anhl AdaptiveNetworkHardeningsList) IsEmpty() bool {
return anhl.Value == nil || len(*anhl.Value) == 0
}
// adaptiveNetworkHardeningsListPreparer prepares a request to retrieve the next set of results.
// It returns nil if no more results exist.
func (anhl AdaptiveNetworkHardeningsList) adaptiveNetworkHardeningsListPreparer(ctx context.Context) (*http.Request, error) {
if anhl.NextLink == nil || len(to.String(anhl.NextLink)) < 1 {
return nil, nil
}
return autorest.Prepare((&http.Request{}).WithContext(ctx),
autorest.AsJSON(),
autorest.AsGet(),
autorest.WithBaseURL(to.String(anhl.NextLink)))
}
// AdaptiveNetworkHardeningsListPage contains a page of AdaptiveNetworkHardening values.
type AdaptiveNetworkHardeningsListPage struct {
fn func(context.Context, AdaptiveNetworkHardeningsList) (AdaptiveNetworkHardeningsList, error)
anhl AdaptiveNetworkHardeningsList
}
// NextWithContext advances to the next page of values. If there was an error making
// the request the page does not advance and the error is returned.
func (page *AdaptiveNetworkHardeningsListPage) NextWithContext(ctx context.Context) (err error) {
if tracing.IsEnabled() {
ctx = tracing.StartSpan(ctx, fqdn+"/AdaptiveNetworkHardeningsListPage.NextWithContext")
defer func() {
sc := -1
if page.Response().Response.Response != nil {
sc = page.Response().Response.Response.StatusCode
}
tracing.EndSpan(ctx, sc, err)
}()
}
next, err := page.fn(ctx, page.anhl)
if err != nil {
return err
}
page.anhl = next
return nil
}
// Next advances to the next page of values. If there was an error making
// the request the page does not advance and the error is returned.
// Deprecated: Use NextWithContext() instead.
func (page *AdaptiveNetworkHardeningsListPage) Next() error {
return page.NextWithContext(context.Background())
}
// NotDone returns true if the page enumeration should be started or is not yet complete.
func (page AdaptiveNetworkHardeningsListPage) NotDone() bool {
return !page.anhl.IsEmpty()
}
// Response returns the raw server response from the last page request.
func (page AdaptiveNetworkHardeningsListPage) Response() AdaptiveNetworkHardeningsList {
return page.anhl
}
// Values returns the slice of values for the current page or nil if there are no values.
func (page AdaptiveNetworkHardeningsListPage) Values() []AdaptiveNetworkHardening {
if page.anhl.IsEmpty() {
return nil
}
return *page.anhl.Value
}
// Creates a new instance of the AdaptiveNetworkHardeningsListPage type.
func NewAdaptiveNetworkHardeningsListPage(getNextPage func(context.Context, AdaptiveNetworkHardeningsList) (AdaptiveNetworkHardeningsList, error)) AdaptiveNetworkHardeningsListPage {
return AdaptiveNetworkHardeningsListPage{fn: getNextPage}
}
// BasicAdditionalData details of the sub-assessment
type BasicAdditionalData interface {
AsSQLServerVulnerabilityProperties() (*SQLServerVulnerabilityProperties, bool)
AsContainerRegistryVulnerabilityProperties() (*ContainerRegistryVulnerabilityProperties, bool)
AsServerVulnerabilityProperties() (*ServerVulnerabilityProperties, bool)
AsAdditionalData() (*AdditionalData, bool)
}
// AdditionalData details of the sub-assessment
type AdditionalData struct {
// AssessedResourceType - Possible values include: 'AssessedResourceTypeAdditionalData', 'AssessedResourceTypeSQLServerVulnerability', 'AssessedResourceTypeContainerRegistryVulnerability', 'AssessedResourceTypeServerVulnerabilityAssessment'
AssessedResourceType AssessedResourceType `json:"assessedResourceType,omitempty"`
}
func unmarshalBasicAdditionalData(body []byte) (BasicAdditionalData, error) {
var m map[string]interface{}
err := json.Unmarshal(body, &m)
if err != nil {
return nil, err
}
switch m["assessedResourceType"] {
case string(AssessedResourceTypeSQLServerVulnerability):
var ssvp SQLServerVulnerabilityProperties
err := json.Unmarshal(body, &ssvp)
return ssvp, err
case string(AssessedResourceTypeContainerRegistryVulnerability):
var crvp ContainerRegistryVulnerabilityProperties
err := json.Unmarshal(body, &crvp)
return crvp, err
case string(AssessedResourceTypeServerVulnerabilityAssessment):
var svp ServerVulnerabilityProperties
err := json.Unmarshal(body, &svp)
return svp, err
default:
var ad AdditionalData
err := json.Unmarshal(body, &ad)
return ad, err
}
}
func unmarshalBasicAdditionalDataArray(body []byte) ([]BasicAdditionalData, error) {
var rawMessages []*json.RawMessage
err := json.Unmarshal(body, &rawMessages)
if err != nil {
return nil, err
}
adArray := make([]BasicAdditionalData, len(rawMessages))
for index, rawMessage := range rawMessages {
ad, err := unmarshalBasicAdditionalData(*rawMessage)
if err != nil {
return nil, err
}
adArray[index] = ad
}
return adArray, nil
}
// MarshalJSON is the custom marshaler for AdditionalData.
func (ad AdditionalData) MarshalJSON() ([]byte, error) {
ad.AssessedResourceType = AssessedResourceTypeAdditionalData
objectMap := make(map[string]interface{})
if ad.AssessedResourceType != "" {
objectMap["assessedResourceType"] = ad.AssessedResourceType
}
return json.Marshal(objectMap)
}
// AsSQLServerVulnerabilityProperties is the BasicAdditionalData implementation for AdditionalData.
func (ad AdditionalData) AsSQLServerVulnerabilityProperties() (*SQLServerVulnerabilityProperties, bool) {
return nil, false
}
// AsContainerRegistryVulnerabilityProperties is the BasicAdditionalData implementation for AdditionalData.
func (ad AdditionalData) AsContainerRegistryVulnerabilityProperties() (*ContainerRegistryVulnerabilityProperties, bool) {
return nil, false
}
// AsServerVulnerabilityProperties is the BasicAdditionalData implementation for AdditionalData.
func (ad AdditionalData) AsServerVulnerabilityProperties() (*ServerVulnerabilityProperties, bool) {
return nil, false
}
// AsAdditionalData is the BasicAdditionalData implementation for AdditionalData.
func (ad AdditionalData) AsAdditionalData() (*AdditionalData, bool) {
return &ad, true
}
// AsBasicAdditionalData is the BasicAdditionalData implementation for AdditionalData.
func (ad AdditionalData) AsBasicAdditionalData() (BasicAdditionalData, bool) {
return &ad, true
}
// AdvancedThreatProtectionProperties the Advanced Threat Protection settings.
type AdvancedThreatProtectionProperties struct {
// IsEnabled - Indicates whether Advanced Threat Protection is enabled.
IsEnabled *bool `json:"isEnabled,omitempty"`
}
// AdvancedThreatProtectionSetting the Advanced Threat Protection resource.
type AdvancedThreatProtectionSetting struct {
autorest.Response `json:"-"`
*AdvancedThreatProtectionProperties `json:"properties,omitempty"`
// ID - READ-ONLY; Resource Id
ID *string `json:"id,omitempty"`
// Name - READ-ONLY; Resource name
Name *string `json:"name,omitempty"`
// Type - READ-ONLY; Resource type
Type *string `json:"type,omitempty"`
}
// MarshalJSON is the custom marshaler for AdvancedThreatProtectionSetting.
func (atps AdvancedThreatProtectionSetting) MarshalJSON() ([]byte, error) {
objectMap := make(map[string]interface{})
if atps.AdvancedThreatProtectionProperties != nil {
objectMap["properties"] = atps.AdvancedThreatProtectionProperties
}
return json.Marshal(objectMap)
}
// UnmarshalJSON is the custom unmarshaler for AdvancedThreatProtectionSetting struct.
func (atps *AdvancedThreatProtectionSetting) UnmarshalJSON(body []byte) error {
var m map[string]*json.RawMessage
err := json.Unmarshal(body, &m)
if err != nil {
return err
}
for k, v := range m {
switch k {
case "properties":
if v != nil {
var advancedThreatProtectionProperties AdvancedThreatProtectionProperties
err = json.Unmarshal(*v, &advancedThreatProtectionProperties)
if err != nil {
return err
}
atps.AdvancedThreatProtectionProperties = &advancedThreatProtectionProperties
}
case "id":
if v != nil {
var ID string
err = json.Unmarshal(*v, &ID)
if err != nil {
return err
}
atps.ID = &ID
}
case "name":
if v != nil {
var name string
err = json.Unmarshal(*v, &name)
if err != nil {
return err
}
atps.Name = &name
}
case "type":
if v != nil {
var typeVar string
err = json.Unmarshal(*v, &typeVar)
if err != nil {
return err
}
atps.Type = &typeVar
}
}
}
return nil
}
// Alert security alert
type Alert struct {
autorest.Response `json:"-"`
*AlertProperties `json:"properties,omitempty"`
// ID - READ-ONLY; Resource Id
ID *string `json:"id,omitempty"`
// Name - READ-ONLY; Resource name
Name *string `json:"name,omitempty"`
// Type - READ-ONLY; Resource type
Type *string `json:"type,omitempty"`
}
// MarshalJSON is the custom marshaler for Alert.
func (a Alert) MarshalJSON() ([]byte, error) {
objectMap := make(map[string]interface{})
if a.AlertProperties != nil {
objectMap["properties"] = a.AlertProperties
}
return json.Marshal(objectMap)
}
// UnmarshalJSON is the custom unmarshaler for Alert struct.
func (a *Alert) UnmarshalJSON(body []byte) error {
var m map[string]*json.RawMessage
err := json.Unmarshal(body, &m)
if err != nil {
return err
}
for k, v := range m {
switch k {
case "properties":
if v != nil {
var alertProperties AlertProperties
err = json.Unmarshal(*v, &alertProperties)
if err != nil {
return err
}
a.AlertProperties = &alertProperties
}
case "id":
if v != nil {
var ID string
err = json.Unmarshal(*v, &ID)
if err != nil {
return err
}
a.ID = &ID
}
case "name":
if v != nil {
var name string
err = json.Unmarshal(*v, &name)
if err != nil {
return err
}
a.Name = &name
}
case "type":
if v != nil {
var typeVar string
err = json.Unmarshal(*v, &typeVar)
if err != nil {
return err
}
a.Type = &typeVar
}
}
}
return nil
}
// AlertConfidenceReason factors that increase our confidence that the alert is a true positive
type AlertConfidenceReason struct {
// Type - READ-ONLY; Type of confidence factor
Type *string `json:"type,omitempty"`
// Reason - READ-ONLY; description of the confidence reason
Reason *string `json:"reason,omitempty"`
}
// AlertEntity changing set of properties depending on the entity type.
