diff --git a/cmd/aro/rp.go b/cmd/aro/rp.go index 44f7195e412..b9e032a9a53 100644 --- a/cmd/aro/rp.go +++ b/cmd/aro/rp.go @@ -147,6 +147,7 @@ func rp(ctx context.Context, log, audit *logrus.Entry) error { return err } + // Note: When handling DB operations don't delete records but set TTL on them otherwise if we're leveraging change feeds, it will break. dbPlatformWorkloadIdentityRoleSets, err := database.NewPlatformWorkloadIdentityRoleSets(ctx, dbc, dbName) if err != nil { return err @@ -175,7 +176,7 @@ func rp(ctx context.Context, log, audit *logrus.Entry) error { return err } - b, err := backend.NewBackend(ctx, log.WithField("component", "backend"), _env, dbAsyncOperations, dbBilling, dbGateway, dbOpenShiftClusters, dbSubscriptions, dbOpenShiftVersions, aead, metrics) + b, err := backend.NewBackend(ctx, log.WithField("component", "backend"), _env, dbAsyncOperations, dbBilling, dbGateway, dbOpenShiftClusters, dbSubscriptions, dbOpenShiftVersions, dbPlatformWorkloadIdentityRoleSets, aead, metrics) if err != nil { return err } diff --git a/go.mod b/go.mod index fd48c2433f4..e98207c1501 100644 --- a/go.mod +++ b/go.mod @@ -6,6 +6,7 @@ require ( github.com/Azure/azure-sdk-for-go v63.1.0+incompatible github.com/Azure/azure-sdk-for-go/sdk/azcore v1.11.1 github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.6.0 + github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3 v3.0.0-beta.2 github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/cosmos/armcosmos/v2 v2.5.0 github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/dns/armdns v1.2.0 github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/keyvault/armkeyvault v1.4.0 diff --git a/go.sum b/go.sum index c67c2473689..e614dd8d3f9 100644 --- a/go.sum +++ b/go.sum @@ -10,6 +10,8 @@ github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.6.0 h1:U2rTu3Ef+7w9FHKIAXM6Z github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.6.0/go.mod h1:9kIvujWAA58nmPmWB1m23fyWic1kYZMxD9CxaWn4Qpg= github.com/Azure/azure-sdk-for-go/sdk/internal v1.8.0 h1:jBQA3cKT4L2rWMpgE7Yt3Hwh2aUj8KXjIGLxjHeYNNo= github.com/Azure/azure-sdk-for-go/sdk/internal v1.8.0/go.mod h1:4OG6tQ9EOP/MT0NMjDlRzWoVFxfu9rN9B2X+tlSVktg= +github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3 v3.0.0-beta.2 h1:qiir/pptnHqp6hV8QwV+IExYIf6cPsXBfUDUXQ27t2Y= +github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3 v3.0.0-beta.2/go.mod h1:jVRrRDLCOuif95HDYC23ADTMlvahB7tMdl519m9Iyjc= github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/cosmos/armcosmos/v2 v2.5.0 h1:FTNvxTFH/08JBmhcbL5lmLaGYVXokZM6Ni92Mqr+gSg= github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/cosmos/armcosmos/v2 v2.5.0/go.mod h1:T0ryqIz5h5qg4HOBni+VeRn24alSqOx1Se1IAwUByOk= github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/dns/armdns v1.2.0 h1:lpOxwrQ919lCZoNCd69rVt8u1eLZuMORrGXqy8sNf3c= diff --git a/pkg/api/error.go b/pkg/api/error.go index 8e688331c42..17027669126 100644 --- a/pkg/api/error.go +++ b/pkg/api/error.go @@ -91,6 +91,7 @@ const ( CloudErrorCodeInvalidServicePrincipalClaims = "InvalidServicePrincipalClaims" CloudErrorCodeInvalidResourceProviderPermissions = "InvalidResourceProviderPermissions" CloudErrorCodeInvalidServicePrincipalPermissions = "InvalidServicePrincipalPermissions" + CloudErrorCodeInvalidWorkloadIdentityPermissions = "InvalidWorkloadIdentityPermissions" CloudErrorCodeInvalidLocation = "InvalidLocation" CloudErrorCodeInvalidOperationID = "InvalidOperationID" CloudErrorCodeDuplicateClientID = "DuplicateClientID" @@ -105,6 +106,8 @@ const ( CloudErrorCodeInvalidNetworkAddress = "InvalidNetworkAddress" CloudErrorCodeThrottlingLimitExceeded = "ThrottlingLimitExceeded" CloudErrorCodeInvalidCIDRRange = "InvalidCIDRRange" + CloudErrorCodePlatformWorkloadIdentityMismatch = "CloudErrorCodePlatformWorkloadIdentityMismatch" + CloudErrorCodeInvalidClusterMSICount = "CloudErrorCodeInvalidClusterMSICount" ) // NewCloudError returns a new CloudError diff --git a/pkg/api/v20240812preview/openshiftcluster_validatestatic.go b/pkg/api/v20240812preview/openshiftcluster_validatestatic.go index e334aa21d3c..d8add72e151 100644 --- a/pkg/api/v20240812preview/openshiftcluster_validatestatic.go +++ b/pkg/api/v20240812preview/openshiftcluster_validatestatic.go @@ -499,5 +499,10 @@ func (sv openShiftClusterStaticValidator) validatePlatformIdentities(oc *OpenShi if clusterIdentityPresent != operatorRolePresent { return api.NewCloudError(http.StatusBadRequest, api.CloudErrorCodeInvalidParameter, "identity", "Cluster identity and platform workload identities require each other.") } + + if operatorRolePresent && len(oc.Identity.UserAssignedIdentities) != 1 { + return api.NewCloudError(http.StatusBadRequest, api.CloudErrorCodeInvalidParameter, "identity", "The provided cluster identity is invalid; there should be exactly one.") + } + return nil } diff --git a/pkg/api/v20240812preview/openshiftcluster_validatestatic_test.go b/pkg/api/v20240812preview/openshiftcluster_validatestatic_test.go index 4a024da8d62..5cf7b46f2cf 100644 --- a/pkg/api/v20240812preview/openshiftcluster_validatestatic_test.go +++ b/pkg/api/v20240812preview/openshiftcluster_validatestatic_test.go @@ -1351,6 +1351,21 @@ func TestOpenShiftClusterStaticValidatePlatformWorkloadIdentityProfile(t *testin }, wantErr: "400: InvalidParameter: identity: Cluster identity and platform workload identities require each other.", }, + { + name: "platform workload identity - cluster identity map is empty", + modify: func(oc *OpenShiftCluster) { + oc.Properties.PlatformWorkloadIdentityProfile = &PlatformWorkloadIdentityProfile{ + PlatformWorkloadIdentities: []PlatformWorkloadIdentity{ + { + OperatorName: "operator_name", + }, + }, + } + oc.Properties.ServicePrincipalProfile = nil + oc.Identity = &Identity{} + }, + wantErr: "400: InvalidParameter: identity: The provided cluster identity is invalid; there should be exactly one.", + }, { name: "operator name missing", modify: func(oc *OpenShiftCluster) { @@ -1385,7 +1400,11 @@ func TestOpenShiftClusterStaticValidatePlatformWorkloadIdentityProfile(t *testin { name: "valid UpgradeableTo value", modify: func(oc *OpenShiftCluster) { - oc.Identity = &Identity{} + oc.Identity = &Identity{ + UserAssignedIdentities: UserAssignedIdentities{ + "Dummy": ClusterUserAssignedIdentity{}, + }, + } oc.Properties.ServicePrincipalProfile = nil oc.Properties.PlatformWorkloadIdentityProfile = &PlatformWorkloadIdentityProfile{ UpgradeableTo: &validUpgradeableToValue, @@ -1395,7 +1414,11 @@ func TestOpenShiftClusterStaticValidatePlatformWorkloadIdentityProfile(t *testin { name: "invalid UpgradeableTo value", modify: func(oc *OpenShiftCluster) { - oc.Identity = &Identity{} + oc.Identity = &Identity{ + UserAssignedIdentities: UserAssignedIdentities{ + "Dummy": ClusterUserAssignedIdentity{}, + }, + } oc.Properties.ServicePrincipalProfile = nil oc.Properties.PlatformWorkloadIdentityProfile = &PlatformWorkloadIdentityProfile{ UpgradeableTo: &invalidUpgradeableToValue, diff --git a/pkg/backend/backend.go b/pkg/backend/backend.go index 73c552ab773..977e3375452 100644 --- a/pkg/backend/backend.go +++ b/pkg/backend/backend.go @@ -28,12 +28,13 @@ type backend struct { baseLog *logrus.Entry env env.Interface - dbAsyncOperations database.AsyncOperations - dbBilling database.Billing - dbGateway database.Gateway - dbOpenShiftClusters database.OpenShiftClusters - dbSubscriptions database.Subscriptions - dbOpenShiftVersions database.OpenShiftVersions + dbAsyncOperations database.AsyncOperations + dbBilling database.Billing + dbGateway database.Gateway + dbOpenShiftClusters database.OpenShiftClusters + dbSubscriptions database.Subscriptions + dbOpenShiftVersions database.OpenShiftVersions + dbPlatformWorkloadIdentityRoleSets database.PlatformWorkloadIdentityRoleSets aead encryption.AEAD m metrics.Emitter @@ -54,8 +55,8 @@ type Runnable interface { } // NewBackend returns a new runnable backend -func NewBackend(ctx context.Context, log *logrus.Entry, env env.Interface, dbAsyncOperations database.AsyncOperations, dbBilling