@azure/arm-security

import * as coreAuth from '@azure/core-auth'; import * as coreClient from '@azure/core-client'; import { PagedAsyncIterableIterator } from '@azure/core-paging'; import { PollerLike } from '@azure/core-lro'; import { PollOperationState } from '@azure/core-lro'; /** * Defines values for AadConnectivityState. \ * {@link KnownAadConnectivityState} can be used interchangeably with AadConnectivityState, * this enum contains the known values that the service supports. * ### Known values supported by the service * **Discovered** \ * **NotLicensed** \ * **Connected** */ export declare type AadConnectivityState = string; /** Describes an Azure resource with kind */ export declare interface AadConnectivityStateAutoGenerated { /** The connectivity state of the external AAD solution */ connectivityState?: AadConnectivityState; } /** Represents an AAD identity protection solution which sends logs to an OMS workspace. */ export declare type AadExternalSecuritySolution = ExternalSecuritySolution & { /** The external security solution properties for AAD solutions */ properties?: AadSolutionProperties; }; /** The external security solution properties for AAD solutions */ export declare type AadSolutionProperties = ExternalSecuritySolutionProperties & AadConnectivityStateAutoGenerated & {}; /** * Defines values for ActionType. \ * {@link KnownActionType} can be used interchangeably with ActionType, * this enum contains the known values that the service supports. * ### Known values supported by the service * **LogicApp** \ * **EventHub** \ * **Workspace** */ export declare type ActionType = string; /** Number of active connections is not in allowed range. */ export declare type ActiveConnectionsNotInAllowedRange = TimeWindowCustomAlertRule & { /** Polymorphic discriminator, which specifies the different types this object can be */ ruleType: "ActiveConnectionsNotInAllowedRange"; }; export declare type AdaptiveApplicationControlGroup = Resource & Location_2 & { /** The application control policy enforcement/protection mode of the machine group */ enforcementMode?: EnforcementMode; /** The protection mode of the collection/file types. Exe/Msi/Script are used for Windows, Executable is used for Linux. */ protectionMode?: ProtectionMode; /** * The configuration status of the machines group or machine or rule * NOTE: This property will not be serialized. It can only be populated by the server. */ readonly configurationStatus?: ConfigurationStatus; /** * The initial recommendation status of the machine group or machine * NOTE: This property will not be serialized. It can only be populated by the server. */ readonly recommendationStatus?: RecommendationStatus; /** NOTE: This property will not be serialized. It can only be populated by the server. */ readonly issues?: AdaptiveApplicationControlIssueSummary[]; /** * The source type of the machine group * NOTE: This property will not be serialized. It can only be populated by the server. */ readonly sourceSystem?: SourceSystem; vmRecommendations?: VmRecommendation[]; pathRecommendations?: PathRecommendation[]; }; /** Represents a list of machine groups and set of rules that are recommended by Azure Security Center to be allowed */ export declare interface AdaptiveApplicationControlGroups { value?: AdaptiveApplicationControlGroup[]; } /** * Defines values for AdaptiveApplicationControlIssue. \ * {@link KnownAdaptiveApplicationControlIssue} can be used interchangeably with AdaptiveApplicationControlIssue, * this enum contains the known values that the service supports. * ### Known values supported by the service * **ViolationsAudited** \ * **ViolationsBlocked** \ * **MsiAndScriptViolationsAudited** \ * **MsiAndScriptViolationsBlocked** \ * **ExecutableViolationsAudited** \ * **RulesViolatedManually** */ export declare type AdaptiveApplicationControlIssue = string; /** Represents a summary of the alerts of the machine group */ export declare interface AdaptiveApplicationControlIssueSummary { /** An alert that machines within a group can have */ issue?: AdaptiveApplicationControlIssue; /** The number of machines in the group that have this alert */ numberOfVms?: number; } /** Interface representing a AdaptiveApplicationControls. */ export declare interface AdaptiveApplicationControls { /** * Gets a list of application control machine groups for the subscription. * @param options The options parameters. */ list(options?: AdaptiveApplicationControlsListOptionalParams): Promise<AdaptiveApplicationControlsListResponse>; /** * Gets an application control VM/server group. * @param ascLocation The location where ASC stores the data of the subscription. can be retrieved from * Get locations * @param groupName Name of an application control machine group * @param options The options parameters. */ get(ascLocation: string, groupName: string, options?: AdaptiveApplicationControlsGetOptionalParams): Promise<AdaptiveApplicationControlsGetResponse>; /** * Update an application control machine group * @param ascLocation The location where ASC stores the data of the subscription. can be retrieved from * Get locations * @param groupName Name of an application control machine group * @param body * @param options The options parameters. */ put(ascLocation: string, groupName: string, body: AdaptiveApplicationControlGroup, options?: AdaptiveApplicationControlsPutOptionalParams): Promise<AdaptiveApplicationControlsPutResponse>; /** * Delete an application control machine group * @param ascLocation The location where ASC stores the data of the subscription. can be retrieved from * Get locations * @param groupName Name of an application control machine group * @param options The options