type AlertEntity struct {
// AdditionalProperties - Unmatched properties from the message are deserialized this collection
AdditionalProperties map[string]interface{} `json:""`
// Type - READ-ONLY; Type of entity
Type *string `json:"type,omitempty"`
}
// MarshalJSON is the custom marshaler for AlertEntity.
func (ae AlertEntity) MarshalJSON() ([]byte, error) {
objectMap := make(map[string]interface{})
for k, v := range ae.AdditionalProperties {
objectMap[k] = v
}
return json.Marshal(objectMap)
}
// UnmarshalJSON is the custom unmarshaler for AlertEntity struct.
func (ae *AlertEntity) UnmarshalJSON(body []byte) error {
var m map[string]*json.RawMessage
err := json.Unmarshal(body, &m)
if err != nil {
return err
}
for k, v := range m {
switch k {
default:
if v != nil {
var additionalProperties interface{}
err = json.Unmarshal(*v, &additionalProperties)
if err != nil {
return err
}
if ae.AdditionalProperties == nil {
ae.AdditionalProperties = make(map[string]interface{})
}
ae.AdditionalProperties[k] = additionalProperties
}
case "type":
if v != nil {
var typeVar string
err = json.Unmarshal(*v, &typeVar)
if err != nil {
return err
}
ae.Type = &typeVar
}
}
}
return nil
}
// AlertList list of security alerts
type AlertList struct {
autorest.Response `json:"-"`
Value *[]Alert `json:"value,omitempty"`
// NextLink - READ-ONLY; The URI to fetch the next page.
NextLink *string `json:"nextLink,omitempty"`
}
// AlertListIterator provides access to a complete listing of Alert values.
type AlertListIterator struct {
i int
page AlertListPage
}
// NextWithContext advances to the next value. If there was an error making
// the request the iterator does not advance and the error is returned.
func (iter *AlertListIterator) NextWithContext(ctx context.Context) (err error) {
if tracing.IsEnabled() {
ctx = tracing.StartSpan(ctx, fqdn+"/AlertListIterator.NextWithContext")
defer func() {
sc := -1
if iter.Response().Response.Response != nil {
sc = iter.Response().Response.Response.StatusCode
}
tracing.EndSpan(ctx, sc, err)
}()
}
iter.i++
if iter.i < len(iter.page.Values()) {
return nil
}
err = iter.page.NextWithContext(ctx)
if err != nil {
iter.i--
return err
}
iter.i = 0
return nil
}
// Next advances to the next value. If there was an error making
// the request the iterator does not advance and the error is returned.
// Deprecated: Use NextWithContext() instead.
func (iter *AlertListIterator) Next() error {
return iter.NextWithContext(context.Background())
}
// NotDone returns true if the enumeration should be started or is not yet complete.
func (iter AlertListIterator) NotDone() bool {
return iter.page.NotDone() && iter.i < len(iter.page.Values())
}
// Response returns the raw server response from the last page request.
func (iter AlertListIterator) Response() AlertList {
return iter.page.Response()
}
// Value returns the current value or a zero-initialized value if the
// iterator has advanced beyond the end of the collection.
func (iter AlertListIterator) Value() Alert {
if !iter.page.NotDone() {
return Alert{}
}
return iter.page.Values()[iter.i]
}
// Creates a new instance of the AlertListIterator type.
func NewAlertListIterator(page AlertListPage) AlertListIterator {
return AlertListIterator{page: page}
}
// IsEmpty returns true if the ListResult contains no values.
func (al AlertList) IsEmpty() bool {
return al.Value == nil || len(*al.Value) == 0
}
// alertListPreparer prepares a request to retrieve the next set of results.
// It returns nil if no more results exist.
func (al AlertList) alertListPreparer(ctx context.Context) (*http.Request, error) {
if al.NextLink == nil || len(to.String(al.NextLink)) < 1 {
return nil, nil
}
return autorest.Prepare((&http.Request{}).WithContext(ctx),
autorest.AsJSON(),
autorest.AsGet(),
autorest.WithBaseURL(to.String(al.NextLink)))
}
// AlertListPage contains a page of Alert values.
type AlertListPage struct {
fn func(context.Context, AlertList) (AlertList, error)
al AlertList
}
// NextWithContext advances to the next page of values. If there was an error making
// the request the page does not advance and the error is returned.
func (page *AlertListPage) NextWithContext(ctx context.Context) (err error) {
if tracing.IsEnabled() {
ctx = tracing.StartSpan(ctx, fqdn+"/AlertListPage.NextWithContext")
defer func() {
sc := -1
if page.Response().Response.Response != nil {
sc = page.Response().Response.Response.StatusCode
}
tracing.EndSpan(ctx, sc, err)
}()
}
next, err := page.fn(ctx, page.al)
if err != nil {
return err
}
page.al = next
return nil
}
// Next advances to the next page of values. If there was an error making
// the request the page does not advance and the error is returned.
// Deprecated: Use NextWithContext() instead.
func (page *AlertListPage) Next() error {
return page.NextWithContext(context.Background())
}
// NotDone returns true if the page enumeration should be started or is not yet complete.
func (page AlertListPage) NotDone() bool {
return !page.al.IsEmpty()
}
// Response returns the raw server response from the last page request.
func (page AlertListPage) Response() AlertList {
return page.al
}
// Values returns the slice of values for the current page or nil if there are no values.
func (page AlertListPage) Values() []Alert {
if page.al.IsEmpty() {
return nil
}
return *page.al.Value
}
// Creates a new instance of the AlertListPage type.
func NewAlertListPage(getNextPage func(context.Context, AlertList) (AlertList, error)) AlertListPage {
return AlertListPage{fn: getNextPage}
}
// AlertProperties describes security alert properties.
type AlertProperties struct {
// State - READ-ONLY; State of the alert (Active, Dismissed etc.)
State *string `json:"state,omitempty"`
// ReportedTimeUtc - READ-ONLY; The time the incident was reported to Microsoft.Security in UTC
ReportedTimeUtc *date.Time `json:"reportedTimeUtc,omitempty"`
// VendorName - READ-ONLY; Name of the vendor that discovered the incident
VendorName *string `json:"vendorName,omitempty"`
// AlertName - READ-ONLY; Name of the alert type
AlertName *string `json:"alertName,omitempty"`
// AlertDisplayName - READ-ONLY; Display name of the alert type
AlertDisplayName *string `json:"alertDisplayName,omitempty"`
// DetectedTimeUtc - READ-ONLY; The time the incident was detected by the vendor
DetectedTimeUtc *date.Time `json:"detectedTimeUtc,omitempty"`
// Description - READ-ONLY; Description of the incident and what it means
Description *string `json:"description,omitempty"`
// RemediationSteps - READ-ONLY; Recommended steps to reradiate the incident
RemediationSteps *string `json:"remediationSteps,omitempty"`
// ActionTaken - READ-ONLY; The action that was taken as a response to the alert (Active, Blocked etc.)
ActionTaken *string `json:"actionTaken,omitempty"`
// ReportedSeverity - READ-ONLY; Estimated severity of this alert. Possible values include: 'Informational', 'Low', 'Medium', 'High'
ReportedSeverity ReportedSeverity `json:"reportedSeverity,omitempty"`
// CompromisedEntity - READ-ONLY; The entity that the incident happened on
CompromisedEntity *string `json:"compromisedEntity,omitempty"`
// AssociatedResource - READ-ONLY; Azure resource ID of the associated resource
AssociatedResource *string `json:"associatedResource,omitempty"`
ExtendedProperties map[string]interface{} `json:"extendedProperties"`
// SystemSource - READ-ONLY; The type of the alerted resource (Azure, Non-Azure)
SystemSource *string `json:"systemSource,omitempty"`
// CanBeInvestigated - READ-ONLY; Whether this alert can be investigated with Azure Security Center
CanBeInvestigated *bool `json:"canBeInvestigated,omitempty"`
// IsIncident - READ-ONLY; Whether this alert is for incident type or not (otherwise - single alert)
IsIncident *bool `json:"isIncident,omitempty"`
// Entities - objects that are related to this alerts
Entities *[]AlertEntity `json:"entities,omitempty"`
// ConfidenceScore - READ-ONLY; level of confidence we have on the alert
ConfidenceScore *float64 `json:"confidenceScore,omitempty"`
// ConfidenceReasons - reasons the alert got the confidenceScore value
ConfidenceReasons *[]AlertConfidenceReason `json:"confidenceReasons,omitempty"`
// SubscriptionID - READ-ONLY; Azure subscription ID of the resource that had the security alert or the subscription ID of the workspace that this resource reports to
SubscriptionID *string `json:"subscriptionId,omitempty"`
// InstanceID - READ-ONLY; Instance ID of the alert.
InstanceID *string `json:"instanceId,omitempty"`
// WorkspaceArmID - READ-ONLY; Azure resource ID of the workspace that the alert was reported to.
WorkspaceArmID *string `json:"workspaceArmId,omitempty"`
// CorrelationKey - READ-ONLY; Alerts with the same CorrelationKey will be grouped together in Ibiza.
CorrelationKey *string `json:"correlationKey,omitempty"`
}
// MarshalJSON is the custom marshaler for AlertProperties.
func (ap AlertProperties) MarshalJSON() ([]byte, error) {
objectMap := make(map[string]interface{})
if ap.ExtendedProperties != nil {
objectMap["extendedProperties"] = ap.ExtendedProperties
}
if ap.Entities != nil {
objectMap["entities"] = ap.Entities
}
if ap.ConfidenceReasons != nil {
objectMap["confidenceReasons"] = ap.ConfidenceReasons
}
return json.Marshal(objectMap)
}
// AllowedConnectionsList list of all possible traffic between Azure resources
type AllowedConnectionsList struct {
autorest.Response `json:"-"`
// Value - READ-ONLY
Value *[]AllowedConnectionsResource `json:"value,omitempty"`
// NextLink - READ-ONLY; The URI to fetch the next page.
NextLink *string `json:"nextLink,omitempty"`
}
// AllowedConnectionsListIterator provides access to a complete listing of AllowedConnectionsResource
// values.
type AllowedConnectionsListIterator struct {
i int
page AllowedConnectionsListPage
}
// NextWithContext advances to the next value. If there was an error making
// the request the iterator does not advance and the error is returned.
func (iter *AllowedConnectionsListIterator) NextWithContext(ctx context.Context) (err error) {
if tracing.IsEnabled() {
ctx = tracing.StartSpan(ctx, fqdn+"/AllowedConnectionsListIterator.NextWithContext")
defer func() {
sc := -1
if iter.Response().Response.Response != nil {
sc = iter.Response().Response.Response.StatusCode
}
tracing.EndSpan(ctx, sc, err)
}()
}
iter.i++
if iter.i < len(iter.page.Values()) {
return nil
}
err = iter.page.NextWithContext(ctx)
if err != nil {
iter.i--
return err
}
iter.i = 0
return nil
}
// Next advances to the next value. If there was an error making
// the request the iterator does not advance and the error is returned.