database.Billing, dbGateway database.Gateway, dbOpenShiftClusters database.OpenShiftClusters, dbSubscriptions database.Subscriptions, dbOpenShiftVersions database.OpenShiftVersions, aead encryption.AEAD, m metrics.Emitter) (Runnable, error) { - b, err := newBackend(ctx, log, env, dbAsyncOperations, dbBilling, dbGateway, dbOpenShiftClusters, dbSubscriptions, dbOpenShiftVersions, aead, m) +func NewBackend(ctx context.Context, log *logrus.Entry, env env.Interface, dbAsyncOperations database.AsyncOperations, dbBilling database.Billing, dbGateway database.Gateway, dbOpenShiftClusters database.OpenShiftClusters, dbSubscriptions database.Subscriptions, dbOpenShiftVersions database.OpenShiftVersions, dbPlatformWorkloadIdentityRoleSets database.PlatformWorkloadIdentityRoleSets, aead encryption.AEAD, m metrics.Emitter) (Runnable, error) { + b, err := newBackend(ctx, log, env, dbAsyncOperations, dbBilling, dbGateway, dbOpenShiftClusters, dbSubscriptions, dbOpenShiftVersions, dbPlatformWorkloadIdentityRoleSets, aead, m) if err != nil { return nil, err } @@ -65,7 +66,7 @@ func NewBackend(ctx context.Context, log *logrus.Entry, env env.Interface, dbAsy return b, nil } -func newBackend(ctx context.Context, log *logrus.Entry, env env.Interface, dbAsyncOperations database.AsyncOperations, dbBilling database.Billing, dbGateway database.Gateway, dbOpenShiftClusters database.OpenShiftClusters, dbSubscriptions database.Subscriptions, dbOpenShiftVersions database.OpenShiftVersions, aead encryption.AEAD, m metrics.Emitter) (*backend, error) { +func newBackend(ctx context.Context, log *logrus.Entry, env env.Interface, dbAsyncOperations database.AsyncOperations, dbBilling database.Billing, dbGateway database.Gateway, dbOpenShiftClusters database.OpenShiftClusters, dbSubscriptions database.Subscriptions, dbOpenShiftVersions database.OpenShiftVersions, dbPlatformWorkloadIdentityRoleSets database.PlatformWorkloadIdentityRoleSets, aead encryption.AEAD, m metrics.Emitter) (*backend, error) { billing, err := billing.NewManager(env, dbBilling, dbSubscriptions, log) if err != nil { return nil, err @@ -75,12 +76,13 @@ func newBackend(ctx context.Context, log *logrus.Entry, env env.Interface, dbAsy baseLog: log, env: env, - dbAsyncOperations: dbAsyncOperations, - dbBilling: dbBilling, - dbGateway: dbGateway, - dbOpenShiftClusters: dbOpenShiftClusters, - dbSubscriptions: dbSubscriptions, - dbOpenShiftVersions: dbOpenShiftVersions, + dbAsyncOperations: dbAsyncOperations, + dbBilling: dbBilling, + dbGateway: dbGateway, + dbOpenShiftClusters: dbOpenShiftClusters, + dbSubscriptions: dbSubscriptions, + dbOpenShiftVersions: dbOpenShiftVersions, + dbPlatformWorkloadIdentityRoleSets: dbPlatformWorkloadIdentityRoleSets, billing: billing, aead: aead, diff --git a/pkg/backend/openshiftcluster.go b/pkg/backend/openshiftcluster.go index c9cfe941e30..ba97d9fb208 100644 --- a/pkg/backend/openshiftcluster.go +++ b/pkg/backend/openshiftcluster.go @@ -30,7 +30,7 @@ import ( type openShiftClusterBackend struct { *backend - newManager func(context.Context, *logrus.Entry, env.Interface, database.OpenShiftClusters, database.Gateway, database.OpenShiftVersions, encryption.AEAD, billing.Manager, *api.OpenShiftClusterDocument, *api.SubscriptionDocument, hive.ClusterManager, metrics.Emitter) (cluster.Interface, error) + newManager func(context.Context, *logrus.Entry, env.Interface, database.OpenShiftClusters, database.Gateway, database.OpenShiftVersions, database.PlatformWorkloadIdentityRoleSets, encryption.AEAD, billing.Manager, *api.OpenShiftClusterDocument, *api.SubscriptionDocument, hive.ClusterManager, metrics.Emitter) (cluster.Interface, error) } func newOpenShiftClusterBackend(b *backend) *openShiftClusterBackend { @@ -129,7 +129,7 @@ func (ocb *openShiftClusterBackend) handle(ctx context.Context, log *logrus.Entr } } - m, err := ocb.newManager(ctx, log, ocb.env, ocb.dbOpenShiftClusters, ocb.dbGateway, ocb.dbOpenShiftVersions, ocb.aead, ocb.billing, doc, subscriptionDoc, hr, ocb.m) + m, err := ocb.newManager(ctx, log, ocb.env, ocb.dbOpenShiftClusters, ocb.dbGateway, ocb.dbOpenShiftVersions, ocb.dbPlatformWorkloadIdentityRoleSets, ocb.aead, ocb.billing, doc, subscriptionDoc, hr, ocb.m) if err != nil { return ocb.endLease(ctx, log, stop, doc, api.ProvisioningStateFailed, api.ProvisioningStateFailed, err) } diff --git a/pkg/backend/openshiftcluster_test.go b/pkg/backend/openshiftcluster_test.go index d6dbb3a7364..5656adbe0f6 100644 --- a/pkg/backend/openshiftcluster_test.go +++ b/pkg/backend/openshiftcluster_test.go @@ -429,6 +429,7 @@ func TestBackendTry(t *testing.T) { dbSubscriptions, _ := testdatabase.NewFakeSubscriptions() uuidGen := deterministicuuid.NewTestUUIDGenerator(deterministicuuid.OPENSHIFT_VERSIONS) dbOpenShiftVersions, _ := testdatabase.NewFakeOpenShiftVersions(uuidGen) + dbPlatformWorkloadIdentityRoleSets, _ := testdatabase.NewFakePlatformWorkloadIdentityRoleSets(uuidGen) f := testdatabase.NewFixture().WithOpenShiftClusters(dbOpenShiftClusters).WithSubscriptions(dbSubscriptions) tt.mocks(manager, dbOpenShiftClusters) @@ -438,11 +439,11 @@ func TestBackendTry(t *testing.T) { t.Fatal(err) } - createManager := func(context.Context, *logrus.Entry, env.Interface, database.OpenShiftClusters, database.Gateway, database.OpenShiftVersions, encryption.AEAD, billing.Manager, *api.OpenShiftClusterDocument, *api.SubscriptionDocument, hive.ClusterManager, metrics.Emitter) (cluster.Interface, error) { + createManager := func(context.Context, *logrus.Entry, env.Interface, database.OpenShiftClusters, database.Gateway, database.OpenShiftVersions, database.PlatformWorkloadIdentityRoleSets, encryption.AEAD, billing.Manager, *api.OpenShiftClusterDocument, *api.SubscriptionDocument, hive.ClusterManager, metrics.Emitter) (cluster.Interface, error) { return manager, nil } - b, err := newBackend(ctx, log, _env, nil, nil, nil, dbOpenShiftClusters, dbSubscriptions, dbOpenShiftVersions, nil, &noop.Noop{}) + b, err := newBackend(ctx, log, _env, nil, nil, nil, dbOpenShiftClusters, dbSubscriptions, dbOpenShiftVersions, dbPlatformWorkloadIdentityRoleSets, nil, &noop.Noop{}) if err != nil { t.Fatal(err) } diff --git a/pkg/cluster/cluster.go b/pkg/cluster/cluster.go index 83ab2ba7d6e..7052b5f477d 100644 --- a/pkg/cluster/cluster.go +++ b/pkg/cluster/cluster.go @@ -34,6 +34,7 @@ import ( "github.com/Azure/ARO-RP/pkg/operator/deploy" "github.com/Azure/ARO-RP/pkg/util/azblob" "github.com/Azure/ARO-RP/pkg/util/azureclient" + "github.com/Azure/ARO-RP/pkg/util/azureclient/azuresdk/armauthorization" "github.com/Azure/ARO-RP/pkg/util/azureclient/azuresdk/armnetwork" "github.com/Azure/ARO-RP/pkg/util/azureclient/azuresdk/common" "github.com/Azure/ARO-RP/pkg/util/azureclient/mgmt/authorization" @@ -46,6 +47,7 @@ import ( "github.com/Azure/ARO-RP/pkg/util/dns" "github.com/Azure/ARO-RP/pkg/util/encryption" utilgraph "github.com/Azure/ARO-RP/pkg/util/graph" + "github.com/Azure/ARO-RP/pkg/util/platformworkloadidentity" "github.com/Azure/ARO-RP/pkg/util/refreshable" "github.com/Azure/ARO-RP/pkg/util/storage" "github.com/Azure/ARO-RP/pkg/util/subnet" @@ -93,6 +95,7 @@ type manager struct { virtualNetworkLinks privatedns.VirtualNetworkLinksClient roleAssignments authorization.RoleAssignmentsClient roleDefinitions authorization.RoleDefinitionsClient + armRoleDefinitions armauthorization.RoleDefinitionsClient denyAssignments authorization.DenyAssignmentClient fpPrivateEndpoints network.PrivateEndpointsClient // TODO: use armFPPrivateEndpoints instead. armFPPrivateEndpoints armnetwork.PrivateEndpointsClient @@ -127,10 +130,12 @@ type manager struct { now func() time.Time openShiftClusterDocumentVersioner openShiftClusterDocumentVersioner + + platformWorkloadIdentityRolesByVersion platformworkloadidentity.PlatformWorkloadIdentityRolesByVersion } // New returns a cluster manager -func New(ctx context.Context, log *logrus.Entry, _env env.Interface, db database.OpenShiftClusters, dbGateway database.Gateway, dbOpenShiftVersions database.OpenShiftVersions, aead encryption.AEAD, +func New(ctx