parameters. */ delete(ascLocation: string, groupName: string, options?: AdaptiveApplicationControlsDeleteOptionalParams): Promise<void>; } /** Optional parameters. */ export declare interface AdaptiveApplicationControlsDeleteOptionalParams extends coreClient.OperationOptions { } /** Optional parameters. */ export declare interface AdaptiveApplicationControlsGetOptionalParams extends coreClient.OperationOptions { } /** Contains response data for the get operation. */ export declare type AdaptiveApplicationControlsGetResponse = AdaptiveApplicationControlGroup; /** Optional parameters. */ export declare interface AdaptiveApplicationControlsListOptionalParams extends coreClient.OperationOptions { /** Include the policy rules */ includePathRecommendations?: boolean; /** Return output in a summarized form */ summary?: boolean; } /** Contains response data for the list operation. */ export declare type AdaptiveApplicationControlsListResponse = AdaptiveApplicationControlGroups; /** Optional parameters. */ export declare interface AdaptiveApplicationControlsPutOptionalParams extends coreClient.OperationOptions { } /** Contains response data for the put operation. */ export declare type AdaptiveApplicationControlsPutResponse = AdaptiveApplicationControlGroup; /** The resource whose properties describes the Adaptive Network Hardening settings for some Azure resource */ export declare type AdaptiveNetworkHardening = Resource & { /** The security rules which are recommended to be effective on the VM */ rules?: Rule[]; /** The UTC time on which the rules were calculated */ rulesCalculationTime?: Date; /** The Network Security Groups effective on the network interfaces of the protected resource */ effectiveNetworkSecurityGroups?: EffectiveNetworkSecurityGroups[]; }; export declare interface AdaptiveNetworkHardeningEnforceRequest { /** The rules to enforce */ rules: Rule[]; /** The Azure resource IDs of the effective network security groups that will be updated with the created security rules from the Adaptive Network Hardening rules */ networkSecurityGroups: string[]; } /** Interface representing a AdaptiveNetworkHardenings. */ export declare interface AdaptiveNetworkHardenings { /** * Gets a list of Adaptive Network Hardenings resources in scope of an extended resource. * @param resourceGroupName The name of the resource group within the user's subscription. The name is * case insensitive. * @param resourceNamespace The Namespace of the resource. * @param resourceType The type of the resource. * @param resourceName Name of the resource. * @param options The options parameters. */ listByExtendedResource(resourceGroupName: string, resourceNamespace: string, resourceType: string, resourceName: string, options?: AdaptiveNetworkHardeningsListByExtendedResourceOptionalParams): PagedAsyncIterableIterator<AdaptiveNetworkHardening>; /** * Gets a single Adaptive Network Hardening resource * @param resourceGroupName The name of the resource group within the user's subscription. The name is * case insensitive. * @param resourceNamespace The Namespace of the resource. * @param resourceType The type of the resource. * @param resourceName Name of the resource. * @param adaptiveNetworkHardeningResourceName The name of the Adaptive Network Hardening resource. * @param options The options parameters. */ get(resourceGroupName: string, resourceNamespace: string, resourceType: string, resourceName: string, adaptiveNetworkHardeningResourceName: string, options?: AdaptiveNetworkHardeningsGetOptionalParams): Promise<AdaptiveNetworkHardeningsGetResponse>; /** * Enforces the given rules on the NSG(s) listed in the request * @param resourceGroupName The name of the resource group within the user's subscription. The name is * case insensitive. * @param resourceNamespace The Namespace of the resource. * @param resourceType The type of the resource. * @param resourceName Name of the resource. * @param adaptiveNetworkHardeningResourceName The name of the Adaptive Network Hardening resource. * @param body * @param options The options parameters. */ beginEnforce(resourceGroupName: string, resourceNamespace: string, resourceType: string, resourceName: string, adaptiveNetworkHardeningResourceName: string, body: AdaptiveNetworkHardeningEnforceRequest, options?: AdaptiveNetworkHardeningsEnforceOptionalParams): Promise<PollerLike<PollOperationState<void>, void>>; /** * Enforces the given rules on the NSG(s) listed in the request * @param resourceGroupName The name of the resource group within the user's subscription. The name is * case insensitive. * @param resourceNamespace The Namespace of the resource. * @param resourceType The type of the resource. * @param resourceName Name of the resource. * @param adaptiveNetworkHardeningResourceName The name of the Adaptive Network Hardening resource. * @param body * @param options The options parameters. */ beginEnforceAndWait(resourceGroupName: string, resourceNamespace: string, resourceType: string, resourceName: string, adaptiveNetworkHardeningResourceName: string, body: AdaptiveNetworkHardeningEnforceRequest, options?: AdaptiveNetworkHardeningsEnforceOptionalParams): Promise<void>; } /** Optional parameters. */ export declare interface AdaptiveNetworkHardeningsEnforceOptionalParams extends coreClient.OperationOptions { /** Delay to wait until next poll, in milliseconds. */ updateIntervalInMs?: number; /** A serialized poller which can be used to resume an existing paused Long-Running-Operation. */ resumeFrom?: string; } /** Optional parameters. */ export declare interface AdaptiveNetworkHardeningsGetOptionalParams extends coreClient.OperationOptions { } /** Contains response data for the get operation. */ export declare type AdaptiveNetworkHardeningsGetResponse = AdaptiveNetworkHardening; /** Response for ListAdaptiveNetworkHardenings API service call */ export declare interface AdaptiveNetworkHardeningsList { /** A list of Adaptive Network Hardenings resources */ value?: AdaptiveNetworkHardening[]; /** The URL to get the next set of results */ nextLink?: string; } /** Optional parameters. */ export declare interface AdaptiveNetworkHardeningsListByExtendedResourceNextOptionalParams extends coreClient.OperationOptions { } /** Contains response data for the listByExtendedResourceNext operation. */ export declare type AdaptiveNetworkHardeningsListByExtendedResourceNextResponse = AdaptiveNetworkHardeningsList; /** Optional parameters. */ export declare interface AdaptiveNetworkHardeningsListByExtendedResourceOptionalParams extends coreClient.OperationOptions { } /** Contains response data for the listByExtendedResource operation. */ export declare type AdaptiveNetworkHardeningsListByExtendedResourceResponse = AdaptiveNetworkHardeningsList; /** Details of the sub-assessment */ export declare interface AdditionalData { /** Polymorphic discriminator, which specifies the different types this object can be */ assessedResourceType: "SqlServerVulnerability" | "ContainerRegistryVulnerability" | "ServerVulnerabilityAssessment"; } export declare type AdditionalDataUnion = AdditionalData | SqlServerVulnerabilityProperties | ContainerRegistryVulnerabilityProperties | ServerVulnerabilityProperties; /** * Defines values for AdditionalWorkspaceDataType. \ * {@link KnownAdditionalWorkspaceDataType} can be used interchangeably with AdditionalWorkspaceDataType, * this enum contains the known values that the service supports. * ### Known values supported by the service * **Alerts** \ * **RawEvents** */ export declare type AdditionalWorkspaceDataType = string; /** Properties of the additional workspaces. */ export declare interface AdditionalWorkspacesProperties { /** Workspace resource id */ workspace?: string; /** Workspace type. */ type?: AdditionalWorkspaceType; /** List of data types sent to workspace */ dataTypes?: AdditionalWorkspaceDataType[]; } /** * Defines values for AdditionalWorkspaceType. \ * {@link KnownAdditionalWorkspaceType} can be used interchangeably with AdditionalWorkspaceType, * this enum contains the known values that the service supports. * ### Known values supported by the service * **Sentinel** */ export declare type AdditionalWorkspaceType = string; /** Interface representing a AdvancedThreatProtection. */ export declare interface AdvancedThreatProtection { /** * Gets the Advanced Threat Protection settings for the specified resource. * @param resourceId The identifier of the resource. * @param options The options parameters. */ get(resourceId: string, options?: AdvancedThreatProtectionGetOptionalParams): Promise<AdvancedThreatProtectionGetResponse>; /** * Creates or updates the Advanced Threat Protection settings on a specified resource. * @param resourceId The identifier of the resource. * @param advancedThreatProtectionSetting Advanced Threat Protection Settings * @param options The options parameters. */ create(resourceId: string, advancedThreatProtectionSetting: AdvancedThreatProtectionSetting, options?: AdvancedThreatProtectionCreateOptionalParams): Promise<AdvancedThreatProtectionCreateResponse>; } /** Optional parameters. */ export declare interface AdvancedThreatProtectionCreateOptionalParams extends coreClient.OperationOptions { } /** Contains response data for the create operation. */ export declare type AdvancedThreatProtectionCreateResponse = AdvancedThreatProtectionSetting; /** Optional parameters. */ export declare interface AdvancedThreatProtectionGetOptionalParams extends coreClient.OperationOptions { } /** Contains response data for the get operation. */ export declare type AdvancedThreatProtectionGetResponse = AdvancedThreatProtectionSetting; /** The Advanced Threat Protection resource. */ export declare type AdvancedThreatProtectionSetting = Resource & { /** Indicates whether Advanced Threat Protection is enabled. */ isEnabled?: boolean; }; /** Security alert */ export declare type Alert = Resource & { /** * Unique identifier for the detection logic (all alert instances from the same detection logic will have the same alertType). * NOTE: This property will not be serialized. It can only be populated by the server. */ readonly alertType?: string; /** * Unique identifier for the alert. * NOTE: This property will not be serialized. It can only be populated by the server. */ readonly systemAlertId?: string; /** * The name of Azure Security Center pricing tier which powering this alert. Learn more: https://docs.microsoft.com/en-us/azure/security-center/security-center-pricing * NOTE: This property will not be serialized. It can only be populated by the server. */ readonly productComponentName?: string; /** * The display name of the alert. * NOTE: This property will not be serialized. It can only be populated by the server. */ readonly alertDisplayName?: string; /** * Description of the suspicious activity that was detected. * NOTE: This property will not be serialized. It can only be populated by the server. */ readonly description?: string; /** * The risk level of the threat that was detected. Learn more: https://docs.microsoft.com/en-us/azure/security-center/security-center-alerts-overview#how-are-alerts-classified. * NOTE: This property will not be serialized. It can only be populated by the server. */ readonly severity?: AlertSeverity; /** * The kill chain related intent behind the alert. For list of supported values, and explanations of Azure Security Center's supported kill chain