// Deprecated: Use NextWithContext() instead.
func (iter *AllowedConnectionsListIterator) Next() error {
return iter.NextWithContext(context.Background())
}
// NotDone returns true if the enumeration should be started or is not yet complete.
func (iter AllowedConnectionsListIterator) NotDone() bool {
return iter.page.NotDone() && iter.i < len(iter.page.Values())
}
// Response returns the raw server response from the last page request.
func (iter AllowedConnectionsListIterator) Response() AllowedConnectionsList {
return iter.page.Response()
}
// Value returns the current value or a zero-initialized value if the
// iterator has advanced beyond the end of the collection.
func (iter AllowedConnectionsListIterator) Value() AllowedConnectionsResource {
if !iter.page.NotDone() {
return AllowedConnectionsResource{}
}
return iter.page.Values()[iter.i]
}
// Creates a new instance of the AllowedConnectionsListIterator type.
func NewAllowedConnectionsListIterator(page AllowedConnectionsListPage) AllowedConnectionsListIterator {
return AllowedConnectionsListIterator{page: page}
}
// IsEmpty returns true if the ListResult contains no values.
func (ACL AllowedConnectionsList) IsEmpty() bool {
return ACL.Value == nil || len(*ACL.Value) == 0
}
// allowedConnectionsListPreparer prepares a request to retrieve the next set of results.
// It returns nil if no more results exist.
func (ACL AllowedConnectionsList) allowedConnectionsListPreparer(ctx context.Context) (*http.Request, error) {
if ACL.NextLink == nil || len(to.String(ACL.NextLink)) < 1 {
return nil, nil
}
return autorest.Prepare((&http.Request{}).WithContext(ctx),
autorest.AsJSON(),
autorest.AsGet(),
autorest.WithBaseURL(to.String(ACL.NextLink)))
}
// AllowedConnectionsListPage contains a page of AllowedConnectionsResource values.
type AllowedConnectionsListPage struct {
fn func(context.Context, AllowedConnectionsList) (AllowedConnectionsList, error)
ACL AllowedConnectionsList
}
// NextWithContext advances to the next page of values. If there was an error making
// the request the page does not advance and the error is returned.
func (page *AllowedConnectionsListPage) NextWithContext(ctx context.Context) (err error) {
if tracing.IsEnabled() {
ctx = tracing.StartSpan(ctx, fqdn+"/AllowedConnectionsListPage.NextWithContext")
defer func() {
sc := -1
if page.Response().Response.Response != nil {
sc = page.Response().Response.Response.StatusCode
}
tracing.EndSpan(ctx, sc, err)
}()
}
next, err := page.fn(ctx, page.ACL)
if err != nil {
return err
}
page.ACL = next
return nil
}
// Next advances to the next page of values. If there was an error making
// the request the page does not advance and the error is returned.
// Deprecated: Use NextWithContext() instead.
func (page *AllowedConnectionsListPage) Next() error {
return page.NextWithContext(context.Background())
}
// NotDone returns true if the page enumeration should be started or is not yet complete.
func (page AllowedConnectionsListPage) NotDone() bool {
return !page.ACL.IsEmpty()
}
// Response returns the raw server response from the last page request.
func (page AllowedConnectionsListPage) Response() AllowedConnectionsList {
return page.ACL
}
// Values returns the slice of values for the current page or nil if there are no values.
func (page AllowedConnectionsListPage) Values() []AllowedConnectionsResource {
if page.ACL.IsEmpty() {
return nil
}
return *page.ACL.Value
}
// Creates a new instance of the AllowedConnectionsListPage type.
func NewAllowedConnectionsListPage(getNextPage func(context.Context, AllowedConnectionsList) (AllowedConnectionsList, error)) AllowedConnectionsListPage {
return AllowedConnectionsListPage{fn: getNextPage}
}
// AllowedConnectionsResource the resource whose properties describes the allowed traffic between Azure
// resources
type AllowedConnectionsResource struct {
autorest.Response `json:"-"`
// ID - READ-ONLY; Resource Id
ID *string `json:"id,omitempty"`
// Name - READ-ONLY; Resource name
Name *string `json:"name,omitempty"`
// Type - READ-ONLY; Resource type
Type *string `json:"type,omitempty"`
// Location - READ-ONLY; Location where the resource is stored
Location *string `json:"location,omitempty"`
// AllowedConnectionsResourceProperties - READ-ONLY
*AllowedConnectionsResourceProperties `json:"properties,omitempty"`
}
// MarshalJSON is the custom marshaler for AllowedConnectionsResource.
func (acr AllowedConnectionsResource) MarshalJSON() ([]byte, error) {
objectMap := make(map[string]interface{})
return json.Marshal(objectMap)
}
// UnmarshalJSON is the custom unmarshaler for AllowedConnectionsResource struct.
func (acr *AllowedConnectionsResource) UnmarshalJSON(body []byte) error {
var m map[string]*json.RawMessage
err := json.Unmarshal(body, &m)
if err != nil {
return err
}
for k, v := range m {
switch k {
case "id":
if v != nil {
var ID string
err = json.Unmarshal(*v, &ID)
if err != nil {
return err
}
acr.ID = &ID
}
case "name":
if v != nil {
var name string
err = json.Unmarshal(*v, &name)
if err != nil {
return err
}
acr.Name = &name
}
case "type":
if v != nil {
var typeVar string
err = json.Unmarshal(*v, &typeVar)
if err != nil {
return err
}
acr.Type = &typeVar
}
case "location":
if v != nil {
var location string
err = json.Unmarshal(*v, &location)
if err != nil {
return err
}
acr.Location = &location
}
case "properties":
if v != nil {
var allowedConnectionsResourceProperties AllowedConnectionsResourceProperties
err = json.Unmarshal(*v, &allowedConnectionsResourceProperties)
if err != nil {
return err
}
acr.AllowedConnectionsResourceProperties = &allowedConnectionsResourceProperties
}
}
}
return nil
}
// AllowedConnectionsResourceProperties describes the allowed traffic between Azure resources
type AllowedConnectionsResourceProperties struct {
// CalculatedDateTime - READ-ONLY; The UTC time on which the allowed connections resource was calculated
CalculatedDateTime *date.Time `json:"calculatedDateTime,omitempty"`
// ConnectableResources - READ-ONLY; List of connectable resources
ConnectableResources *[]ConnectableResource `json:"connectableResources,omitempty"`
}
// AllowlistCustomAlertRule a custom alert rule that checks if a value (depends on the custom alert type)
// is allowed
type AllowlistCustomAlertRule struct {
// AllowlistValues - The values to allow. The format of the values depends on the rule type.
AllowlistValues *[]string `json:"allowlistValues,omitempty"`
// ValueType - READ-ONLY; The value type of the items in the list. Possible values include: 'IPCidr', 'String'
ValueType ValueType `json:"valueType,omitempty"`
// DisplayName - READ-ONLY; The display name of the custom alert.
DisplayName *string `json:"displayName,omitempty"`
// Description - READ-ONLY; The description of the custom alert.
Description *string `json:"description,omitempty"`
// IsEnabled - Whether the custom alert is enabled.
IsEnabled *bool `json:"isEnabled,omitempty"`
// RuleType - The type of the custom alert rule.
RuleType *string `json:"ruleType,omitempty"`
}
// AppWhitelistingGroup ...
type AppWhitelistingGroup struct {
autorest.Response `json:"-"`
// ID - READ-ONLY; Resource Id
ID *string `json:"id,omitempty"`
// Name - READ-ONLY; Resource name
Name *string `json:"name,omitempty"`
// Type - READ-ONLY; Resource type
Type *string `json:"type,omitempty"`
// Location - READ-ONLY; Location where the resource is stored
Location *string `json:"location,omitempty"`
*AppWhitelistingGroupData `json:"properties,omitempty"`
}
// MarshalJSON is the custom marshaler for AppWhitelistingGroup.
func (awg AppWhitelistingGroup) MarshalJSON() ([]byte, error) {
objectMap := make(map[string]interface{})
if awg.AppWhitelistingGroupData != nil {
objectMap["properties"] = awg.AppWhitelistingGroupData
}
return json.Marshal(objectMap)
}
// UnmarshalJSON is the custom unmarshaler for AppWhitelistingGroup struct.