context.Context, log *logrus.Entry, _env env.Interface, db database.OpenShiftClusters, dbGateway database.Gateway, dbOpenShiftVersions database.OpenShiftVersions, dbPlatformWorkloadIdentityRoleSets database.PlatformWorkloadIdentityRoleSets, aead encryption.AEAD, billing billing.Manager, doc *api.OpenShiftClusterDocument, subscriptionDoc *api.SubscriptionDocument, hiveClusterManager hive.ClusterManager, metricsEmitter metrics.Emitter, ) (Interface, error) { r, err := azure.ParseResourceID(doc.OpenShiftCluster.ID) @@ -233,6 +238,19 @@ func New(ctx context.Context, log *logrus.Entry, _env env.Interface, db database return nil, err } + armRoleDefinitionsClient, err := armauthorization.NewArmRoleDefinitionsClient(fpCredClusterTenant, &clientOptions) + if err != nil { + return nil, err + } + + platformWorkloadIdentityRolesByVersion := platformworkloadidentity.NewPlatformWorkloadIdentityRolesByVersionService() + if doc.OpenShiftCluster.UsesWorkloadIdentity() { + err = platformWorkloadIdentityRolesByVersion.PopulatePlatformWorkloadIdentityRolesByVersion(ctx, doc.OpenShiftCluster, dbPlatformWorkloadIdentityRoleSets) + if err != nil { + return nil, err + } + } + return &manager{ log: log, env: _env, @@ -264,6 +282,7 @@ func New(ctx context.Context, log *logrus.Entry, _env env.Interface, db database virtualNetworkLinks: privatedns.NewVirtualNetworkLinksClient(_env.Environment(), r.SubscriptionID, fpAuthorizer), roleAssignments: authorization.NewRoleAssignmentsClient(_env.Environment(), r.SubscriptionID, fpAuthorizer), roleDefinitions: authorization.NewRoleDefinitionsClient(_env.Environment(), r.SubscriptionID, fpAuthorizer), + armRoleDefinitions: armRoleDefinitionsClient, denyAssignments: authorization.NewDenyAssignmentsClient(_env.Environment(), r.SubscriptionID, fpAuthorizer), fpPrivateEndpoints: network.NewPrivateEndpointsClient(_env.Environment(), _env.SubscriptionID(), localFPAuthorizer), armFPPrivateEndpoints: armFPPrivateEndpoints, @@ -276,10 +295,11 @@ func New(ctx context.Context, log *logrus.Entry, _env env.Interface, db database graph: graph.NewManager(_env, log, aead, storage), rpBlob: rpBlob, - installViaHive: installViaHive, - adoptViaHive: adoptByHive, - hiveClusterManager: hiveClusterManager, - now: func() time.Time { return time.Now() }, - openShiftClusterDocumentVersioner: new(openShiftClusterDocumentVersionerService), + installViaHive: installViaHive, + adoptViaHive: adoptByHive, + hiveClusterManager: hiveClusterManager, + now: func() time.Time { return time.Now() }, + openShiftClusterDocumentVersioner: new(openShiftClusterDocumentVersionerService), + platformWorkloadIdentityRolesByVersion: platformWorkloadIdentityRolesByVersion, }, nil } diff --git a/pkg/cluster/validate.go b/pkg/cluster/validate.go index cfd4a85d029..6719628c129 100644 --- a/pkg/cluster/validate.go +++ b/pkg/cluster/validate.go @@ -10,12 +10,7 @@ import ( ) func (m *manager) validateResources(ctx context.Context) error { - ocDynamicValidator := validate.NewOpenShiftClusterDynamicValidator( - m.log, m.env, m.doc.OpenShiftCluster, m.subscriptionDoc, m.fpAuthorizer, - ) - err := ocDynamicValidator.Dynamic(ctx) - if err != nil { - return err - } - return err + return validate.NewOpenShiftClusterDynamicValidator( + m.log, m.env, m.doc.OpenShiftCluster, m.subscriptionDoc, m.fpAuthorizer, m.armRoleDefinitions, m.platformWorkloadIdentityRolesByVersion, + ).Dynamic(ctx) } diff --git a/pkg/portal/info.go b/pkg/portal/info.go index 1a6a6285806..4a9aa7026f2 100644 --- a/pkg/portal/info.go +++ b/pkg/portal/info.go @@ -10,6 +10,7 @@ import ( "github.com/gorilla/csrf" "github.com/Azure/ARO-RP/pkg/portal/middleware" + "github.com/Azure/ARO-RP/pkg/util/stringutils" "github.com/Azure/ARO-RP/pkg/util/version" ) @@ -23,7 +24,7 @@ type PortalInfo struct { func (p *portal) info(w http.ResponseWriter, r *http.Request) { ctx := r.Context() - elevated := len(middleware.GroupsIntersect(p.elevatedGroupIDs, ctx.Value(middleware.ContextKeyGroups).([]string))) > 0 + elevated := len(stringutils.GroupsIntersect(p.elevatedGroupIDs, ctx.Value(middleware.ContextKeyGroups).([]string))) > 0 resp := PortalInfo{ Location: p.env.Location(), diff --git a/pkg/portal/kubeconfig/kubeconfig.go b/pkg/portal/kubeconfig/kubeconfig.go index ec9808ffd1a..478cc243893 100644 --- a/pkg/portal/kubeconfig/kubeconfig.go +++ b/pkg/portal/kubeconfig/kubeconfig.go @@ -25,6 +25,7 @@ import ( "github.com/Azure/ARO-RP/pkg/portal/util/clientcache" "github.com/Azure/ARO-RP/pkg/proxy" "github.com/Azure/ARO-RP/pkg/util/roundtripper" + "github.com/Azure/ARO-RP/pkg/util/stringutils" ) const ( @@ -95,7 +96,7 @@ func (k *Kubeconfig) New(w http.ResponseWriter, r *http.Request) { return } - elevated := len(middleware.GroupsIntersect(k.elevatedGroupIDs, ctx.Value(middleware.ContextKeyGroups).([]string))) > 0 + elevated := len(stringutils.GroupsIntersect(k.elevatedGroupIDs, ctx.Value(middleware.ContextKeyGroups).([]string))) > 0 token := k.DbPortal.NewUUID() portalDoc := &api.PortalDocument{ diff --git a/pkg/portal/middleware/aad.go b/pkg/portal/middleware/aad.go index 294f7645f5e..73214b44f68 100644 --- a/pkg/portal/middleware/aad.go +++ b/pkg/portal/middleware/aad.go @@ -23,6 +23,7 @@ import ( "github.com/Azure/ARO-RP/pkg/env" "github.com/Azure/ARO-RP/pkg/util/oidc" "github.com/Azure/ARO-RP/pkg/util/roundtripper" + "github.com/Azure/ARO-RP/pkg/util/stringutils" "github.com/Azure/ARO-RP/pkg/util/uuid" ) @@ -308,7 +309,7 @@ func (a *aad) callback(w http.ResponseWriter, r *http.Request) { return } - groupsIntersect := GroupsIntersect(a.allGroups, claims.Groups) + groupsIntersect := stringutils.GroupsIntersect(a.allGroups, claims.Groups) if len(groupsIntersect) == 0 { http.Error(w, http.StatusText(http.StatusForbidden), http.StatusForbidden) } @@ -374,16 +375,3 @@ func (a *aad) internalServerError(w http.ResponseWriter, err error) { a.log.Warn(err) http.Error(w, http.StatusText(http.StatusInternalServerError), http.StatusInternalServerError) } - -func GroupsIntersect(as, bs []string) (gs []string) { - for _, a := range as { - for _, b := range bs { - if a == b { - gs = append(gs, a) - break - } - } - } - - return gs -} diff --git a/pkg/portal/ssh/ssh.go b/pkg/portal/ssh/ssh.go index 6977f7332e5..782151bacb0 100644 --- a/pkg/portal/ssh/ssh.go +++ b/pkg/portal/ssh/ssh.go @@ -25,6 +25,7 @@ import ( "github.com/Azure/ARO-RP/pkg/env" "github.com/Azure/ARO-RP/pkg/portal/middleware" "github.com/Azure/ARO-RP/pkg/proxy" + "github.com/Azure/ARO-RP/pkg/util/stringutils" ) const ( @@ -132,7 +133,7 @@ func (s *SSH) New(w http.ResponseWriter, r *http.Request) { return } - elevated := len(middleware.GroupsIntersect(s.elevatedGroupIDs, ctx.Value(middleware.ContextKeyGroups).([]string))) > 0 + elevated := len(stringutils.GroupsIntersect(s.elevatedGroupIDs, ctx.Value(middleware.ContextKeyGroups).([]string))) > 0 if !elevated { s.sendResponse(w, "", "", "", "Elevated access is required.", s.env.IsLocalDevelopmentMode()) return diff --git a/pkg/util/azureclient/azuresdk/armauthorization/generate.go b/pkg/util/azureclient/azuresdk/armauthorization/generate.go new file mode 100644 index 00000000000..2ae4931d933 --- /dev/null +++ b/pkg/util/azureclient/azuresdk/armauthorization/generate.go @@ -0,0 +1,8 @@ +package armauthorization + +// Copyright (c) Microsoft Corporation. +// Licensed under the Apache License 2.0. + +//go:generate rm -rf ../../../../util/mocks/$GOPACKAGE +//go:generate mockgen -destination=../../../../util/mocks/azureclient/azuresdk/$GOPACKAGE/$GOPACKAGE.go github.com/Azure/ARO-RP/pkg/util/azureclient/azuresdk/$GOPACKAGE RoleDefinitionsClient +//go:generate goimports -local=github.com/Azure/ARO-RP -e -w ../../../../util/mocks/azureclient/azuresdk/$GOPACKAGE/$GOPACKAGE.go diff --git a/pkg/util/azureclient/azuresdk/armauthorization/roledefinitions.go b/pkg/util/azureclient/azuresdk/armauthorization/roledefinitions.go new file mode 100644 index 00000000000..a5251e76ef1 --- /dev/null +++ b/pkg/util/azureclient/azuresdk/armauthorization/roledefinitions.go @@ -0,0 +1,29 @@ +package armauthorization + +// Copyright (c) Microsoft Corporation. +// Licensed under the Apache License 2.0. + +import ( + "context" + + "github.com/Azure/azure-sdk-for-go/sdk/azcore" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/arm" + "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3" +) + +type RoleDefinitionsClient interface { + GetByID(ctx context.Context, roleID string, options *armauthorization.RoleDefinitionsClientGetByIDOptions) (armauthorization.RoleDefinitionsClientGetByIDResponse, error) +} + +type ArmRoleDefinitionsClient struct { + *armauthorization.RoleDefinitionsClient +} + +var _ RoleDefinitionsClient = &ArmRoleDefinitionsClient{} + +func NewArmRoleDefinitionsClient(credential azcore.TokenCredential, options *arm.ClientOptions) (*ArmRoleDefinitionsClient, error) { + client, err := armauthorization.NewRoleDefinitionsClient(credential, options) + return &ArmRoleDefinitionsClient{ + RoleDefinitionsClient: client, + }, err +} diff --git a/pkg/util/mocks/azureclient/azuresdk/armauthorization/armauthorization.go b/pkg/util/mocks/azureclient/azuresdk/armauthorization/armauthorization.go new file mode 100644 index 00000000000..2c1ef9da874 --- /dev/null +++ b/pkg/util/mocks/azureclient/azuresdk/armauthorization/armauthorization.go @@ -0,0 +1,51 @@ +// Code generated by MockGen. DO NOT EDIT. +// Source: github.com/Azure/ARO-RP/pkg/util/azureclient/azuresdk/armauthorization (interfaces: RoleDefinitionsClient) + +// Package mock_armauthorization is a generated GoMock package. +package mock_armauthorization + +import ( + context "context" + reflect "reflect" + + armauthorization "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3" + gomock "github.com/golang/mock/gomock" +) + +// MockRoleDefinitionsClient is a mock of RoleDefinitionsClient interface. +type MockRoleDefinitionsClient struct { + ctrl *gomock.Controller + recorder *MockRoleDefinitionsClientMockRecorder +} + +// MockRoleDefinitionsClientMockRecorder is the mock recorder for MockRoleDefinitionsClient. +type MockRoleDefinitionsClientMockRecorder struct { + mock *MockRoleDefinitionsClient +} + +// NewMockRoleDefinitionsClient creates a new mock instance. +func NewMockRoleDefinitionsClient(ctrl *gomock.Controller) *MockRoleDefinitionsClient { + mock := &MockRoleDefinitionsClient{ctrl: ctrl} + mock.recorder = &MockRoleDefinitionsClientMockRecorder{mock} + return mock +} + +// EXPECT returns an object that allows the caller to indicate expected use. +func (m *MockRoleDefinitionsClient) EXPECT() *MockRoleDefinitionsClientMockRecorder { + return m.recorder +} + +// GetByID mocks base method. +func (m *MockRoleDefinitionsClient) GetByID(arg0 context.Context, arg1 string, arg2 *armauthorization.RoleDefinitionsClientGetByIDOptions) (armauthorization.RoleDefinitionsClientGetByIDResponse, error) { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "GetByID", arg0, arg1, arg2) + ret0, _ := ret[0].(armauthorization.RoleDefinitionsClientGetByIDResponse) + ret1, _ := ret[1].(error) + return ret0, ret1 +} + +// GetByID indicates an expected call of GetByID. +func (mr *MockRoleDefinitionsClientMockRecorder) GetByID(arg0, arg1, arg2 interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "GetByID", reflect.TypeOf((*MockRoleDefinitionsClient)(nil).GetByID), arg0, arg1, arg2) +} diff --git a/pkg/util/mocks/dynamic/dynamic.go b/pkg/util/mocks/dynamic/dynamic.go index f413a3f81a8..9e579496951 100644 --- a/pkg/util/mocks/dynamic/dynamic.go +++ b/pkg/util/mocks/dynamic/dynamic.go @@ -12,6 +12,7 @@ import ( gomock "github.com/golang/mock/gomock" api "github.com/Azure/ARO-RP/pkg/api" + armauthorization "github.com/Azure/ARO-RP/pkg/util/azureclient/azuresdk/armauthorization" dynamic "github.com/Azure/ARO-RP/pkg/validate/dynamic" ) @@ -117,6 +118,20 @@ func (mr *MockDynamicMockRecorder) ValidateLoadBalancerProfile(ctx, oc interface return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "ValidateLoadBalancerProfile", reflect.TypeOf((*MockDynamic)(nil).ValidateLoadBalancerProfile), ctx, oc) } +// ValidatePlatformWorkloadIdentityProfile mocks base method. +func (m *MockDynamic) ValidatePlatformWorkloadIdentityProfile(ctx context.Context, oc *api.OpenShiftCluster, platformWorkloadIdentityRolesByRoleName map[string]api.PlatformWorkloadIdentityRole, roleDefinitions armauthorization.RoleDefinitionsClient) error { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "ValidatePlatformWorkloadIdentityProfile", ctx, oc, platformWorkloadIdentityRolesByRoleName, roleDefinitions) + ret0, _ := ret[0].(error) + return ret0 +} + +// ValidatePlatformWorkloadIdentityProfile indicates an expected call of ValidatePlatformWorkloadIdentityProfile. +func (mr *MockDynamicMockRecorder) ValidatePlatformWorkloadIdentityProfile(ctx, oc, platformWorkloadIdentityRolesByRoleName, roleDefinitions interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "ValidatePlatformWorkloadIdentityProfile", reflect.TypeOf((*MockDynamic)(nil).ValidatePlatformWorkloadIdentityProfile), ctx, oc, platformWorkloadIdentityRolesByRoleName, roleDefinitions) +} + // ValidatePreConfiguredNSGs mocks base method. func (m *MockDynamic) ValidatePreConfiguredNSGs(ctx context.Context, oc *api.OpenShiftCluster, subnets []dynamic.Subnet) error { m.ctrl.T.Helper() diff --git a/pkg/util/mocks/platformworkloadidentity/platformworkloadidentity.go b/pkg/util/mocks/platformworkloadidentity/platformworkloadidentity.go new file mode 100644 index 00000000000..03205d1e579 --- /dev/null +++ b/pkg/util/mocks/platformworkloadidentity/platformworkloadidentity.go @@ -0,0 +1,66 @@ +// Code generated by MockGen. DO NOT EDIT. +// Source: github.com/Azure/ARO-RP/pkg/util/platformworkloadidentity (interfaces: PlatformWorkloadIdentityRolesByVersion) + +// Package mock_platformworkloadidentity is a generated GoMock package. +package mock_platformworkloadidentity + +import ( + context "context" + reflect "reflect" + + gomock "github.com/golang/mock/gomock" + + api "github.com/Azure/ARO-RP/pkg/api" + database "github.com/Azure/ARO-RP/pkg/database" +) + +// MockPlatformWorkloadIdentityRolesByVersion is a mock of PlatformWorkloadIdentityRolesByVersion interface. +type MockPlatformWorkloadIdentityRolesByVersion struct { + ctrl *gomock.Controller + recorder *MockPlatformWorkloadIdentityRolesByVersionMockRecorder +} + +// MockPlatformWorkloadIdentityRolesByVersionMockRecorder is the mock recorder for MockPlatformWorkloadIdentityRolesByVersion. +type MockPlatformWorkloadIdentityRolesByVersionMockRecorder struct { + mock *MockPlatformWorkloadIdentityRolesByVersion +} + +// NewMockPlatformWorkloadIdentityRolesByVersion creates a new mock instance. +func NewMockPlatformWorkloadIdentityRolesByVersion(ctrl *gomock.Controller) *MockPlatformWorkloadIdentityRolesByVersion { + mock := &MockPlatformWorkloadIdentityRolesByVersion{ctrl: ctrl} + mock.recorder = &MockPlatformWorkloadIdentityRolesByVersionMockRecorder{mock} + return mock +} + +// EXPECT returns an object that allows the caller to indicate expected use. +func (m *MockPlatformWorkloadIdentityRolesByVersion) EXPECT() *MockPlatformWorkloadIdentityRolesByVersionMockRecorder { + return m.recorder +} + +// GetPlatformWorkloadIdentityRolesByRoleName mocks base method. +func (m *MockPlatformWorkloadIdentityRolesByVersion) GetPlatformWorkloadIdentityRolesByRoleName() map[string]api.PlatformWorkloadIdentityRole { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "GetPlatformWorkloadIdentityRolesByRoleName") + ret0, _ := ret[0].(map[string]api.PlatformWorkloadIdentityRole) + return ret0 +} + +// GetPlatformWorkloadIdentityRolesByRoleName indicates an expected call of GetPlatformWorkloadIdentityRolesByRoleName. +func (mr *MockPlatformWorkloadIdentityRolesByVersionMockRecorder) GetPlatformWorkloadIdentityRolesByRoleName() *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "GetPlatformWorkloadIdentityRolesByRoleName", reflect.TypeOf((*MockPlatformWorkloadIdentityRolesByVersion)(nil).GetPlatformWorkloadIdentityRolesByRoleName)) +} + +// PopulatePlatformWorkloadIdentityRolesByVersion mocks base method. +func (m *MockPlatformWorkloadIdentityRolesByVersion) PopulatePlatformWorkloadIdentityRolesByVersion(arg0 context.Context, arg1 *api.OpenShiftCluster, arg2 database.PlatformWorkloadIdentityRoleSets) error { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "PopulatePlatformWorkloadIdentityRolesByVersion", arg0, arg1, arg2) + ret0, _ := ret[0].