intents. * NOTE: This property will not be serialized. It can only be populated by the server. */ readonly intent?: Intent; /** * The UTC time of the first event or activity included in the alert in ISO8601 format. * NOTE: This property will not be serialized. It can only be populated by the server. */ readonly startTimeUtc?: Date; /** * The UTC time of the last event or activity included in the alert in ISO8601 format. * NOTE: This property will not be serialized. It can only be populated by the server. */ readonly endTimeUtc?: Date; /** * The resource identifiers that can be used to direct the alert to the right product exposure group (tenant, workspace, subscription etc.). There can be multiple identifiers of different type per alert. * NOTE: This property will not be serialized. It can only be populated by the server. */ readonly resourceIdentifiers?: ResourceIdentifierUnion[]; /** * Manual action items to take to remediate the alert. * NOTE: This property will not be serialized. It can only be populated by the server. */ readonly remediationSteps?: string[]; /** * The name of the vendor that raises the alert. * NOTE: This property will not be serialized. It can only be populated by the server. */ readonly vendorName?: string; /** * The life cycle status of the alert. * NOTE: This property will not be serialized. It can only be populated by the server. */ readonly status?: AlertStatus; /** * Links related to the alert * NOTE: This property will not be serialized. It can only be populated by the server. */ readonly extendedLinks?: { [propertyName: string]: string; }[]; /** * A direct link to the alert page in Azure Portal. * NOTE: This property will not be serialized. It can only be populated by the server. */ readonly alertUri?: string; /** * The UTC time the alert was generated in ISO8601 format. * NOTE: This property will not be serialized. It can only be populated by the server. */ readonly timeGeneratedUtc?: Date; /** * The name of the product which published this alert (Azure Security Center, Azure ATP, Microsoft Defender ATP, O365 ATP, MCAS, and so on). * NOTE: This property will not be serialized. It can only be populated by the server. */ readonly productName?: string; /** * The UTC processing end time of the alert in ISO8601 format. * NOTE: This property will not be serialized. It can only be populated by the server. */ readonly processingEndTimeUtc?: Date; /** * A list of entities related to the alert. * NOTE: This property will not be serialized. It can only be populated by the server. */ readonly entities?: AlertEntity[]; /** * This field determines whether the alert is an incident (a compound grouping of several alerts) or a single alert. * NOTE: This property will not be serialized. It can only be populated by the server. */ readonly isIncident?: boolean; /** * Key for corelating related alerts. Alerts with the same correlation key considered to be related. * NOTE: This property will not be serialized. It can only be populated by the server. */ readonly correlationKey?: string; /** Custom properties for the alert. */ extendedProperties?: { [propertyName: string]: string; }; /** * The display name of the resource most related to this alert. * NOTE: This property will not be serialized. It can only be populated by the server. */ readonly compromisedEntity?: string; }; /** Changing set of properties depending on the entity type. */ export declare interface AlertEntity { /** Describes unknown properties. The value of an unknown property can be of "any" type. */ [property: string]: any; /** * Type of entity * NOTE: This property will not be serialized. It can only be populated by the server. */ readonly type?: string; } /** List of security alerts */ export declare interface AlertList { /** describes security alert properties. */ value?: Alert[]; /** * The URI to fetch the next page. * NOTE: This property will not be serialized. It can only be populated by the server. */ readonly nextLink?: string; } /** * Defines values for AlertNotifications. \ * {@link KnownAlertNotifications} can be used interchangeably with AlertNotifications, * this enum contains the known values that the service supports. * ### Known values supported by the service * **On**: Get notifications on new alerts \ * **Off**: Don't get notifications on new alerts */ export declare type AlertNotifications = string; /** Interface representing a Alerts. */ export declare interface Alerts { /** * List all the alerts that are associated with the subscription * @param options The options parameters. */ list(options?: AlertsListOptionalParams): PagedAsyncIterableIterator<Alert>; /** * List all the alerts that are associated with the resource group * @param resourceGroupName The name of the resource group within the user's subscription. The name is * case insensitive. * @param options The options parameters. */ listByResourceGroup(resourceGroupName: string, options?: AlertsListByResourceGroupOptionalParams): PagedAsyncIterableIterator<Alert>; /** * List all the alerts that are associated with the subscription that are stored in a specific location * @param ascLocation The location where ASC stores the data of the subscription. can be retrieved from * Get locations * @param options The options parameters. */ listSubscriptionLevelByRegion(ascLocation: string, options?: AlertsListSubscriptionLevelByRegionOptionalParams): PagedAsyncIterableIterator<Alert>; /** * List all the alerts that are associated with the resource group that are stored in a specific * location * @param ascLocation The location where ASC stores the data of the subscription. can be retrieved from * Get locations * @param resourceGroupName The name of the resource