func (awg *AppWhitelistingGroup) UnmarshalJSON(body []byte) error {
var m map[string]*json.RawMessage
err := json.Unmarshal(body, &m)
if err != nil {
return err
}
for k, v := range m {
switch k {
case "id":
if v != nil {
var ID string
err = json.Unmarshal(*v, &ID)
if err != nil {
return err
}
awg.ID = &ID
}
case "name":
if v != nil {
var name string
err = json.Unmarshal(*v, &name)
if err != nil {
return err
}
awg.Name = &name
}
case "type":
if v != nil {
var typeVar string
err = json.Unmarshal(*v, &typeVar)
if err != nil {
return err
}
awg.Type = &typeVar
}
case "location":
if v != nil {
var location string
err = json.Unmarshal(*v, &location)
if err != nil {
return err
}
awg.Location = &location
}
case "properties":
if v != nil {
var appWhitelistingGroupData AppWhitelistingGroupData
err = json.Unmarshal(*v, &appWhitelistingGroupData)
if err != nil {
return err
}
awg.AppWhitelistingGroupData = &appWhitelistingGroupData
}
}
}
return nil
}
// AppWhitelistingGroupData represents a VM/server group and set of rules that are Recommended by Azure
// Security Center to be allowed
type AppWhitelistingGroupData struct {
// EnforcementMode - Possible values include: 'Audit', 'Enforce', 'None'
EnforcementMode EnforcementMode `json:"enforcementMode,omitempty"`
ProtectionMode *ProtectionMode `json:"protectionMode,omitempty"`
// ConfigurationStatus - Possible values include: 'ConfigurationStatus2Configured', 'ConfigurationStatus2NotConfigured', 'ConfigurationStatus2InProgress', 'ConfigurationStatus2Failed', 'ConfigurationStatus2NoStatus'
ConfigurationStatus ConfigurationStatus2 `json:"configurationStatus,omitempty"`
// RecommendationStatus - Possible values include: 'RecommendationStatusRecommended', 'RecommendationStatusNotRecommended', 'RecommendationStatusNotAvailable', 'RecommendationStatusNoStatus'
RecommendationStatus RecommendationStatus `json:"recommendationStatus,omitempty"`
Issues *[]AppWhitelistingIssueSummary `json:"issues,omitempty"`
// SourceSystem - Possible values include: 'SourceSystemAzureAppLocker', 'SourceSystemAzureAuditD', 'SourceSystemNonAzureAppLocker', 'SourceSystemNonAzureAuditD', 'SourceSystemNone'
SourceSystem SourceSystem `json:"sourceSystem,omitempty"`
VMRecommendations *[]VMRecommendation `json:"vmRecommendations,omitempty"`
PathRecommendations *[]PathRecommendation `json:"pathRecommendations,omitempty"`
}
// AppWhitelistingGroups represents a list of VM/server groups and set of rules that are Recommended by
// Azure Security Center to be allowed
type AppWhitelistingGroups struct {
autorest.Response `json:"-"`
Value *[]AppWhitelistingGroup `json:"value,omitempty"`
}
// AppWhitelistingIssueSummary represents a summary of the alerts of the VM/server group
type AppWhitelistingIssueSummary struct {
// Issue - Possible values include: 'ViolationsAudited', 'ViolationsBlocked', 'MsiAndScriptViolationsAudited', 'MsiAndScriptViolationsBlocked', 'ExecutableViolationsAudited', 'RulesViolatedManually'
Issue Issue `json:"issue,omitempty"`
// NumberOfVms - The number of machines in the VM/server group that have this alert
NumberOfVms *float64 `json:"numberOfVms,omitempty"`
}
// AppWhitelistingPutGroupData the altered data of the recommended VM/server group policy
type AppWhitelistingPutGroupData struct {
// EnforcementMode - The enforcement mode of the group. Can also be defined per collection type by using ProtectionMode. Possible values include: 'EnforcementMode1Audit', 'EnforcementMode1Enforce', 'EnforcementMode1None'
EnforcementMode EnforcementMode1 `json:"enforcementMode,omitempty"`
// ProtectionMode - The protection mode of the group per collection type. Can also be defined for all collection types by using EnforcementMode
ProtectionMode *ProtectionMode `json:"protectionMode,omitempty"`
VMRecommendations *[]VMRecommendation `json:"vmRecommendations,omitempty"`
PathRecommendations *[]PathRecommendation `json:"pathRecommendations,omitempty"`
}
// AscLocation the ASC location of the subscription is in the "name" field
type AscLocation struct {
autorest.Response `json:"-"`
Properties interface{} `json:"properties,omitempty"`
// ID - READ-ONLY; Resource Id
ID *string `json:"id,omitempty"`
// Name - READ-ONLY; Resource name
Name *string `json:"name,omitempty"`
// Type - READ-ONLY; Resource type
Type *string `json:"type,omitempty"`
}
// AscLocationList list of locations where ASC saves your data
type AscLocationList struct {
autorest.Response `json:"-"`
// Value - READ-ONLY
Value *[]AscLocation `json:"value,omitempty"`
// NextLink - READ-ONLY; The URI to fetch the next page.
NextLink *string `json:"nextLink,omitempty"`
}
// AscLocationListIterator provides access to a complete listing of AscLocation values.
type AscLocationListIterator struct {
i int
page AscLocationListPage
}
// NextWithContext advances to the next value. If there was an error making
// the request the iterator does not advance and the error is returned.
func (iter *AscLocationListIterator) NextWithContext(ctx context.Context) (err error) {
if tracing.IsEnabled() {
ctx = tracing.StartSpan(ctx, fqdn+"/AscLocationListIterator.NextWithContext")
defer func() {
sc := -1
if iter.Response().Response.Response != nil {
sc = iter.Response().Response.Response.StatusCode
}
tracing.EndSpan(ctx, sc, err)
}()
}
iter.i++
if iter.i < len(iter.page.Values()) {
return nil
}
err = iter.page.NextWithContext(ctx)
if err != nil {
iter.i--
return err
}
iter.i = 0
return nil
}
// Next advances to the next value. If there was an error making
// the request the iterator does not advance and the error is returned.
// Deprecated: Use NextWithContext() instead.
func (iter *AscLocationListIterator) Next() error {
return iter.NextWithContext(context.Background())
}
// NotDone returns true if the enumeration should be started or is not yet complete.
func (iter AscLocationListIterator) NotDone() bool {
return iter.page.NotDone() && iter.i < len(iter.page.Values())
}
// Response returns the raw server response from the last page request.
func (iter AscLocationListIterator) Response() AscLocationList {
return iter.page.Response()
}
// Value returns the current value or a zero-initialized value if the
// iterator has advanced beyond the end of the collection.
func (iter AscLocationListIterator) Value() AscLocation {
if !iter.page.NotDone() {
return AscLocation{}
}
return iter.page.Values()[iter.i]
}
// Creates a new instance of the AscLocationListIterator type.
func NewAscLocationListIterator(page AscLocationListPage) AscLocationListIterator {
return AscLocationListIterator{page: page}
}
// IsEmpty returns true if the ListResult contains no values.
func (all AscLocationList) IsEmpty() bool {
return all.Value == nil || len(*all.Value) == 0
}
// ascLocationListPreparer prepares a request to retrieve the next set of results.
// It returns nil if no more results exist.
func (all AscLocationList) ascLocationListPreparer(ctx context.Context) (*http.Request, error) {
if all.NextLink == nil || len(to.String(all.NextLink)) < 1 {
return nil, nil
}
return autorest.Prepare((&http.Request{}).WithContext(ctx),
autorest.AsJSON(),
autorest.AsGet(),
autorest.WithBaseURL(to.String(all.NextLink)))
}
// AscLocationListPage contains a page of AscLocation values.
type AscLocationListPage struct {
fn func(context.Context, AscLocationList) (AscLocationList, error)
all AscLocationList
}
// NextWithContext advances to the next page of values. If there was an error making
// the request the page does not advance and the error is returned.
func (page *AscLocationListPage) NextWithContext(ctx context.Context) (err error) {
if tracing.IsEnabled() {
ctx = tracing.StartSpan(ctx, fqdn+"/AscLocationListPage.NextWithContext")
defer func() {
sc := -1
if page.Response().Response.Response != nil {
sc = page.Response().Response.Response.StatusCode
}
tracing.EndSpan(ctx, sc, err)
}()
}
next, err := page.fn(ctx, page.all)
if err != nil {
return err
}
page.all = next
return nil
}
// Next advances to the next page of values. If there was an error making
// the request the page does not advance and the error is returned.
// Deprecated: Use NextWithContext() instead.
func (page *AscLocationListPage) Next() error {
return page.NextWithContext(context.Background())
}
// NotDone returns true if the page enumeration should be started or is not yet complete.
func (page AscLocationListPage) NotDone() bool {
return !page.all.IsEmpty()
}
// Response returns the raw server response from the last page request.
func (page AscLocationListPage) Response() AscLocationList {
return page.all
}
// Values returns the slice of values for the current page or nil if there are no values.
func (page AscLocationListPage) Values() []AscLocation {
if page.all.IsEmpty() {
return nil
}
return *page.all.Value
}
// Creates a new instance of the AscLocationListPage type.
func NewAscLocationListPage(getNextPage func(context.Context, AscLocationList) (AscLocationList, error)) AscLocationListPage {
return AscLocationListPage{fn: getNextPage}
}
// AtaExternalSecuritySolution represents an ATA security solution which sends logs to an OMS workspace
type AtaExternalSecuritySolution struct {
Properties *AtaSolutionProperties `json:"properties,omitempty"`
// ID - READ-ONLY; Resource Id
ID *string `json:"id,omitempty"`
// Name - READ-ONLY; Resource name
Name *string `json:"name,omitempty"`
// Type - READ-ONLY; Resource type
Type *string `json:"type,omitempty"`
// Location - READ-ONLY; Location where the resource is stored
Location *string `json:"location,omitempty"`
// Kind - Possible values include: 'KindExternalSecuritySolution', 'KindCEF', 'KindATA', 'KindAAD'
Kind KindEnum `json:"kind,omitempty"`
}
// MarshalJSON is the custom marshaler for AtaExternalSecuritySolution.
func (aess AtaExternalSecuritySolution) MarshalJSON() ([]byte, error) {
aess.Kind = KindATA
objectMap := make(map[string]interface{})
if aess.Properties != nil {
objectMap["properties"] = aess.Properties
}
if aess.Kind != "" {
objectMap["kind"] = aess.Kind
}
return json.Marshal(objectMap)
}
// AsCefExternalSecuritySolution is the BasicExternalSecuritySolution implementation for AtaExternalSecuritySolution.
func (aess AtaExternalSecuritySolution) AsCefExternalSecuritySolution() (*CefExternalSecuritySolution, bool) {
return nil, false
}
// AsAtaExternalSecuritySolution is the BasicExternalSecuritySolution implementation for AtaExternalSecuritySolution.
func (aess AtaExternalSecuritySolution) AsAtaExternalSecuritySolution() (*AtaExternalSecuritySolution, bool) {
return &aess, true
}
// AsAadExternalSecuritySolution is the BasicExternalSecuritySolution implementation for AtaExternalSecuritySolution.
func (aess AtaExternalSecuritySolution) AsAadExternalSecuritySolution() (*AadExternalSecuritySolution, bool) {
return nil, false
}
// AsExternalSecuritySolution is the BasicExternalSecuritySolution implementation for AtaExternalSecuritySolution.
func (aess AtaExternalSecuritySolution) AsExternalSecuritySolution() (*ExternalSecuritySolution, bool) {
return nil, false
}
// AsBasicExternalSecuritySolution is the BasicExternalSecuritySolution implementation for AtaExternalSecuritySolution.
func (aess AtaExternalSecuritySolution) AsBasicExternalSecuritySolution() (BasicExternalSecuritySolution, bool) {
return &aess, true
}
// AtaSolutionProperties ...
type AtaSolutionProperties struct {
LastEventReceived *string `json:"lastEventReceived,omitempty"`
// AdditionalProperties - Unmatched properties from the message are deserialized this collection
AdditionalProperties map[string]interface{} `json:""`
DeviceVendor *string `json:"deviceVendor,omitempty"`
DeviceType *string `json:"deviceType,omitempty"`
Workspace *ConnectedWorkspace `json:"workspace,omitempty"`
}
// MarshalJSON is the custom marshaler for AtaSolutionProperties.