group within the user's subscription. The name is * case insensitive. * @param options The options parameters. */ listResourceGroupLevelByRegion(ascLocation: string, resourceGroupName: string, options?: AlertsListResourceGroupLevelByRegionOptionalParams): PagedAsyncIterableIterator<Alert>; /** * Get an alert that is associated with a subscription * @param ascLocation The location where ASC stores the data of the subscription. can be retrieved from * Get locations * @param alertName Name of the alert object * @param options The options parameters. */ getSubscriptionLevel(ascLocation: string, alertName: string, options?: AlertsGetSubscriptionLevelOptionalParams): Promise<AlertsGetSubscriptionLevelResponse>; /** * Get an alert that is associated a resource group or a resource in a resource group * @param ascLocation The location where ASC stores the data of the subscription. can be retrieved from * Get locations * @param alertName Name of the alert object * @param resourceGroupName The name of the resource group within the user's subscription. The name is * case insensitive. * @param options The options parameters. */ getResourceGroupLevel(ascLocation: string, alertName: string, resourceGroupName: string, options?: AlertsGetResourceGroupLevelOptionalParams): Promise<AlertsGetResourceGroupLevelResponse>; /** * Update the alert's state * @param ascLocation The location where ASC stores the data of the subscription. can be retrieved from * Get locations * @param alertName Name of the alert object * @param options The options parameters. */ updateSubscriptionLevelStateToDismiss(ascLocation: string, alertName: string, options?: AlertsUpdateSubscriptionLevelStateToDismissOptionalParams): Promise<void>; /** * Update the alert's state * @param ascLocation The location where ASC stores the data of the subscription. can be retrieved from * Get locations * @param alertName Name of the alert object * @param options The options parameters. */ updateSubscriptionLevelStateToResolve(ascLocation: string, alertName: string, options?: AlertsUpdateSubscriptionLevelStateToResolveOptionalParams): Promise<void>; /** * Update the alert's state * @param ascLocation The location where ASC stores the data of the subscription. can be retrieved from * Get locations * @param alertName Name of the alert object * @param options The options parameters. */ updateSubscriptionLevelStateToActivate(ascLocation: string, alertName: string, options?: AlertsUpdateSubscriptionLevelStateToActivateOptionalParams): Promise<void>; /** * Update the alert's state * @param ascLocation The location where ASC stores the data of the subscription. can be retrieved from * Get locations * @param alertName Name of the alert object * @param resourceGroupName The name of the resource group within the user's subscription. The name is * case insensitive. * @param options The options parameters. */ updateResourceGroupLevelStateToResolve(ascLocation: string, alertName: string, resourceGroupName: string, options?: AlertsUpdateResourceGroupLevelStateToResolveOptionalParams): Promise<void>; /** * Update the alert's state * @param ascLocation The location where ASC stores the data of the subscription. can be retrieved from * Get locations * @param alertName Name of the alert object * @param resourceGroupName The name of the resource group within the user's subscription. The name is * case insensitive. * @param options The options parameters. */ updateResourceGroupLevelStateToDismiss(ascLocation: string, alertName: string, resourceGroupName: string, options?: AlertsUpdateResourceGroupLevelStateToDismissOptionalParams): Promise<void>; /** * Update the alert's state * @param ascLocation The location where ASC stores the data of the subscription. can be retrieved from * Get locations * @param alertName Name of the alert object * @param resourceGroupName The name of the resource group within the user's subscription. The name is * case insensitive. * @param options The options parameters. */ updateResourceGroupLevelStateToActivate(ascLocation: string, alertName: string, resourceGroupName: string, options?: AlertsUpdateResourceGroupLevelStateToActivateOptionalParams): Promise<void>; /** * Simulate security alerts * @param ascLocation The location where ASC stores the data of the subscription. can be retrieved from * Get locations * @param alertSimulatorRequestBody Alert Simulator Request Properties * @param options The options parameters. */ simulate(ascLocation: string, alertSimulatorRequestBody: AlertSimulatorRequestBody, options?: AlertsSimulateOptionalParams): Promise<void>; } /** * Defines values for AlertSeverity. \ * {@link KnownAlertSeverity} can be used interchangeably with AlertSeverity, * this enum contains the known values that the service supports. * ### Known values supported by the service * **Informational**: Informational \ * **Low**: Low \ * **Medium**: Medium \ * **High**: High */ export declare type AlertSeverity = string; /** Optional parameters. */ export declare interface AlertsGetResourceGroupLevelOptionalParams extends coreClient.OperationOptions { } /** Contains response data for the getResourceGroupLevel operation. */ export declare type AlertsGetResourceGroupLevelResponse = Alert; /** Optional parameters. */ export declare interface AlertsGetSubscriptionLevelOptionalParams extends coreClient.OperationOptions { } /** Contains response data for the getSubscriptionLevel operation. */ export declare type AlertsGetSubscriptionLevelResponse = Alert; /** Simulate alerts according to this bundles. */ export declare type AlertSimulatorBundlesRequestProperties = AlertSimulatorRequestProperties & { /** Polymorphic discriminator, which specifies the different