func (asp AtaSolutionProperties) MarshalJSON() ([]byte, error) {
objectMap := make(map[string]interface{})
if asp.LastEventReceived != nil {
objectMap["lastEventReceived"] = asp.LastEventReceived
}
if asp.DeviceVendor != nil {
objectMap["deviceVendor"] = asp.DeviceVendor
}
if asp.DeviceType != nil {
objectMap["deviceType"] = asp.DeviceType
}
if asp.Workspace != nil {
objectMap["workspace"] = asp.Workspace
}
for k, v := range asp.AdditionalProperties {
objectMap[k] = v
}
return json.Marshal(objectMap)
}
// UnmarshalJSON is the custom unmarshaler for AtaSolutionProperties struct.
func (asp *AtaSolutionProperties) UnmarshalJSON(body []byte) error {
var m map[string]*json.RawMessage
err := json.Unmarshal(body, &m)
if err != nil {
return err
}
for k, v := range m {
switch k {
case "lastEventReceived":
if v != nil {
var lastEventReceived string
err = json.Unmarshal(*v, &lastEventReceived)
if err != nil {
return err
}
asp.LastEventReceived = &lastEventReceived
}
default:
if v != nil {
var additionalProperties interface{}
err = json.Unmarshal(*v, &additionalProperties)
if err != nil {
return err
}
if asp.AdditionalProperties == nil {
asp.AdditionalProperties = make(map[string]interface{})
}
asp.AdditionalProperties[k] = additionalProperties
}
case "deviceVendor":
if v != nil {
var deviceVendor string
err = json.Unmarshal(*v, &deviceVendor)
if err != nil {
return err
}
asp.DeviceVendor = &deviceVendor
}
case "deviceType":
if v != nil {
var deviceType string
err = json.Unmarshal(*v, &deviceType)
if err != nil {
return err
}
asp.DeviceType = &deviceType
}
case "workspace":
if v != nil {
var workspace ConnectedWorkspace
err = json.Unmarshal(*v, &workspace)
if err != nil {
return err
}
asp.Workspace = &workspace
}
}
}
return nil
}
// AutoProvisioningSetting auto provisioning setting
type AutoProvisioningSetting struct {
autorest.Response `json:"-"`
// AutoProvisioningSettingProperties - Auto provisioning setting data
*AutoProvisioningSettingProperties `json:"properties,omitempty"`
// ID - READ-ONLY; Resource Id
ID *string `json:"id,omitempty"`
// Name - READ-ONLY; Resource name
Name *string `json:"name,omitempty"`
// Type - READ-ONLY; Resource type
Type *string `json:"type,omitempty"`
}
// MarshalJSON is the custom marshaler for AutoProvisioningSetting.
func (aps AutoProvisioningSetting) MarshalJSON() ([]byte, error) {
objectMap := make(map[string]interface{})
if aps.AutoProvisioningSettingProperties != nil {
objectMap["properties"] = aps.AutoProvisioningSettingProperties
}
return json.Marshal(objectMap)
}
// UnmarshalJSON is the custom unmarshaler for AutoProvisioningSetting struct.
func (aps *AutoProvisioningSetting) UnmarshalJSON(body []byte) error {
var m map[string]*json.RawMessage
err := json.Unmarshal(body, &m)
if err != nil {
return err
}
for k, v := range m {
switch k {
case "properties":
if v != nil {
var autoProvisioningSettingProperties AutoProvisioningSettingProperties
err = json.Unmarshal(*v, &autoProvisioningSettingProperties)
if err != nil {
return err
}
aps.AutoProvisioningSettingProperties = &autoProvisioningSettingProperties
}
case "id":
if v != nil {
var ID string
err = json.Unmarshal(*v, &ID)
if err != nil {
return err
}
aps.ID = &ID
}
case "name":
if v != nil {
var name string
err = json.Unmarshal(*v, &name)
if err != nil {
return err
}
aps.Name = &name
}
case "type":
if v != nil {
var typeVar string
err = json.Unmarshal(*v, &typeVar)
if err != nil {
return err
}
aps.Type = &typeVar
}
}
}
return nil
}
// AutoProvisioningSettingList list of all the auto provisioning settings response
type AutoProvisioningSettingList struct {
autorest.Response `json:"-"`
// Value - List of all the auto provisioning settings
Value *[]AutoProvisioningSetting `json:"value,omitempty"`
// NextLink - READ-ONLY; The URI to fetch the next page.
NextLink *string `json:"nextLink,omitempty"`
}
// AutoProvisioningSettingListIterator provides access to a complete listing of AutoProvisioningSetting
// values.
type AutoProvisioningSettingListIterator struct {
i int
page AutoProvisioningSettingListPage
}
// NextWithContext advances to the next value. If there was an error making
// the request the iterator does not advance and the error is returned.
func (iter *AutoProvisioningSettingListIterator) NextWithContext(ctx context.Context) (err error) {
if tracing.IsEnabled() {
ctx = tracing.StartSpan(ctx, fqdn+"/AutoProvisioningSettingListIterator.NextWithContext")
defer func() {
sc := -1
if iter.Response().Response.Response != nil {
sc = iter.Response().Response.Response.StatusCode
}
tracing.EndSpan(ctx, sc, err)
}()
}
iter.i++
if iter.i < len(iter.page.Values()) {
return nil
}
err = iter.page.NextWithContext(ctx)
if err != nil {
iter.i--
return err
}
iter.i = 0
return nil
}
// Next advances to the next value. If there was an error making
// the request the iterator does not advance and the error is returned.
// Deprecated: Use NextWithContext() instead.
func (iter *AutoProvisioningSettingListIterator) Next() error {
return iter.NextWithContext(context.Background())
}
// NotDone returns true if the enumeration should be started or is not yet complete.
func (iter AutoProvisioningSettingListIterator) NotDone() bool {
return iter.page.NotDone() && iter.i < len(iter.page.Values())
}
// Response returns the raw server response from the last page request.
func (iter AutoProvisioningSettingListIterator) Response() AutoProvisioningSettingList {
return iter.page.Response()
}
// Value returns the current value or a zero-initialized value if the
// iterator has advanced beyond the end of the collection.
func (iter AutoProvisioningSettingListIterator) Value() AutoProvisioningSetting {
if !iter.page.NotDone() {
return AutoProvisioningSetting{}
}
return iter.page.Values()[iter.i]
}
// Creates a new instance of the AutoProvisioningSettingListIterator type.
func NewAutoProvisioningSettingListIterator(page AutoProvisioningSettingListPage) AutoProvisioningSettingListIterator {
return AutoProvisioningSettingListIterator{page: page}
}
// IsEmpty returns true if the ListResult contains no values.
func (apsl AutoProvisioningSettingList) IsEmpty() bool {
return apsl.Value == nil || len(*apsl.Value) == 0
}
// autoProvisioningSettingListPreparer prepares a request to retrieve the next set of results.
// It returns nil if no more results exist.
func (apsl AutoProvisioningSettingList) autoProvisioningSettingListPreparer(ctx context.Context) (*http.Request, error) {
if apsl.NextLink == nil || len(to.String(apsl.NextLink)) < 1 {
return nil, nil
}
return autorest.Prepare((&http.Request{}).WithContext(ctx),
autorest.AsJSON(),
autorest.AsGet(),
autorest.WithBaseURL(to.String(apsl.NextLink)))
}
// AutoProvisioningSettingListPage contains a page of AutoProvisioningSetting values.
type AutoProvisioningSettingListPage struct {
fn func(context.Context, AutoProvisioningSettingList) (AutoProvisioningSettingList, error)
apsl AutoProvisioningSettingList
}
// NextWithContext advances to the next page of values. If there was an error making
// the request the page does not advance and the error is returned.
func (page *AutoProvisioningSettingListPage) NextWithContext(ctx context.Context) (err error) {
if tracing.IsEnabled() {
ctx = tracing.StartSpan(ctx, fqdn+"/AutoProvisioningSettingListPage.NextWithContext")
defer func() {
sc := -1
if page.Response().Response.Response != nil {
sc = page.Response().Response.Response.StatusCode
}
tracing.EndSpan(ctx, sc, err)
}()
}
next, err := page.fn(ctx, page.apsl)
if err != nil {
return err
}
page.apsl = next
return nil
}
// Next advances to the next page of values. If there was an error making
// the request the page does not advance and the error is returned.
// Deprecated: Use NextWithContext() instead.
func (page *AutoProvisioningSettingListPage) Next() error {
return page.NextWithContext(context.Background())
}
// NotDone returns true if the page enumeration should be started or is not yet complete.
func (page AutoProvisioningSettingListPage) NotDone() bool {
return !page.apsl.IsEmpty()
}
// Response returns the raw server response from the last page request.
func (page AutoProvisioningSettingListPage) Response() AutoProvisioningSettingList {
return page.apsl
}
// Values returns the slice of values for the current page or nil if there are no values.
func (page AutoProvisioningSettingListPage) Values() []AutoProvisioningSetting {
if page.apsl.IsEmpty() {
return nil
}
return *page.apsl.Value
}
// Creates a new instance of the AutoProvisioningSettingListPage type.
func NewAutoProvisioningSettingListPage(getNextPage func(context.Context, AutoProvisioningSettingList) (AutoProvisioningSettingList, error)) AutoProvisioningSettingListPage {
return AutoProvisioningSettingListPage{fn: getNextPage}
}
// AutoProvisioningSettingProperties describes properties of an auto provisioning setting
type AutoProvisioningSettingProperties struct {
// AutoProvision - Describes what kind of security agent provisioning action to take. Possible values include: 'AutoProvisionOn', 'AutoProvisionOff'
AutoProvision AutoProvision `json:"autoProvision,omitempty"`
}
// AwsResourceDetails details of the resource that was assessed
type AwsResourceDetails struct {
// AccountID - READ-ONLY; AWS account ID
AccountID *string `json:"accountId,omitempty"`
// AwsResourceID - READ-ONLY; AWS resource ID. can be ARN or other
AwsResourceID *string `json:"awsResourceId,omitempty"`
// Source - Possible values include: 'SourceResourceDetails', 'SourceAzure', 'SourceAws'
Source Source `json:"source,omitempty"`
}
// MarshalJSON is the custom marshaler for AwsResourceDetails.
func (ard AwsResourceDetails) MarshalJSON() ([]byte, error) {
ard.Source = SourceAws
objectMap := make(map[string]interface{})
if ard.Source != "" {
objectMap["source"] = ard.Source
}
return json.Marshal(objectMap)
}
// AsAzureResourceDetails is the BasicResourceDetails implementation for AwsResourceDetails.
func (ard AwsResourceDetails) AsAzureResourceDetails() (*AzureResourceDetails, bool) {
return nil, false
}
// AsAwsResourceDetails is the BasicResourceDetails implementation for AwsResourceDetails.
func (ard AwsResourceDetails) AsAwsResourceDetails() (*AwsResourceDetails, bool) {
return &ard, true
}
// AsResourceDetails is the BasicResourceDetails implementation for AwsResourceDetails.