types this object can be */ kind: "Bundles"; /** Bundles list. */ bundles?: BundleType[]; }; /** Alert Simulator request body. */ export declare interface AlertSimulatorRequestBody { /** Alert Simulator request body data. */ properties?: AlertSimulatorRequestPropertiesUnion; } /** Describes properties of an alert simulation request */ export declare interface AlertSimulatorRequestProperties { /** Polymorphic discriminator, which specifies the different types this object can be */ kind: "Bundles"; /** Describes unknown properties. The value of an unknown property can be of "any" type. */ [property: string]: any; } export declare type AlertSimulatorRequestPropertiesUnion = AlertSimulatorRequestProperties | AlertSimulatorBundlesRequestProperties; /** Optional parameters. */ export declare interface AlertsListByResourceGroupNextOptionalParams extends coreClient.OperationOptions { } /** Contains response data for the listByResourceGroupNext operation. */ export declare type AlertsListByResourceGroupNextResponse = AlertList; /** Optional parameters. */ export declare interface AlertsListByResourceGroupOptionalParams extends coreClient.OperationOptions { } /** Contains response data for the listByResourceGroup operation. */ export declare type AlertsListByResourceGroupResponse = AlertList; /** Optional parameters. */ export declare interface AlertsListNextOptionalParams extends coreClient.OperationOptions { } /** Contains response data for the listNext operation. */ export declare type AlertsListNextResponse = AlertList; /** Optional parameters. */ export declare interface AlertsListOptionalParams extends coreClient.OperationOptions { } /** Optional parameters. */ export declare interface AlertsListResourceGroupLevelByRegionNextOptionalParams extends coreClient.OperationOptions { } /** Contains response data for the listResourceGroupLevelByRegionNext operation. */ export declare type AlertsListResourceGroupLevelByRegionNextResponse = AlertList; /** Optional parameters. */ export declare interface AlertsListResourceGroupLevelByRegionOptionalParams extends coreClient.OperationOptions { } /** Contains response data for the listResourceGroupLevelByRegion operation. */ export declare type AlertsListResourceGroupLevelByRegionResponse = AlertList; /** Contains response data for the list operation. */ export declare type AlertsListResponse = AlertList; /** Optional parameters. */ export declare interface AlertsListSubscriptionLevelByRegionNextOptionalParams extends coreClient.OperationOptions { } /** Contains response data for the listSubscriptionLevelByRegionNext operation. */ export declare type AlertsListSubscriptionLevelByRegionNextResponse = AlertList; /** Optional parameters. */ export declare interface AlertsListSubscriptionLevelByRegionOptionalParams extends coreClient.OperationOptions { } /** Contains response data for the listSubscriptionLevelByRegion operation. */ export declare type AlertsListSubscriptionLevelByRegionResponse = AlertList; /** Optional parameters. */ export declare interface AlertsSimulateOptionalParams extends coreClient.OperationOptions { } /** Describes the suppression rule */ export declare type AlertsSuppressionRule = Resource & { /** Type of the alert to automatically suppress. For all alert types, use '*' */ alertType?: string; /** * The last time this rule was modified * NOTE: This property will not be serialized. It can only be populated by the server. */ readonly lastModifiedUtc?: Date; /** Expiration date of the rule, if value is not provided or provided as null this field will default to the maximum allowed expiration date. */ expirationDateUtc?: Date; /** The reason for dismissing the alert */ reason?: string; /** Possible states of the rule */ state?: RuleState; /** Any comment regarding the rule */ comment?: string; /** The suppression conditions */ suppressionAlertsScope?: SuppressionAlertsScope; }; /** Interface representing a AlertsSuppressionRules. */ export declare interface AlertsSuppressionRules { /** * List of all the dismiss rules for the given subscription * @param options The options parameters. */ list(options?: AlertsSuppressionRulesListOptionalParams): PagedAsyncIterableIterator<AlertsSuppressionRule>; /** * Get dismiss rule, with name: {alertsSuppressionRuleName}, for the given subscription * @param alertsSuppressionRuleName The unique name of the suppression alert rule * @param options The options parameters. */ get(alertsSuppressionRuleName: string, options?: AlertsSuppressionRulesGetOptionalParams): Promise<AlertsSuppressionRulesGetResponse>; /** * Update existing rule or create new rule if it doesn't exist * @param alertsSuppressionRuleName The unique name of the suppression alert rule * @param alertsSuppressionRule Suppression rule object * @param options The options parameters. */ update(alertsSuppressionRuleName: string, alertsSuppressionRule: AlertsSuppressionRule, options?: AlertsSuppressionRulesUpdateOptionalParams): Promise<AlertsSuppressionRulesUpdateResponse>; /** * Delete dismiss alert rule for this subscription. * @param alertsSuppressionRuleName The unique name of the suppression alert rule * @param options The options parameters. */ delete(alertsSuppressionRuleName: string, options?: AlertsSuppressionRulesDeleteOptionalParams): Promise<void>; } /** Optional parameters. */ export declare interface AlertsSuppressionRulesDeleteOptionalParams extends coreClient.OperationOptions { } /** Optional parameters. */ export declare interface AlertsSuppressionRulesGetOptionalParams extends coreClient.OperationOptions { } /** Contains response data for the get operation. */ export declare type AlertsSuppressionRulesGetResponse = AlertsSuppressionRule; /** Suppression