func (ard AwsResourceDetails) AsResourceDetails() (*ResourceDetails, bool) {
return nil, false
}
// AsBasicResourceDetails is the BasicResourceDetails implementation for AwsResourceDetails.
func (ard AwsResourceDetails) AsBasicResourceDetails() (BasicResourceDetails, bool) {
return &ard, true
}
// AzureResourceDetails details of the resource that was assessed
type AzureResourceDetails struct {
// ID - READ-ONLY; Azure resource ID of the assessed resource
ID *string `json:"id,omitempty"`
// Source - Possible values include: 'SourceResourceDetails', 'SourceAzure', 'SourceAws'
Source Source `json:"source,omitempty"`
}
// MarshalJSON is the custom marshaler for AzureResourceDetails.
func (ard AzureResourceDetails) MarshalJSON() ([]byte, error) {
ard.Source = SourceAzure
objectMap := make(map[string]interface{})
if ard.Source != "" {
objectMap["source"] = ard.Source
}
return json.Marshal(objectMap)
}
// AsAzureResourceDetails is the BasicResourceDetails implementation for AzureResourceDetails.
func (ard AzureResourceDetails) AsAzureResourceDetails() (*AzureResourceDetails, bool) {
return &ard, true
}
// AsAwsResourceDetails is the BasicResourceDetails implementation for AzureResourceDetails.
func (ard AzureResourceDetails) AsAwsResourceDetails() (*AwsResourceDetails, bool) {
return nil, false
}
// AsResourceDetails is the BasicResourceDetails implementation for AzureResourceDetails.
func (ard AzureResourceDetails) AsResourceDetails() (*ResourceDetails, bool) {
return nil, false
}
// AsBasicResourceDetails is the BasicResourceDetails implementation for AzureResourceDetails.
func (ard AzureResourceDetails) AsBasicResourceDetails() (BasicResourceDetails, bool) {
return &ard, true
}
// CefExternalSecuritySolution represents a security solution which sends CEF logs to an OMS workspace
type CefExternalSecuritySolution struct {
Properties *CefSolutionProperties `json:"properties,omitempty"`
// ID - READ-ONLY; Resource Id
ID *string `json:"id,omitempty"`
// Name - READ-ONLY; Resource name
Name *string `json:"name,omitempty"`
// Type - READ-ONLY; Resource type
Type *string `json:"type,omitempty"`
// Location - READ-ONLY; Location where the resource is stored
Location *string `json:"location,omitempty"`
// Kind - Possible values include: 'KindExternalSecuritySolution', 'KindCEF', 'KindATA', 'KindAAD'
Kind KindEnum `json:"kind,omitempty"`
}
// MarshalJSON is the custom marshaler for CefExternalSecuritySolution.
func (cess CefExternalSecuritySolution) MarshalJSON() ([]byte, error) {
cess.Kind = KindCEF
objectMap := make(map[string]interface{})
if cess.Properties != nil {
objectMap["properties"] = cess.Properties
}
if cess.Kind != "" {
objectMap["kind"] = cess.Kind
}
return json.Marshal(objectMap)
}
// AsCefExternalSecuritySolution is the BasicExternalSecuritySolution implementation for CefExternalSecuritySolution.
func (cess CefExternalSecuritySolution) AsCefExternalSecuritySolution() (*CefExternalSecuritySolution, bool) {
return &cess, true
}
// AsAtaExternalSecuritySolution is the BasicExternalSecuritySolution implementation for CefExternalSecuritySolution.
func (cess CefExternalSecuritySolution) AsAtaExternalSecuritySolution() (*AtaExternalSecuritySolution, bool) {
return nil, false
}
// AsAadExternalSecuritySolution is the BasicExternalSecuritySolution implementation for CefExternalSecuritySolution.
func (cess CefExternalSecuritySolution) AsAadExternalSecuritySolution() (*AadExternalSecuritySolution, bool) {
return nil, false
}
// AsExternalSecuritySolution is the BasicExternalSecuritySolution implementation for CefExternalSecuritySolution.
func (cess CefExternalSecuritySolution) AsExternalSecuritySolution() (*ExternalSecuritySolution, bool) {
return nil, false
}
// AsBasicExternalSecuritySolution is the BasicExternalSecuritySolution implementation for CefExternalSecuritySolution.
func (cess CefExternalSecuritySolution) AsBasicExternalSecuritySolution() (BasicExternalSecuritySolution, bool) {
return &cess, true
}
// CefSolutionProperties ...
type CefSolutionProperties struct {
Hostname *string `json:"hostname,omitempty"`
Agent *string `json:"agent,omitempty"`
LastEventReceived *string `json:"lastEventReceived,omitempty"`
// AdditionalProperties - Unmatched properties from the message are deserialized this collection
AdditionalProperties map[string]interface{} `json:""`
DeviceVendor *string `json:"deviceVendor,omitempty"`
DeviceType *string `json:"deviceType,omitempty"`
Workspace *ConnectedWorkspace `json:"workspace,omitempty"`
}
// MarshalJSON is the custom marshaler for CefSolutionProperties.
func (csp CefSolutionProperties) MarshalJSON() ([]byte, error) {
objectMap := make(map[string]interface{})
if csp.Hostname != nil {
objectMap["hostname"] = csp.Hostname
}
if csp.Agent != nil {
objectMap["agent"] = csp.Agent
}
if csp.LastEventReceived != nil {
objectMap["lastEventReceived"] = csp.LastEventReceived
}
if csp.DeviceVendor != nil {
objectMap["deviceVendor"] = csp.DeviceVendor
}
if csp.DeviceType != nil {
objectMap["deviceType"] = csp.DeviceType
}
if csp.Workspace != nil {
objectMap["workspace"] = csp.Workspace
}
for k, v := range csp.AdditionalProperties {
objectMap[k] = v
}
return json.Marshal(objectMap)
}
// UnmarshalJSON is the custom unmarshaler for CefSolutionProperties struct.
func (csp *CefSolutionProperties) UnmarshalJSON(body []byte) error {
var m map[string]*json.RawMessage
err := json.Unmarshal(body, &m)
if err != nil {
return err
}
for k, v := range m {
switch k {
case "hostname":
if v != nil {
var hostname string
err = json.Unmarshal(*v, &hostname)
if err != nil {
return err
}
csp.Hostname = &hostname
}
case "agent":
if v != nil {
var agent string
err = json.Unmarshal(*v, &agent)
if err != nil {
return err
}
csp.Agent = &agent
}
case "lastEventReceived":
if v != nil {
var lastEventReceived string
err = json.Unmarshal(*v, &lastEventReceived)
if err != nil {
return err
}
csp.LastEventReceived = &lastEventReceived
}
default:
if v != nil {
var additionalProperties interface{}
err = json.Unmarshal(*v, &additionalProperties)
if err != nil {
return err
}
if csp.AdditionalProperties == nil {
csp.AdditionalProperties = make(map[string]interface{})
}
csp.AdditionalProperties[k] = additionalProperties
}
case "deviceVendor":
if v != nil {
var deviceVendor string
err = json.Unmarshal(*v, &deviceVendor)
if err != nil {
return err
}
csp.DeviceVendor = &deviceVendor
}
case "deviceType":
if v != nil {
var deviceType string
err = json.Unmarshal(*v, &deviceType)
if err != nil {
return err
}
csp.DeviceType = &deviceType
}
case "workspace":
if v != nil {
var workspace ConnectedWorkspace
err = json.Unmarshal(*v, &workspace)
if err != nil {
return err
}
csp.Workspace = &workspace
}
}
}
return nil
}
// CloudError error response structure.
type CloudError struct {
// CloudErrorBody - Error data
*CloudErrorBody `json:"error,omitempty"`
}
// MarshalJSON is the custom marshaler for CloudError.
func (ce CloudError) MarshalJSON() ([]byte, error) {
objectMap := make(map[string]interface{})
if ce.CloudErrorBody != nil {
objectMap["error"] = ce.CloudErrorBody
}
return json.Marshal(objectMap)
}
// UnmarshalJSON is the custom unmarshaler for CloudError struct.
func (ce *CloudError) UnmarshalJSON(body []byte) error {
var m map[string]*json.RawMessage
err := json.Unmarshal(body, &m)
if err != nil {
return err
}
for k, v := range m {
switch k {
case "error":
if v != nil {
var cloudErrorBody CloudErrorBody
err = json.Unmarshal(*v, &cloudErrorBody)
if err != nil {
return err
}
ce.CloudErrorBody = &cloudErrorBody
}
}
}
return nil
}
// CloudErrorBody error details.
type CloudErrorBody struct {
// Code - READ-ONLY; An identifier for the error. Codes are invariant and are intended to be consumed programmatically.
Code *string `json:"code,omitempty"`
// Message - READ-ONLY; A message describing the error, intended to be suitable for display in a user interface.
Message *string `json:"message,omitempty"`
}
// Compliance compliance of a scope
type Compliance struct {
autorest.Response `json:"-"`
// ComplianceProperties - Compliance data
*ComplianceProperties `json:"properties,omitempty"`
// ID - READ-ONLY; Resource Id
ID *string `json:"id,omitempty"`
// Name - READ-ONLY; Resource name
Name *string `json:"name,omitempty"`
// Type - READ-ONLY; Resource type
Type *string `json:"type,omitempty"`
}
// MarshalJSON is the custom marshaler for Compliance.
func (c Compliance) MarshalJSON() ([]byte, error) {
objectMap := make(map[string]interface{})
if c.ComplianceProperties != nil {
objectMap["properties"] = c.ComplianceProperties
}
return json.Marshal(objectMap)
}
// UnmarshalJSON is the custom unmarshaler for Compliance struct.
func (c *Compliance) UnmarshalJSON(body []byte) error {
var m map[string]*json.RawMessage
err := json.Unmarshal(body, &m)
if err != nil {
return err
}
for k, v := range m {
switch k {
case "properties":
if v != nil {
var complianceProperties ComplianceProperties
err = json.Unmarshal(*v, &complianceProperties)
if err != nil {
return err
}
c.ComplianceProperties = &complianceProperties
}
case "id":
if v != nil {
var ID string
err = json.Unmarshal(*v, &ID)
if err != nil {
return err
}
c.ID = &ID
}
case "name":
if v != nil {
var name string
err = json.Unmarshal(*v, &name)
if err != nil {
return err
}
c.Name = &name
}
case "type":
if v != nil {
var typeVar string
err = json.Unmarshal(*v, &typeVar)
if err != nil {
return err
}
c.Type = &typeVar
}
}
}
return nil
}
// ComplianceList list of Compliance objects response
type ComplianceList struct {
autorest.Response `json:"-"`
// Value - List of Compliance objects
Value *[]Compliance `json:"value,omitempty"`
// NextLink - READ-ONLY; The URI to fetch the next page.
NextLink *string `json:"nextLink,omitempty"`
}
// ComplianceListIterator provides access to a complete listing of Compliance values.
type ComplianceListIterator struct {
i int
page ComplianceListPage
}
// NextWithContext advances to the next value. If there was an error making
// the request the iterator does not advance and the error is returned.
func (iter *ComplianceListIterator) NextWithContext(ctx context.Context) (err error) {
if tracing.IsEnabled() {
ctx = tracing.StartSpan(ctx, fqdn+"/ComplianceListIterator.NextWithContext")
defer func() {
sc := -1
if iter.Response().Response.Response != nil {
sc = iter.Response().Response.Response.StatusCode
}
tracing.EndSpan(ctx, sc, err)
}()
}
iter.i++
if iter.i < len(iter.page.Values()) {
return nil
}
err = iter.page.NextWithContext(ctx)
if err != nil {
iter.i--
return err
}
iter.i = 0
return nil
}
// Next advances to the next value. If there was an error making
// the request the iterator does not advance and the error is returned.
// Deprecated: Use NextWithContext() instead.
func (iter *ComplianceListIterator) Next() error {
return iter.NextWithContext(context.Background())
}
// NotDone returns true if the enumeration should be started or is not yet complete.
func (iter ComplianceListIterator) NotDone() bool {
return iter.page.NotDone() && iter.i < len(iter.page.Values())
}
// Response returns the raw server response from the last page request.
func (iter ComplianceListIterator) Response() ComplianceList {
return iter.page.Response()
}
// Value returns the current value or a zero-initialized value if the
// iterator has advanced beyond the end of the collection.
func (iter ComplianceListIterator) Value() Compliance {
if !iter.page.NotDone() {
return Compliance{}
}
return iter.page.Values()[iter.i]
}
// Creates a new instance of the ComplianceListIterator type.
func NewComplianceListIterator(page ComplianceListPage) ComplianceListIterator {
return ComplianceListIterator{page: page}
}
// IsEmpty returns true if the ListResult contains no values.
func (cl ComplianceList) IsEmpty() bool {
return cl.Value == nil || len(*cl.Value) == 0
}
// complianceListPreparer prepares a request to retrieve the next set of results.
// It returns nil if no more results exist.
func (cl ComplianceList) complianceListPreparer(ctx context.Context) (*http.Request, error) {
if cl.NextLink == nil || len(to.String(cl.NextLink)) < 1 {
return nil, nil
}
return autorest.Prepare((&http.Request{}).WithContext(ctx),
autorest.AsJSON(),
autorest.AsGet(),
autorest.WithBaseURL(to.String(cl.NextLink)))
}
// ComplianceListPage contains a page of Compliance values.
type ComplianceListPage struct {
fn func(context.Context, ComplianceList) (ComplianceList, error)
cl ComplianceList
}
// NextWithContext advances to the next page of values. If there was an error making
// the request the page does not advance and the error is returned.
func (page *ComplianceListPage) NextWithContext(ctx context.Context) (err error) {
if tracing.IsEnabled() {
ctx = tracing.StartSpan(ctx, fqdn+"/ComplianceListPage.NextWithContext")
defer func() {
sc := -1
if page.Response().Response.Response != nil {
sc = page.Response().Response.Response.StatusCode
}
tracing.EndSpan(ctx, sc, err)
}()
}
next, err := page.fn(ctx, page.cl)
if err != nil {
return err
}
page.cl = next
return nil
}
// Next advances to the next page of values. If there was an error making
// the request the page does not advance and the error is returned.
// Deprecated: Use NextWithContext() instead.
func (page *ComplianceListPage) Next() error {
return page.NextWithContext(context.Background())
}
// NotDone returns true if the page enumeration should be started or is not yet complete.
func (page ComplianceListPage) NotDone() bool {
return !page.cl.IsEmpty()
}
// Response returns the raw server response from the last page request.
func (page ComplianceListPage) Response() ComplianceList {
return page.cl
}
// Values returns the slice of values for the current page or nil if there are no values.
func (page ComplianceListPage) Values() []Compliance {
if page.cl.IsEmpty() {
return nil
}
return *page.cl.Value
}
// Creates a new instance of the ComplianceListPage type.
func NewComplianceListPage(getNextPage func(context.Context, ComplianceList) (ComplianceList, error)) ComplianceListPage {
return ComplianceListPage{fn: getNextPage}
}
// ComplianceProperties the Compliance score (percentage) of a Subscription is a sum of all Resources'
// Compliances under the given Subscription. A Resource Compliance is defined as the compliant ('healthy')
// Policy Definitions out of all Policy Definitions applicable to a given resource.
type ComplianceProperties struct {
// AssessmentTimestampUtcDate - READ-ONLY; The timestamp when the Compliance calculation was conducted.
AssessmentTimestampUtcDate *date.Time `json:"assessmentTimestampUtcDate,omitempty"`
// ResourceCount - READ-ONLY; The resource count of the given subscription for which the Compliance calculation was conducted (needed for Management Group Compliance calculation).
ResourceCount *int32 `json:"resourceCount,omitempty"`
// AssessmentResult - READ-ONLY; An array of segment, which is the actually the compliance assessment.
AssessmentResult *[]ComplianceSegment `json:"assessmentResult,omitempty"`
}
// ComplianceSegment a segment of a compliance assessment.
type ComplianceSegment struct {
// SegmentType - READ-ONLY; The segment type, e.g. compliant, non-compliance, insufficient coverage, N/A, etc.
SegmentType *string `json:"segmentType,omitempty"`
// Percentage - READ-ONLY; The size (%) of the segment.
Percentage *float64 `json:"percentage,omitempty"`
}
// ConnectableResource describes the allowed inbound and outbound traffic of an Azure resource
type ConnectableResource struct {
// ID - READ-ONLY; The Azure resource id
ID *string `json:"id,omitempty"`
// InboundConnectedResources - READ-ONLY; The list of Azure resources that the resource has inbound allowed connection from
InboundConnectedResources *[]ConnectedResource `json:"inboundConnectedResources,omitempty"`
// OutboundConnectedResources - READ-ONLY; The list of Azure resources that the resource has outbound allowed connection to
OutboundConnectedResources *[]ConnectedResource `json:"outboundConnectedResources,omitempty"`
}
// ConnectedResource describes properties of a connected resource
type ConnectedResource struct {
// ConnectedResourceID - READ-ONLY; The Azure resource id of the connected resource
ConnectedResourceID *string `json:"connectedResourceId,omitempty"`
// TCPPorts - READ-ONLY; The allowed tcp ports
TCPPorts *string `json:"tcpPorts,omitempty"`
// UDPPorts - READ-ONLY; The allowed udp ports
UDPPorts *string `json:"udpPorts,omitempty"`
}
// ConnectedWorkspace ...
type ConnectedWorkspace struct {
// ID - Azure resource ID of the connected OMS workspace
ID *string `json:"id,omitempty"`
}
// Contact contact details for security issues
type Contact struct {
autorest.Response `json:"-"`
// ContactProperties - Security contact data
*ContactProperties `json:"properties,omitempty"`
// ID - READ-ONLY; Resource Id
ID *string `json:"id,omitempty"`
// Name - READ-ONLY; Resource name
Name *string `json:"name,omitempty"`
// Type - READ-ONLY; Resource type
Type *string `json:"type,omitempty"`
}
// MarshalJSON is the custom marshaler for Contact.
func (c Contact) MarshalJSON() ([]byte, error) {
objectMap := make(map[string]interface{})
if c.ContactProperties != nil {
objectMap["properties"] = c.ContactProperties
}
return json.Marshal(objectMap)
}
// UnmarshalJSON is the custom unmarshaler for Contact struct.
func (c *Contact) UnmarshalJSON(body []byte) error {
var m map[string]*json.RawMessage
err := json.Unmarshal(body, &m)
if err != nil {
return err
}
for k, v := range m {
switch k {
case "properties":
if v != nil {
var contactProperties ContactProperties
err = json.Unmarshal(*v, &contactProperties)
if err != nil {
return err
}
c.ContactProperties = &contactProperties
}
case "id":
if v != nil {
var ID string
err = json.Unmarshal(*v, &ID)
if err != nil {
return err
}
c.ID = &ID
}
case "name":
if v != nil {
var name string
err = json.Unmarshal(*v, &name)
if err != nil {
return err
}
c.Name = &name
}
case "type":
if v != nil {
var typeVar string
err = json.Unmarshal(*v, &typeVar)
if err != nil {
return err
}
c.Type = &typeVar
}
}
}
return nil
}
// ContactList list of security contacts response
type ContactList struct {
autorest.Response `json:"-"`
// Value - READ-ONLY; List of security contacts
Value *[]Contact `json:"value,omitempty"`
// NextLink - READ-ONLY; The URI to fetch the next page.
NextLink *string `json:"nextLink,omitempty"`
}
// ContactListIterator provides access to a complete listing of Contact values.
type ContactListIterator struct {
i int
page ContactListPage
}
// NextWithContext advances to the next value. If there was an error making
// the request the iterator does not advance and the error is returned.
func (iter *ContactListIterator) NextWithContext(ctx context.Context) (err error) {
if tracing.IsEnabled() {
ctx = tracing.StartSpan(ctx, fqdn+"/ContactListIterator.NextWithContext")
defer func() {
sc := -1
if iter.Response().Response.Response != nil {
sc = iter.Response().Response.Response.StatusCode
}
tracing.EndSpan(ctx, sc, err)
}()
}
iter.i++
if iter.i < len(iter.page.Values()) {
return nil
}
err = iter.page.NextWithContext(ctx)
if err != nil {
iter.i--
return err
}
iter.i = 0
return nil
}
// Next advances to the next value. If there was an error making
// the request the iterator does not advance and the error is returned.
// Deprecated: Use NextWithContext() instead.
func (iter *ContactListIterator) Next() error {
return iter.NextWithContext(context.Background())
}
// NotDone returns true if the enumeration should be started or is not yet complete.
func (iter ContactListIterator) NotDone() bool {
return iter.page.NotDone() && iter.i < len(iter.page.Values())
}
// Response returns the raw server response from the last page request.
func (iter ContactListIterator) Response() ContactList {
return iter.page.Response()
}
// Value returns the current value or a zero-initialized value if the
// iterator has advanced beyond the end of the collection.
func (iter ContactListIterator) Value() Contact {
if !iter.page.NotDone() {
return Contact{}
}
return iter.page.Values()[iter.i]
}
// Creates a new instance of the ContactListIterator type.
func NewContactListIterator(page ContactListPage) ContactListIterator {
return ContactListIterator{page: page}
}
// IsEmpty returns true if the ListResult contains no values.
func (cl ContactList) IsEmpty() bool {
return cl.Value == nil || len(*cl.Value) == 0
}
// contactListPreparer prepares a request to retrieve the next set of results.