rules list for subscription. */ export declare interface AlertsSuppressionRulesList { value: AlertsSuppressionRule[]; /** * URI to fetch the next page. * NOTE: This property will not be serialized. It can only be populated by the server. */ readonly nextLink?: string; } /** Optional parameters. */ export declare interface AlertsSuppressionRulesListNextOptionalParams extends coreClient.OperationOptions { /** Type of the alert to get rules for */ alertType?: string; } /** Contains response data for the listNext operation. */ export declare type AlertsSuppressionRulesListNextResponse = AlertsSuppressionRulesList; /** Optional parameters. */ export declare interface AlertsSuppressionRulesListOptionalParams extends coreClient.OperationOptions { /** Type of the alert to get rules for */ alertType?: string; } /** Contains response data for the list operation. */ export declare type AlertsSuppressionRulesListResponse = AlertsSuppressionRulesList; /** Optional parameters. */ export declare interface AlertsSuppressionRulesUpdateOptionalParams extends coreClient.OperationOptions { } /** Contains response data for the update operation. */ export declare type AlertsSuppressionRulesUpdateResponse = AlertsSuppressionRule; /** * Defines values for AlertStatus. \ * {@link KnownAlertStatus} can be used interchangeably with AlertStatus, * this enum contains the known values that the service supports. * ### Known values supported by the service * **Active**: An alert which doesn't specify a value is assigned the status 'Active' \ * **Resolved**: Alert closed after handling \ * **Dismissed**: Alert dismissed as false positive */ export declare type AlertStatus = string; /** * Defines values for AlertsToAdmins. \ * {@link KnownAlertsToAdmins} can be used interchangeably with AlertsToAdmins, * this enum contains the known values that the service supports. * ### Known values supported by the service * **On**: Send notification on new alerts to the subscription's admins \ * **Off**: Don't send notification on new alerts to the subscription's admins */ export declare type AlertsToAdmins = string; /** Optional parameters. */ export declare interface AlertsUpdateResourceGroupLevelStateToActivateOptionalParams extends coreClient.OperationOptions { } /** Optional parameters. */ export declare interface AlertsUpdateResourceGroupLevelStateToDismissOptionalParams extends coreClient.OperationOptions { } /** Optional parameters. */ export declare interface AlertsUpdateResourceGroupLevelStateToResolveOptionalParams extends coreClient.OperationOptions { } /** Optional parameters. */ export declare interface AlertsUpdateSubscriptionLevelStateToActivateOptionalParams extends coreClient.OperationOptions { } /** Optional parameters. */ export declare interface AlertsUpdateSubscriptionLevelStateToDismissOptionalParams extends coreClient.OperationOptions { } /** Optional parameters. */ export declare interface AlertsUpdateSubscriptionLevelStateToResolveOptionalParams extends coreClient.OperationOptions { } /** Represents an alert sync setting */ export declare type AlertSyncSettings = Setting & { /** Is the alert sync setting enabled */ enabled?: boolean; }; /** Interface representing a AllowedConnections. */ export declare interface AllowedConnections { /** * Gets the list of all possible traffic between resources for the subscription * @param options The options parameters. */ list(options?: AllowedConnectionsListOptionalParams): PagedAsyncIterableIterator<AllowedConnectionsResource>; /** * Gets the list of all possible traffic between resources for the subscription and location. * @param ascLocation The location where ASC stores the data of the subscription. can be retrieved from * Get locations * @param options The options parameters. */ listByHomeRegion(ascLocation: string, options?: AllowedConnectionsListByHomeRegionOptionalParams): PagedAsyncIterableIterator<AllowedConnectionsResource>; /** * Gets the list of all possible traffic between resources for the subscription and location, based on * connection type. * @param resourceGroupName The name of the resource group within the user's subscription. The name is * case insensitive. * @param ascLocation The location where ASC stores the data of the subscription. can be retrieved from * Get locations * @param connectionType The type of allowed connections (Internal, External) * @param options The options parameters. */ get(resourceGroupName: string, ascLocation: string, connectionType: ConnectionType_2, options?: AllowedConnectionsGetOptionalParams): Promise<AllowedConnectionsGetResponse>; } /** Optional parameters. */ export declare interface AllowedConnectionsGetOptionalParams extends coreClient.OperationOptions { } /** Contains response data for the get operation. */ export declare type AllowedConnectionsGetResponse = AllowedConnectionsResource; /** List of all possible traffic between Azure resources */ export declare interface AllowedConnectionsList { /** NOTE: This property will not be serialized. It can only be populated by the server. */ readonly value?: AllowedConnectionsResource[]; /** * The URI to fetch the next page. * NOTE: This property will not be serialized. It can only be populated by the server. */ readonly nextLink?: string; } /** Optional parameters. */ export declare interface AllowedConnectionsListByHomeRegionNextOptionalParams extends coreClient.OperationOptions { } /** Contains response data for the listByHomeRegionNext operation. */ export declare type AllowedConnectionsListByHomeRegionNextResponse = AllowedConnectionsList; /** Optional parameters. */ export declare interface AllowedConnectionsListByHomeRegionOptionalParams extends coreClient.OperationOptions { } /** Contains response data for the listByHomeRegion operation. */ export declare type AllowedConnectionsListByHomeRegionResponse = AllowedConnectionsList; /** Optional parameters. */ export declare interface AllowedConnectionsListNextOptionalParams extends coreClient.OperationOptions { } /** Contains response data for the listNext operation. */ export declare type AllowedConnectionsListNextResponse = AllowedConnectionsList; /** Optional parameters. */ export declare interface AllowedConnectionsListOptionalParams extends coreClient.OperationOptions { } /** Contains response data for the list operation. */ export declare type AllowedConnectionsListResponse = AllowedConnectionsList; /** The resource whose properties describes the allowed traffic between Azure resources */ export declare type AllowedConnectionsResource = Resource & Location_2 & { /** * The UTC time on which the allowed connections resource was calculated * NOTE: This property will not be serialized. It can only be populated by the server. */ readonly calculatedDateTime?: Date; /** * List of connectable resources * NOTE: This property will not be serialized. It can only be populated by the server. */ readonly connectableResources?: ConnectableResource[]; }; /** A custom alert rule that checks if a value (depends on the custom alert type) is allowed. */ export declare type AllowlistCustomAlertRule = ListCustomAlertRule & { /** Polymorphic discriminator, which specifies the different types this object can be */ ruleType: "AllowlistCustomAlertRule" | "ConnectionToIpNotAllowed" | "ConnectionFromIpNotAllowed" | "LocalUserNotAllowed" | "ProcessNotAllowed"; /** The values to allow. The format of the values depends on the rule type. */ allowlistValues: string[]; }; export declare type AllowlistCustomAlertRuleUnion = AllowlistCustomAlertRule | ConnectionToIpNotAllowed | ConnectionFromIpNotAllowed | LocalUserNotAllowed | ProcessNotAllowed; /** Number of cloud to device messages (AMQP protocol) is not in allowed range. */ export declare type AmqpC2DMessagesNotInAllowedRange = TimeWindowCustomAlertRule & { /** Polymorphic discriminator, which specifies the different types this object can be */ ruleType: "AmqpC2DMessagesNotInAllowedRange"; }; /** Number of rejected cloud to device messages (AMQP protocol) is not in allowed range. */ export declare type AmqpC2DRejectedMessagesNotInAllowedRange = TimeWindowCustomAlertRule & { /** Polymorphic discriminator, which specifies the different types this object can be */ ruleType: "AmqpC2DRejectedMessagesNotInAllowedRange"; }; /** Number of device to cloud messages (AMQP protocol) is not in allowed range. */ export declare type AmqpD2CMessagesNotInAllowedRange = TimeWindowCustomAlertRule & { /** Polymorphic discriminator, which specifies the different types this object can be */ ruleType: "AmqpD2CMessagesNotInAllowedRange"; }; /** The ASC location of the subscription is in the "name" field */ export declare type AscLocation = Resource & { /** Any object */ properties?: Record<string, unknown>; }; /** List of locations where ASC saves your data */ export declare interface AscLocationList { /** NOTE: This property will not be serialized. It can only be populated by the server. */ readonly value?: AscLocation[]; /** * The URI to fetch the next page. * NOTE: This property will not be serialized. It can only be populated by the server. */ readonly nextLink?: string; } /** * Defines values for AssessedResourceType. \ * {@link KnownAssessedResourceType} can be used interchangeably with AssessedResourceType, * this enum contains the known values that the service supports. * ### Known values supported by the service * **SqlServerVulnerability** \ * **ContainerRegistryVulnerability** \ * **ServerVulnerability** */ export declare type AssessedResourceType = string; /** Links relevant to the assessment */ export declare interface AssessmentLinks { /** * Link to assessment in Azure Portal * NOTE: This property will not be serialized. It can only be populated by the server. */ readonly azurePortalUri?: string; } /** Interface representing a Assessments. */ export declare interface Assessments { /** * Get security assessments on all your scanned resources inside a scope * @param scope Scope of the query, can be subscription * (/subscriptions/0b06d9ea-afe6-4779-bd59-30e5c2d9d13f) or management group * (/providers/Microsoft.Management/managementGroups/mgName). * @param options The options parameters. */ list(scope: string, options?: AssessmentsListOptionalParams): PagedAsyncIterableIterator<SecurityAssessmentResponse>; /** * Get a security assessment on your scanned resource * @param resourceId The identifier of the resource. * @param assessmentName The Assessment Key - Unique key for the assessment type * @param options The options parameters. */ get(resourceId: string, assessmentName: string, options?: AssessmentsGetOptionalParams): Promise<AssessmentsGetResponse>; /** * Create a security assessment on your resource. An assessment metadata that describes this assessment * must be predefined with the same name before inserting the assessment result * @param resourceId The identifier of the resource. * @param assessmentName The Assessment Key - Unique key for the assessment type * @param assessment Calculated assessment on a pre-defined assessment metadata * @param options The options parameters. */ createOrUpdate(resourceId: string, assessmentName: string, assessment: SecurityAssessment, options?: AssessmentsCreateOrUpdateOptionalParams): Promise<AssessmentsCreateOrUpdateResponse>; /** * Delete a security assessment on your resource. An assessment metadata that describes this assessment * must be predefined with the same