// It returns nil if no more results exist.
func (cl ContactList) contactListPreparer(ctx context.Context) (*http.Request, error) {
if cl.NextLink == nil || len(to.String(cl.NextLink)) < 1 {
return nil, nil
}
return autorest.Prepare((&http.Request{}).WithContext(ctx),
autorest.AsJSON(),
autorest.AsGet(),
autorest.WithBaseURL(to.String(cl.NextLink)))
}
// ContactListPage contains a page of Contact values.
type ContactListPage struct {
fn func(context.Context, ContactList) (ContactList, error)
cl ContactList
}
// NextWithContext advances to the next page of values. If there was an error making
// the request the page does not advance and the error is returned.
func (page *ContactListPage) NextWithContext(ctx context.Context) (err error) {
if tracing.IsEnabled() {
ctx = tracing.StartSpan(ctx, fqdn+"/ContactListPage.NextWithContext")
defer func() {
sc := -1
if page.Response().Response.Response != nil {
sc = page.Response().Response.Response.StatusCode
}
tracing.EndSpan(ctx, sc, err)
}()
}
next, err := page.fn(ctx, page.cl)
if err != nil {
return err
}
page.cl = next
return nil
}
// Next advances to the next page of values. If there was an error making
// the request the page does not advance and the error is returned.
// Deprecated: Use NextWithContext() instead.
func (page *ContactListPage) Next() error {
return page.NextWithContext(context.Background())
}
// NotDone returns true if the page enumeration should be started or is not yet complete.
func (page ContactListPage) NotDone() bool {
return !page.cl.IsEmpty()
}
// Response returns the raw server response from the last page request.
func (page ContactListPage) Response() ContactList {
return page.cl
}
// Values returns the slice of values for the current page or nil if there are no values.
func (page ContactListPage) Values() []Contact {
if page.cl.IsEmpty() {
return nil
}
return *page.cl.Value
}
// Creates a new instance of the ContactListPage type.
func NewContactListPage(getNextPage func(context.Context, ContactList) (ContactList, error)) ContactListPage {
return ContactListPage{fn: getNextPage}
}
// ContactProperties describes security contact properties
type ContactProperties struct {
// Email - The email of this security contact
Email *string `json:"email,omitempty"`
// Phone - The phone number of this security contact
Phone *string `json:"phone,omitempty"`
// AlertNotifications - Whether to send security alerts notifications to the security contact. Possible values include: 'On', 'Off'
AlertNotifications AlertNotifications `json:"alertNotifications,omitempty"`
// AlertsToAdmins - Whether to send security alerts notifications to subscription admins. Possible values include: 'AlertsToAdminsOn', 'AlertsToAdminsOff'
AlertsToAdmins AlertsToAdmins `json:"alertsToAdmins,omitempty"`
}
// ContainerRegistryVulnerabilityProperties additional context fields for container registry Vulnerability
// assessment
type ContainerRegistryVulnerabilityProperties struct {
// Type - READ-ONLY; Vulnerability Type. e.g: Vulnerability, Potential Vulnerability, Information Gathered, Vulnerability
Type *string `json:"type,omitempty"`
// Cvss - READ-ONLY; Dictionary from cvss version to cvss details object
Cvss map[string]*CVSS `json:"cvss"`
// Patchable - READ-ONLY; Indicates whether a patch is available or not
Patchable *bool `json:"patchable,omitempty"`
// Cve - READ-ONLY; List of CVEs
Cve *[]CVE `json:"cve,omitempty"`
// PublishedTime - READ-ONLY; Published time
PublishedTime *date.Time `json:"publishedTime,omitempty"`
// VendorReferences - READ-ONLY
VendorReferences *[]VendorReference `json:"vendorReferences,omitempty"`
// RepositoryName - READ-ONLY; Name of the repository which the vulnerable image belongs to
RepositoryName *string `json:"repositoryName,omitempty"`
// ImageDigest - READ-ONLY; Digest of the vulnerable image
ImageDigest *string `json:"imageDigest,omitempty"`
// AssessedResourceType - Possible values include: 'AssessedResourceTypeAdditionalData', 'AssessedResourceTypeSQLServerVulnerability', 'AssessedResourceTypeContainerRegistryVulnerability', 'AssessedResourceTypeServerVulnerabilityAssessment'
AssessedResourceType AssessedResourceType `json:"assessedResourceType,omitempty"`
}
// MarshalJSON is the custom marshaler for ContainerRegistryVulnerabilityProperties.
func (crvp ContainerRegistryVulnerabilityProperties) MarshalJSON() ([]byte, error) {
crvp.AssessedResourceType = AssessedResourceTypeContainerRegistryVulnerability
objectMap := make(map[string]interface{})
if crvp.AssessedResourceType != "" {
objectMap["assessedResourceType"] = crvp.AssessedResourceType
}
return json.Marshal(objectMap)
}
// AsSQLServerVulnerabilityProperties is the BasicAdditionalData implementation for ContainerRegistryVulnerabilityProperties.
func (crvp ContainerRegistryVulnerabilityProperties) AsSQLServerVulnerabilityProperties() (*SQLServerVulnerabilityProperties, bool) {
return nil, false
}
// AsContainerRegistryVulnerabilityProperties is the BasicAdditionalData implementation for ContainerRegistryVulnerabilityProperties.
func (crvp ContainerRegistryVulnerabilityProperties) AsContainerRegistryVulnerabilityProperties() (*ContainerRegistryVulnerabilityProperties, bool) {
return &crvp, true
}
// AsServerVulnerabilityProperties is the BasicAdditionalData implementation for ContainerRegistryVulnerabilityProperties.
func (crvp ContainerRegistryVulnerabilityProperties) AsServerVulnerabilityProperties() (*ServerVulnerabilityProperties, bool) {
return nil, false
}
// AsAdditionalData is the BasicAdditionalData implementation for ContainerRegistryVulnerabilityProperties.
func (crvp ContainerRegistryVulnerabilityProperties) AsAdditionalData() (*AdditionalData, bool) {
return nil, false
}
// AsBasicAdditionalData is the BasicAdditionalData implementation for ContainerRegistryVulnerabilityProperties.
func (crvp ContainerRegistryVulnerabilityProperties) AsBasicAdditionalData() (BasicAdditionalData, bool) {
return &crvp, true
}
// CustomAlertRule a custom alert rule
type CustomAlertRule struct {
// DisplayName - READ-ONLY; The display name of the custom alert.
DisplayName *string `json:"displayName,omitempty"`
// Description - READ-ONLY; The description of the custom alert.
Description *string `json:"description,omitempty"`
// IsEnabled - Whether the custom alert is enabled.
IsEnabled *bool `json:"isEnabled,omitempty"`
// RuleType - The type of the custom alert rule.
RuleType *string `json:"ruleType,omitempty"`
}
// CVE CVE details
type CVE struct {
// Title - READ-ONLY; CVE title
Title *string `json:"title,omitempty"`
// Link - READ-ONLY; Link url
Link *string `json:"link,omitempty"`
}
// CVSS CVSS details
type CVSS struct {
// Base - READ-ONLY; CVSS base
Base *float64 `json:"base,omitempty"`
}
// DataExportSetting represents a data export setting
type DataExportSetting struct {
// DataExportSettingProperties - Data export setting data
*DataExportSettingProperties `json:"properties,omitempty"`
// Kind - the kind of the settings string (DataExportSetting). Possible values include: 'SettingKindDataExportSetting', 'SettingKindAlertSuppressionSetting'
Kind SettingKind `json:"kind,omitempty"`
// ID - READ-ONLY; Resource Id
ID *string `json:"id,omitempty"`
// Name - READ-ONLY; Resource name
Name *string `json:"name,omitempty"`
// Type - READ-ONLY; Resource type
Type *string `json:"type,omitempty"`
}
// MarshalJSON is the custom marshaler for DataExportSetting.
func (desVar DataExportSetting) MarshalJSON() ([]byte, error) {
objectMap := make(map[string]interface{})
if desVar.DataExportSettingProperties != nil {
objectMap["properties"] = desVar.DataExportSettingProperties
}
if desVar.Kind != "" {
objectMap["kind"] = desVar.Kind
}
return json.Marshal(objectMap)
}
// UnmarshalJSON is the custom unmarshaler for DataExportSetting struct.
func (desVar *DataExportSetting) UnmarshalJSON(body []byte) error {
var m map[string]*json.RawMessage
err := json.Unmarshal(body, &m)
if err != nil {
return err
}
for k, v := range m {
switch k {
case "properties":
if v != nil {
var dataExportSettingProperties DataExportSettingProperties
err = json.Unmarshal(*v, &dataExportSettingProperties)
if err != nil {
return err
}
desVar.DataExportSettingProperties = &dataExportSettingProperties
}
case "kind":
if v != nil {
var kind SettingKind
err = json.Unmarshal(*v, &kind)
if err != nil {
return err
}
desVar.Kind = kind
}
case "id":
if v != nil {
var ID string
err = json.Unmarshal(*v, &ID)
if err != nil {
return err
}
desVar.ID = &ID
}
case "name":
if v != nil {
var name string
err = json.Unmarshal(*v, &name)
if err != nil {
return err
}
desVar.Name = &name
}
case "type":
if v != nil {
var typeVar string
err = json.Unmarshal(*v, &typeVar)
if err != nil {
return err
}
desVar.Type = &typeVar
}
}
}
return nil
}
// DataExportSettingProperties the data export setting properties
type DataExportSettingProperties struct {
// Enabled - Is the data export setting is enabled
Enabled *bool `json:"enabled,omitempty"`
}
// DenylistCustomAlertRule a custom alert rule that checks if a value (depends on the custom alert type) is
// denied
type DenylistCustomAlertRule struct {
// DenylistValues - The values to deny. The format of the values depends on the rule type.
DenylistValues *[]string `json:"denylistValues,omitempty"`
// ValueType - READ-ONLY; The value type of the items in the list. Possible values include: 'IPCidr', 'String'
ValueType ValueType `json:"valueType,omitempty"`
// DisplayName - READ-ONLY; The display name of the custom alert.
DisplayName *string `json:"displayName,omitempty"`
// Description - READ-ONLY; The description of the custom alert.
Description *string `json:"description,omitempty"`
// IsEnabled - Whether the custom alert is enabled.
IsEnabled *bool `json:"isEnabled,omitempty"`
// RuleType - The type of the custom alert rule.
RuleType *string `json:"ruleType,omitempty"`
}
// DeviceSecurityGroup the device security group resource