(error) + return ret0 +} + +// PopulatePlatformWorkloadIdentityRolesByVersion indicates an expected call of PopulatePlatformWorkloadIdentityRolesByVersion. +func (mr *MockPlatformWorkloadIdentityRolesByVersionMockRecorder) PopulatePlatformWorkloadIdentityRolesByVersion(arg0, arg1, arg2 interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "PopulatePlatformWorkloadIdentityRolesByVersion", reflect.TypeOf((*MockPlatformWorkloadIdentityRolesByVersion)(nil).PopulatePlatformWorkloadIdentityRolesByVersion), arg0, arg1, arg2) +} diff --git a/pkg/util/platformworkloadidentity/generate.go b/pkg/util/platformworkloadidentity/generate.go new file mode 100644 index 00000000000..58fb74ac0dd --- /dev/null +++ b/pkg/util/platformworkloadidentity/generate.go @@ -0,0 +1,8 @@ +package platformworkloadidentity + +// Copyright (c) Microsoft Corporation. +// Licensed under the Apache License 2.0. + +//go:generate rm -rf ../mocks/$GOPACKAGE +//go:generate mockgen -destination=../mocks/$GOPACKAGE/$GOPACKAGE.go github.com/Azure/ARO-RP/pkg/util/$GOPACKAGE PlatformWorkloadIdentityRolesByVersion +//go:generate goimports -local=github.com/Azure/ARO-RP -e -w ../mocks/$GOPACKAGE/$GOPACKAGE.go diff --git a/pkg/util/platformworkloadidentity/platformworkloadidentityrolesbyversion.go b/pkg/util/platformworkloadidentity/platformworkloadidentityrolesbyversion.go new file mode 100644 index 00000000000..0c29cadec1a --- /dev/null +++ b/pkg/util/platformworkloadidentity/platformworkloadidentityrolesbyversion.go @@ -0,0 +1,87 @@ +package platformworkloadidentity + +// Copyright (c) Microsoft Corporation. +// Licensed under the Apache License 2.0. + +import ( + "context" + "fmt" + "net/http" + + "github.com/Azure/ARO-RP/pkg/api" + "github.com/Azure/ARO-RP/pkg/database" + "github.com/Azure/ARO-RP/pkg/util/version" +) + +// PlatformWorkloadIdentityRolesByVersion is the interface that validates and obtains the version from an PlatformWorkloadIdentityRoleSetDocument. +type PlatformWorkloadIdentityRolesByVersion interface { + GetPlatformWorkloadIdentityRolesByRoleName() map[string]api.PlatformWorkloadIdentityRole + PopulatePlatformWorkloadIdentityRolesByVersion(ctx context.Context, oc *api.OpenShiftCluster, dbPlatformWorkloadIdentityRoleSets database.PlatformWorkloadIdentityRoleSets) error +} + +// platformWorkloadIdentityRolesByVersionService is the default implementation of the PlatformWorkloadIdentityRolesByVersion interface. +type PlatformWorkloadIdentityRolesByVersionService struct { + platformWorkloadIdentityRoles []api.PlatformWorkloadIdentityRole +} + +var _ PlatformWorkloadIdentityRolesByVersion = &PlatformWorkloadIdentityRolesByVersionService{} + +func NewPlatformWorkloadIdentityRolesByVersionService() *PlatformWorkloadIdentityRolesByVersionService { + return &PlatformWorkloadIdentityRolesByVersionService{ + platformWorkloadIdentityRoles: []api.PlatformWorkloadIdentityRole{}, + } +} + +// PopulatePlatformWorkloadIdentityRolesByVersion aims to populate platformWorkloadIdentityRoles for current OpenShift minor version and also for UpgradeableTo minor version if provided and is greater than the current version +func (service *PlatformWorkloadIdentityRolesByVersionService) PopulatePlatformWorkloadIdentityRolesByVersion(ctx context.Context, oc *api.OpenShiftCluster, dbPlatformWorkloadIdentityRoleSets database.PlatformWorkloadIdentityRoleSets) error { + if !oc.UsesWorkloadIdentity() { + return fmt.Errorf("PopulatePlatformWorkloadIdentityRolesByVersion called for a CSP cluster") + } + currentOpenShiftVersion, err := version.ParseVersion(oc.Properties.ClusterProfile.Version) + if err != nil { + return err + } + currentMinorVersion := currentOpenShiftVersion.MinorVersion() + requiredMinorVersions := map[string]bool{currentMinorVersion: false} + + docs, err := dbPlatformWorkloadIdentityRoleSets.ListAll(ctx) + if err != nil { + return err + } + + if oc.Properties.PlatformWorkloadIdentityProfile.UpgradeableTo != nil { + upgradeableVersion, err := version.ParseVersion(string(*oc.Properties.PlatformWorkloadIdentityProfile.UpgradeableTo)) + if err != nil { + return err + } + upgradeableMinorVersion := upgradeableVersion.MinorVersion() + if currentMinorVersion != upgradeableMinorVersion && currentOpenShiftVersion.Lt(upgradeableVersion) { + requiredMinorVersions[upgradeableMinorVersion] = false + } + } + + for _, doc := range docs.PlatformWorkloadIdentityRoleSetDocuments { + for version := range requiredMinorVersions { + if version == doc.PlatformWorkloadIdentityRoleSet.Properties.OpenShiftVersion { + service.platformWorkloadIdentityRoles = append(service.platformWorkloadIdentityRoles, doc.PlatformWorkloadIdentityRoleSet.Properties.PlatformWorkloadIdentityRoles...) + requiredMinorVersions[version] = true + } + } + } + + for version, exists := range requiredMinorVersions { + if !exists { + return api.NewCloudError(http.StatusBadRequest, api.CloudErrorCodeInvalidParameter, "", "No PlatformWorkloadIdentityRoleSet found for the requested or upgradeable OpenShift minor version '%s'. Please retry with different OpenShift version, and if the issue persists, raise an Azure support ticket", version) + } + } + + return nil +} + +func (service *PlatformWorkloadIdentityRolesByVersionService) GetPlatformWorkloadIdentityRolesByRoleName() map[string]api.PlatformWorkloadIdentityRole { + platformWorkloadIdentityRolesByRoleName := map[string]api.PlatformWorkloadIdentityRole{} + for _, role := range service.platformWorkloadIdentityRoles { + platformWorkloadIdentityRolesByRoleName[role.OperatorName] = role + } + return platformWorkloadIdentityRolesByRoleName +} diff --git a/pkg/util/platformworkloadidentity/platformworkloadidentityrolesbyversion_test.go b/pkg/util/platformworkloadidentity/platformworkloadidentityrolesbyversion_test.go new file mode 100644 index 00000000000..24799eb332e --- /dev/null +++ b/pkg/util/platformworkloadidentity/platformworkloadidentityrolesbyversion_test.go @@ -0,0 +1,293 @@ +package platformworkloadidentity + +// Copyright (c) Microsoft Corporation. +// Licensed under the Apache License 2.0. + +import ( + "context" + "testing" + + "k8s.io/utils/ptr" + + "github.com/Azure/ARO-RP/pkg/api" + "github.com/Azure/ARO-RP/pkg/database" + testdatabase "github.com/Azure/ARO-RP/test/database" + "github.com/Azure/ARO-RP/test/util/deterministicuuid" + utilerror "github.com/Azure/ARO-RP/test/util/error" +) + +func TestNewPlatformWorkloadIdentityRolesByVersion(t *testing.T) { + for _, tt := range []struct { + name string + oc *api.OpenShiftCluster + fixture func(f *testdatabase.Fixture) + mocks func(dbPlatformWorkloadIdentityRoleSets database.PlatformWorkloadIdentityRoleSets) + wantErr string + wantPlatformIdentities []string + }{ + { + name: "Fail - Exit the func for non MIWI clusters that has ServicePrincipalProfile", + oc: &api.OpenShiftCluster{ + Properties: api.OpenShiftClusterProperties{ + ServicePrincipalProfile: &api.ServicePrincipalProfile{ + SPObjectID: "00000000-0000-0000-0000-000000000000", + }, + }, + }, + wantErr: "PopulatePlatformWorkloadIdentityRolesByVersion called for a CSP cluster", + }, + { + name: "Fail - Exit the func for non MIWI clusters that has no PlatformWorkloadIdentityProfile or ServicePrincipalProfile", + oc: &api.OpenShiftCluster{ + Properties: api.OpenShiftClusterProperties{}, + }, + wantErr: "PopulatePlatformWorkloadIdentityRolesByVersion called for a CSP cluster", + }, + { + name: "Success - The role set document found for the cluster version", + oc: &api.OpenShiftCluster{ + Properties: api.OpenShiftClusterProperties{ + ClusterProfile: api.ClusterProfile{ + Version: "4.14.40", + }, + PlatformWorkloadIdentityProfile: &api.PlatformWorkloadIdentityProfile{}, + }, + }, + fixture: func(f *testdatabase.Fixture) { + f.AddPlatformWorkloadIdentityRoleSetDocuments(&api.PlatformWorkloadIdentityRoleSetDocument{ + PlatformWorkloadIdentityRoleSet: &api.PlatformWorkloadIdentityRoleSet{ + Name: "Dummy1", + Properties: api.PlatformWorkloadIdentityRoleSetProperties{ + OpenShiftVersion: "4.14", + PlatformWorkloadIdentityRoles: []api.PlatformWorkloadIdentityRole{}, + }, + }, + }) + }, + }, + { + name: "Success - The role set document found for the cluster and upgradeable version", + oc: &api.OpenShiftCluster{ + Properties: api.OpenShiftClusterProperties{ + ClusterProfile: api.ClusterProfile{ + Version: "4.14.40", + }, + PlatformWorkloadIdentityProfile: &api.PlatformWorkloadIdentityProfile{ + UpgradeableTo: ptr.To(api.UpgradeableTo("4.15.40")), + }, + }, + }, + fixture: func(f *testdatabase.Fixture) { + f.AddPlatformWorkloadIdentityRoleSetDocuments(&api.PlatformWorkloadIdentityRoleSetDocument{ + PlatformWorkloadIdentityRoleSet: &api.PlatformWorkloadIdentityRoleSet{ + Name: "Dummy1", + Properties: api.PlatformWorkloadIdentityRoleSetProperties{ + OpenShiftVersion: "4.14", + PlatformWorkloadIdentityRoles: []api.PlatformWorkloadIdentityRole{ + {OperatorName: "Dummy1"}, + }, + }, + }, + }, + &api.PlatformWorkloadIdentityRoleSetDocument{ + PlatformWorkloadIdentityRoleSet: &api.PlatformWorkloadIdentityRoleSet{ + Name: "Dummy2", + Properties: api.PlatformWorkloadIdentityRoleSetProperties{ + OpenShiftVersion: "4.15", + PlatformWorkloadIdentityRoles: []api.PlatformWorkloadIdentityRole{ + {OperatorName: "Dummy1"}, + }, + }, + }, + }, + ) + }, + wantPlatformIdentities: []string{"Dummy1"}, + }, + { + name: "Success - The role set document found for the cluster and upgradeable version(with new identity)", + oc: &api.OpenShiftCluster{ + Properties: api.OpenShiftClusterProperties{ + ClusterProfile: api.ClusterProfile{ + Version: "4.14.40", + }, + PlatformWorkloadIdentityProfile: &api.PlatformWorkloadIdentityProfile{ + UpgradeableTo: ptr.To(api.UpgradeableTo("4.15.40")), + }, + }, + }, + fixture: func(f *testdatabase.Fixture) { + f.AddPlatformWorkloadIdentityRoleSetDocuments(&api.PlatformWorkloadIdentityRoleSetDocument{ + PlatformWorkloadIdentityRoleSet: &api.PlatformWorkloadIdentityRoleSet{ + Name: "Dummy1", + Properties: api.PlatformWorkloadIdentityRoleSetProperties{ + OpenShiftVersion: "4.14", + PlatformWorkloadIdentityRoles: []api.PlatformWorkloadIdentityRole{ + {OperatorName: "Dummy1"}, + }, + }, + }, + }, + &api.PlatformWorkloadIdentityRoleSetDocument{ + PlatformWorkloadIdentityRoleSet: &api.PlatformWorkloadIdentityRoleSet{ + Name: "Dummy2", + Properties: api.PlatformWorkloadIdentityRoleSetProperties{ + OpenShiftVersion: "4.15", + PlatformWorkloadIdentityRoles: []api.PlatformWorkloadIdentityRole{ + {OperatorName: "Dummy2"}, + }, + }, + }, + }, + ) + }, + wantPlatformIdentities: []string{"Dummy1", "Dummy2"}, + }, + { + name: "Success - Role set document found for cluster version; UpgradeableTo version ignored because it is less than cluster version", + oc: &api.OpenShiftCluster{ + Properties: api.OpenShiftClusterProperties{ + ClusterProfile: api.ClusterProfile{ + Version: "4.14.40", + }, + PlatformWorkloadIdentityProfile: &api.PlatformWorkloadIdentityProfile{ + UpgradeableTo: ptr.To(api.UpgradeableTo("4.13.40")), + }, + }, + }, + fixture: func(f *testdatabase.Fixture) { + f.AddPlatformWorkloadIdentityRoleSetDocuments(&api.PlatformWorkloadIdentityRoleSetDocument{ + PlatformWorkloadIdentityRoleSet: &api.PlatformWorkloadIdentityRoleSet{ + Name: "Dummy1", + Properties: api.PlatformWorkloadIdentityRoleSetProperties{ + OpenShiftVersion: "4.14", + PlatformWorkloadIdentityRoles: []api.PlatformWorkloadIdentityRole{ + {OperatorName: "Dummy1"}, + }, + }, + }, + }) + }, + wantPlatformIdentities: []string{"Dummy1"}, + }, + { + name: "Success - Role set document found for cluster version; UpgradeableTo version ignored because upgradeable minor version is equal to cluster minor version", + oc: &api.OpenShiftCluster{ + Properties: api.OpenShiftClusterProperties{ + ClusterProfile: api.ClusterProfile{ + Version: "4.14.40", + }, + PlatformWorkloadIdentityProfile: &api.PlatformWorkloadIdentityProfile{ + UpgradeableTo: ptr.To(api.UpgradeableTo("4.14.60")), + }, + }, + }, + fixture: func(f *testdatabase.Fixture) { + f.AddPlatformWorkloadIdentityRoleSetDocuments(&api.PlatformWorkloadIdentityRoleSetDocument{ + PlatformWorkloadIdentityRoleSet: &api.PlatformWorkloadIdentityRoleSet{ + Name: "Dummy1", + Properties: api.PlatformWorkloadIdentityRoleSetProperties{ + OpenShiftVersion: "4.14", + PlatformWorkloadIdentityRoles: []api.PlatformWorkloadIdentityRole{ + {OperatorName: "Dummy1"}, + }, + }, + }, + }) + }, + wantPlatformIdentities: []string{"Dummy1"}, + }, + { + name: "Failed - The role set documents listAll returns empty", + oc: &api.OpenShiftCluster{ + Properties: api.OpenShiftClusterProperties{ + ClusterProfile: api.ClusterProfile{ + Version: "4.14.40", + }, + PlatformWorkloadIdentityProfile: &api.PlatformWorkloadIdentityProfile{}, + }, + }, + wantErr: "400: InvalidParameter: : No PlatformWorkloadIdentityRoleSet found for the requested or upgradeable OpenShift minor version '4.14'. Please retry with different OpenShift version, and if the issue persists, raise an Azure support ticket", + }, + { + name: "Failed - The role set documents listAll is missing the requested version", + oc: &api.OpenShiftCluster{ + Properties: api.OpenShiftClusterProperties{ + ClusterProfile: api.ClusterProfile{ + Version: "4.14.26", + }, + PlatformWorkloadIdentityProfile: &api.PlatformWorkloadIdentityProfile{}, + }, + }, + fixture: func(f *testdatabase.Fixture) { + f.AddPlatformWorkloadIdentityRoleSetDocuments(&api.PlatformWorkloadIdentityRoleSetDocument{ + PlatformWorkloadIdentityRoleSet: &api.PlatformWorkloadIdentityRoleSet{ + Name: "Dummy1", + Properties: api.PlatformWorkloadIdentityRoleSetProperties{ + OpenShiftVersion: "4.15", + PlatformWorkloadIdentityRoles: []api.PlatformWorkloadIdentityRole{}, + }, + }, + }) + }, + wantErr: "400: InvalidParameter: : No PlatformWorkloadIdentityRoleSet found for the requested or upgradeable OpenShift minor version '4.14'. Please retry with different OpenShift version, and if the issue persists, raise an Azure support ticket", + }, + { + name: "Failed - The role set documents listAll is missing the requested upgradeable version", + oc: &api.OpenShiftCluster{ + Properties: api.OpenShiftClusterProperties{ + ClusterProfile: api.ClusterProfile{ + Version: "4.14.26", + }, + PlatformWorkloadIdentityProfile: &api.PlatformWorkloadIdentityProfile{ + UpgradeableTo: ptr.To(api.UpgradeableTo("4.15.40")), + }, + }, + }, + fixture: func(f *testdatabase.Fixture) { + f.AddPlatformWorkloadIdentityRoleSetDocuments(&api.PlatformWorkloadIdentityRoleSetDocument{ + PlatformWorkloadIdentityRoleSet: &api.PlatformWorkloadIdentityRoleSet{ + Name: "Dummy1", + Properties: api.PlatformWorkloadIdentityRoleSetProperties{ + OpenShiftVersion: "4.14", + PlatformWorkloadIdentityRoles: []api.PlatformWorkloadIdentityRole{}, + }, + }, + }) + }, + wantErr: "400: InvalidParameter: : No PlatformWorkloadIdentityRoleSet found for the requested or upgradeable OpenShift minor version '4.15'. Please retry with different OpenShift version, and if the issue persists, raise an Azure support ticket", + }, + } { + ctx := context.Background() + + uuidGen := deterministicuuid.NewTestUUIDGenerator(deterministicuuid.OPENSHIFT_VERSIONS) + + dbPlatformWorkloadIdentityRoleSets, _ := testdatabase.NewFakePlatformWorkloadIdentityRoleSets(uuidGen) + + f := testdatabase.NewFixture().WithPlatformWorkloadIdentityRoleSets(dbPlatformWorkloadIdentityRoleSets, uuidGen) + + if tt.fixture != nil { + tt.fixture(f) + } + err := f.Create() + if err != nil { + t.Fatal(err) + } + + t.Run(tt.name, func(t *testing.T) { + pir := NewPlatformWorkloadIdentityRolesByVersionService() + err := pir.PopulatePlatformWorkloadIdentityRolesByVersion(ctx, tt.oc, dbPlatformWorkloadIdentityRoleSets) + utilerror.AssertErrorMessage(t, err, tt.wantErr) + + if tt.wantPlatformIdentities != nil { + platformWorkloadIdentityRolesByRoleName := pir.GetPlatformWorkloadIdentityRolesByRoleName() + for _, operatorName := range tt.wantPlatformIdentities { + _, ok := platformWorkloadIdentityRolesByRoleName[operatorName] + if !ok { + t.Fatalf("Incorrect platformWorkloadIdentityRolesByRoleName created, %s does not exist. %s", operatorName, platformWorkloadIdentityRolesByRoleName) + } + } + } + }) + } +} diff --git a/pkg/util/rbac/rbac.go b/pkg/util/rbac/rbac.go index f0face42985..2821c0a3cb0 100644 --- a/pkg/util/rbac/rbac.go +++ b/pkg/util/rbac/rbac.go @@ -12,16 +12,17 @@ import ( ) const ( - RoleACRPull = "7f951dda-4ed3-4680-a7ca-43fe172d538d" - RoleContributor = "b24988ac-6180-42a0-ab88-20f7382dd24c" - RoleDocumentDBAccountContributor = "5bd9cd88-fe45-4216-938b-f97437e15450" - RoleDocumentDBDataContributor = "00000000-0000-0000-0000-000000000002" - RoleDNSZoneContributor = "befefa01-2a29-4197-83a8-272ff33ce314" - RoleNetworkContributor = "4d97b98b-1d4f-4787-a291-c67834d212e7" - RoleOwner = "8e3af657-a8ff-443c-a75c-2fe8c4bcb635" - RoleReader = "acdd72a7-3385-48ef-bd42-f606fba81ae7" - RoleStorageBlobDataContributor = "ba92f5b4-2d11-453d-a403-e96b0029c9fe" - RoleKeyVaultSecretsOfficer = "b86a8fe4-44ce-4948-aee5-eccb2c155cd7" + RoleACRPull = "7f951dda-4ed3-4680-a7ca-43fe172d538d" + RoleContributor = "b24988ac-6180-42a0-ab88-20f7382dd24c" + RoleDocumentDBAccountContributor = "5bd9cd88-fe45-4216-938b-f97437e15450" + RoleDocumentDBDataContributor = "00000000-0000-0000-0000-000000000002" + RoleDNSZoneContributor = "befefa01-2a29-4197-83a8-272ff33ce314" + RoleNetworkContributor = "4d97b98b-1d4f-4787-a291-c67834d212e7" + RoleOwner = "8e3af657-a8ff-443c-a75c-2fe8c4bcb635" + RoleReader = "acdd72a7-3385-48ef-bd42-f606fba81ae7" + RoleStorageBlobDataContributor = "ba92f5b4-2d11-453d-a403-e96b0029c9fe" + RoleKeyVaultSecretsOfficer = "b86a8fe4-44ce-4948-aee5-eccb2c155cd7" + RoleAzureRedHatOpenShiftFederatedCredentialRole = "ef318e2a-8334-4a05-9e4a-295a196c6a6e" ) // ResourceRoleAssignment returns a Resource granting roleID on the resource of diff --git a/pkg/util/stringutils/stringutils.go b/pkg/util/stringutils/stringutils.go index 0a48c671d55..425807c77fc 100644 --- a/pkg/util/stringutils/stringutils.go +++ b/pkg/util/stringutils/stringutils.go @@ -20,3 +20,16 @@ func Contains(list []string, value string) bool { } return false } + +func GroupsIntersect(as, bs []string) (gs []string) { + for _, a := range as { + for _, b := range bs { + if a == b { + gs = append(gs, a) + break + } + } + } + + return gs +} diff --git a/pkg/util/stringutils/stringutils_test.go b/pkg/util/stringutils/stringutils_test.go index 90bcc12bdbd..cc95f84002a 100644 --- a/pkg/util/stringutils/stringutils_test.go +++ b/pkg/util/stringutils/stringutils_test.go @@ -4,6 +4,7 @@ package stringutils // Licensed under the Apache License 2.0. import ( + "reflect" "testing" ) @@ -14,3 +15,47 @@ func TestLastTokenByte(t *testing.T) { t.Errorf("want %s, got %s", want, result) } } + +func TestGroupsIntersect(t *testing.T) { + for _, tt := range []struct { + name string + as []string + bs []string + want []string + }{ + { + name: "Empty array Intersection", + as: []string{}, + bs: []string{}, + }, + { + name: "Matching array Intersection", + as: []string{"a", "b", "c"}, + bs: []string{"b", "a", "c"}, + want: []string{"a", "b", "c"}, + }, + { + name: "Partial array Intersection", + as: []string{"a", "b", "c"}, + bs: []string{"d", "e", "a"}, + want: []string{"a"}, + }, + { + name: "No array Intersection", + as: []string{"a", "b", "c"}, + bs: []string{"d", "e", "f"}, + }, + { + name: "Nil array Intersection", + as: []string{"a", "b", "c"}, + bs: nil, + }, + } { + t.Run(tt.name, func(t *testing.T) { + result := GroupsIntersect(tt.as, tt.bs) + if !reflect.DeepEqual(result, tt.want) { + t.Errorf("want %s, got %s", tt.want, result) + } + }) + } +} diff --git a/pkg/validate/dynamic/diskencryptionset.go b/pkg/validate/dynamic/diskencryptionset.go index be7fc11b918..0e01a6a474c 100644 --- a/pkg/validate/dynamic/diskencryptionset.go +++ b/pkg/validate/dynamic/diskencryptionset.go @@ -74,11 +74,14 @@ func (dv *dynamic) validateDiskEncryptionSetPermissions(ctx context.Context, des errCode = api.CloudErrorCodeInvalidServicePrincipalPermissions } - err := dv.validateActions(ctx, desr, []string{ + operatorName, err := dv.validateActions(ctx, desr, []string{ "Microsoft.Compute/diskEncryptionSets/read", }) if err == wait.ErrWaitTimeout { + if dv.authorizerType == AuthorizerWorkloadIdentity { + return api.NewCloudError(http.StatusBadRequest, api.CloudErrorCodeInvalidWorkloadIdentityPermissions, path, "The %s platform managed identity does not have required permissions on disk encryption set '%s'.", *operatorName, desr.String()) + } return api.NewCloudError(http.StatusBadRequest, errCode, path, "The %s service principal does not have Reader permission on disk encryption set '%s'.", dv.authorizerType, desr.String()) } if detailedErr, ok := err.(autorest.DetailedError); ok && diff --git a/pkg/validate/dynamic/diskencryptionset_test.go b/pkg/validate/dynamic/diskencryptionset_test.go index da208e83f4b..efeb0d12c81 100644 --- a/pkg/validate/dynamic/diskencryptionset_test.go +++ b/pkg/validate/dynamic/diskencryptionset_test.go @@ -46,11 +46,14 @@ func TestValidateDiskEncryptionSets(t *testing.T) { t.Run(string(authorizerType), func(t *testing.T) { for _, tt := range []struct { - name string - oc *api.OpenShiftCluster - actionInfos []remotepdp.ActionInfo - mocks func(*mock_compute.MockDiskEncryptionSetsClient, *mock_remotepdp.MockRemotePDPClient, *mock_azcore.MockTokenCredential, context.CancelFunc) - wantErr string + name string + oc *api.OpenShiftCluster + actionInfos []remotepdp.ActionInfo + platformIdentities []api.PlatformWorkloadIdentity + platformIdentityMap map[string][]string + mocks func(*mock_compute.MockDiskEncryptionSetsClient, *mock_remotepdp.MockRemotePDPClient, *mock_azcore.MockTokenCredential, context.CancelFunc) + wantErr string + wantFPSPErr string }{ { name: "no disk encryption set provided", @@ -79,6 +82,57 @@ func TestValidateDiskEncryptionSets(t *testing.T) { Return(mgmtcompute.DiskEncryptionSet{Location: to.StringPtr("eastus")}, nil) }, }, + { + name: "pass - MIWI Cluster", + oc: &api.OpenShiftCluster{ + Location: "eastus", + Properties: api.OpenShiftClusterProperties{ + MasterProfile: api.MasterProfile{ + DiskEncryptionSetID: fakeDesID1, + }, + WorkerProfiles: []api.WorkerProfile{{ + DiskEncryptionSetID: fakeDesID1, + }}, + }, + }, + mocks: func(diskEncryptionSets *mock_compute.MockDiskEncryptionSetsClient, pdpClient *mock_remotepdp.MockRemotePDPClient, tokenCred *mock_azcore.MockTokenCredential, cancel context.CancelFunc) { + mockTokenCredential(tokenCred) + pdpClient.EXPECT(). + CheckAccess(gomock.Any(), gomock.Any()). + Return(validDiskEncryptionAuthorizationDecision, nil) + diskEncryptionSets.EXPECT(). + Get(gomock.Any(), fakeDesR1.ResourceGroup, fakeDesR1.ResourceName). + Return(mgmtcompute.DiskEncryptionSet{Location: to.StringPtr("eastus")}, nil) + }, + platformIdentities: platformIdentities, + platformIdentityMap: map[string][]string{ + "Dummy": platformIdentity1SubnetActions, + }, + }, + { + name: "Success - MIWI Cluster - No intersecting Subnet Actions", + oc: &api.OpenShiftCluster{ + Location: "eastus", + Properties: api.OpenShiftClusterProperties{ + MasterProfile: api.MasterProfile{ + DiskEncryptionSetID: fakeDesID1, + }, + WorkerProfiles: []api.WorkerProfile{{ + DiskEncryptionSetID: fakeDesID1, + }}, + }, + }, + mocks: func(diskEncryptionSets *mock_compute.MockDiskEncryptionSetsClient, pdpClient *mock_remotepdp.MockRemotePDPClient, tokenCred *mock_azcore.MockTokenCredential, cancel context.CancelFunc) { + mockTokenCredential(tokenCred) + diskEncryptionSets.EXPECT(). + Get(gomock.Any(), fakeDesR1.ResourceGroup, fakeDesR1.ResourceName). + Return(mgmtcompute.DiskEncryptionSet{Location: to.StringPtr("eastus")}, nil) + }, + platformIdentities: platformIdentities, + platformIdentityMap: map[string][]string{ + "Dummy": platformIdentity1SubnetActionsNoIntersect, + }, + }, { name: "valid disk encryption set by enriched worker profile", oc: &api.OpenShiftCluster{ @@ -230,6 +284,34 @@ func TestValidateDiskEncryptionSets(t *testing.T) { }, wantErr: fmt.Sprintf("400: %s: properties.masterProfile.diskEncryptionSetId: The %s service principal does not have Reader permission on disk encryption set '%s'.", wantErrCode, authorizerType, fakeDesID1), }, + { + name: "Fail - MIWI Cluster - permissions don't exist on diskEncryptionSet", + oc: &api.OpenShiftCluster{ + Location: "eastus", + Properties: api.OpenShiftClusterProperties{ + MasterProfile: api.MasterProfile{ + DiskEncryptionSetID: fakeDesID1, + }, + WorkerProfiles: []api.WorkerProfile{{ + DiskEncryptionSetID: fakeDesID2, + }}, + }, + }, + mocks: func(diskEncryptionSets *mock_compute.MockDiskEncryptionSetsClient, pdpClient *mock_remotepdp.MockRemotePDPClient, tokenCred *mock_azcore.MockTokenCredential, cancel context.CancelFunc) { + mockTokenCredential(tokenCred) + pdpClient.EXPECT(). + CheckAccess(gomock.Any(), gomock.Any()). + Do(func(arg0, arg1 interface{}) { + cancel() + }) + }, + platformIdentities: platformIdentities, + platformIdentityMap: map[string][]string{ + "Dummy": platformIdentity1SubnetActions, + }, + wantErr: fmt.Sprintf("400: %s: properties.masterProfile.diskEncryptionSetId: The Dummy platform managed identity does not have required permissions on disk encryption set '%s'.", api.CloudErrorCodeInvalidWorkloadIdentityPermissions, fakeDesID1), + wantFPSPErr: fmt.Sprintf("400: %s: properties.masterProfile.diskEncryptionSetId: The %s service principal does not have Reader permission on disk encryption set '%s'.", wantErrCode, authorizerType, fakeDesID1), + }, { name: "one of the disk encryption set permissions not found", oc: &api.OpenShiftCluster{ @@ -305,6 +387,7 @@ func TestValidateDiskEncryptionSets(t *testing.T) { } dv := &dynamic{ + appID: to.StringPtr("fff51942-b1f9-4119-9453-aaa922259eb7"), azEnv: &azureclient.PublicCloud, authorizerType: authorizerType, log: logrus.NewEntry(logrus.StandardLogger()), @@ -313,6 +396,16 @@ func TestValidateDiskEncryptionSets(t *testing.T) { checkAccessSubjectInfoCred: tokenCred, } + if tt.platformIdentities != nil { + dv.platformIdentities = tt.platformIdentities + dv.platformIdentitiesActionsMap = tt.platformIdentityMap + if authorizerType == AuthorizerClusterServicePrincipal { + dv.authorizerType = AuthorizerWorkloadIdentity + } else { + tt.wantErr = tt.wantFPSPErr + } + } + err := dv.ValidateDiskEncryptionSets(ctx, tt.oc) utilerror.AssertErrorMessage(t, err, tt.wantErr) }) diff --git a/pkg/validate/dynamic/dynamic.go b/pkg/validate/dynamic/dynamic.go index 3a9e343efeb..fb5f2069cdb 100644 --- a/pkg/validate/dynamic/dynamic.go +++ b/pkg/validate/dynamic/dynamic.go @@ -25,8 +25,10 @@ import ( "github.com/Azure/ARO-RP/pkg/env" "github.com/Azure/ARO-RP/pkg/util/azureclient" "github.com/Azure/ARO-RP/pkg/util/azureclient/authz/remotepdp" + "github.com/Azure/ARO-RP/pkg/util/azureclient/azuresdk/armauthorization" "github.com/Azure/ARO-RP/pkg/util/azureclient/mgmt/compute" "github.com/Azure/ARO-RP/pkg/util/azureclient/mgmt/network" + "github.com/Azure/ARO-RP/pkg/util/stringutils" "github.com/Azure/ARO-RP/pkg/util/token" ) @@ -36,14 +38,18 @@ var ( errMsgNSGNotAttached = "The provided subnet '%s' is invalid: must have a network security group attached." errMsgNSGNotProperlyAttached = "When the enable-preconfigured-nsg option is specified, both the master and worker subnets should have network security groups (NSG) attached to them before starting the cluster installation." errMsgSPHasNoRequiredPermissionsOnNSG = "The %s service principal (Application ID: %s) does not have Network Contributor role on network security group '%s'. This is required when the enable-preconfigured-nsg option is specified." + errMsgWIHasNoRequiredPermissionsOnNSG = "The %s platform managed identity does not have required permissions on network security group '%s'. This is required when the enable-preconfigured-nsg option is specified." errMsgSubnetNotFound = "The provided subnet '%s' could not be found." errMsgSubnetNotInSucceededState = "The provided subnet '%s' is not in a Succeeded state" errMsgSubnetInvalidSize = "The provided subnet '%s' is invalid: must be /27 or larger." errMsgSPHasNoRequiredPermissionsOnVNet = "The %s service principal (Application ID: %s) does not have Network Contributor role on vnet '%s'." + errMsgWIHasNoRequiredPermissionsOnVNet = "The %s platform managed identity does not have required permissions on vnet '%s'." errMsgVnetNotFound = "The vnet '%s' could not be found." errMsgSPHasNoRequiredPermissionsOnRT = "The %s service principal does not have Network Contributor role on route table '%s'." + errMsgWIHasNoRequiredPermissionsOnRT = "The %s platform managed identity does not have required permissions on route table '%s'." errMsgRTNotFound = "The route table '%s' could not be found." errMsgSPHasNoRequiredPermissionsOnNatGW = "The %s service principal does not have Network Contributor role on nat gateway '%s'." + errMsgWIHasNoRequiredPermissionsOnNatGW = "The %s platform managed identity does not have required permissions on nat gateway '%s'." errMsgNatGWNotFound = "The nat gateway '%s' could not be found." errMsgCIDROverlaps = "The provided CIDRs must not overlap: '%s'." errMsgInvalidVNetLocation = "The vnet location '%s' must match the cluster location '%s'." @@ -73,21 +79,23 @@ type Dynamic interface { ValidateEncryptionAtHost(ctx context.Context, oc *api.OpenShiftCluster) error ValidateLoadBalancerProfile(ctx context.Context, oc *api.OpenShiftCluster) error ValidatePreConfiguredNSGs(ctx context.Context, oc *api.OpenShiftCluster, subnets []Subnet) error + ValidatePlatformWorkloadIdentityProfile(ctx context.Context, oc *api.OpenShiftCluster, platformWorkloadIdentityRolesByRoleName map[string]api.PlatformWorkloadIdentityRole, roleDefinitions armauthorization.RoleDefinitionsClient) error } type dynamic struct { log *logrus.Entry - appID string // for use when reporting an error + appID *string // for use when reporting an error authorizerType AuthorizerType // This represents the Subject for CheckAccess. Could be either FP or SP. - checkAccessSubjectInfoCred azcore.TokenCredential - env env.Interface - azEnv *azureclient.AROEnvironment + checkAccessSubjectInfoCred azcore.TokenCredential + env env.Interface + azEnv *azureclient.AROEnvironment + platformIdentities []api.PlatformWorkloadIdentity + platformIdentitiesActionsMap map[string][]string virtualNetworks virtualNetworksGetClient diskEncryptionSets compute.DiskEncryptionSetsClient resourceSkusClient compute.ResourceSkusClient - spComputeUsage compute.UsageClient spNetworkUsage network.UsageClient loadBalancerBackendAddressPoolsClient network.LoadBalancerBackendAddressPoolsClient pdpClient remotepdp.RemotePDPClient @@ -98,6 +106,7 @@ type AuthorizerType string const ( AuthorizerFirstParty AuthorizerType = "resource provider" AuthorizerClusterServicePrincipal AuthorizerType = "cluster" + AuthorizerWorkloadIdentity AuthorizerType = "workload identity" ) func NewValidator( @@ -106,7 +115,7 @@ func NewValidator( azEnv *azureclient.AROEnvironment, subscriptionID string, authorizer autorest.Authorizer, - appID string, + appID *string, authorizerType AuthorizerType, cred azcore.TokenCredential, pdpClient remotepdp.RemotePDPClient, @@ -119,7 +128,6 @@ func NewValidator( azEnv: azEnv, checkAccessSubjectInfoCred: cred, - spComputeUsage: compute.NewUsageClient(azEnv, subscriptionID, authorizer), spNetworkUsage: network.NewUsageClient(azEnv, subscriptionID, authorizer), virtualNetworks: newVirtualNetworksCache( network.NewVirtualNetworksClient(azEnv, subscriptionID, authorizer), @@ -212,7 +220,7 @@ func (dv *dynamic) validateVnetPermissions(ctx context.Context, vnet azure.Resou errCode = api.CloudErrorCodeInvalidServicePrincipalPermissions } - err := dv.validateActions(ctx, &vnet, []string{ + operatorName, err := dv.validateActions(ctx, &vnet, []string{ "Microsoft.Network/virtualNetworks/join/action", "Microsoft.Network/virtualNetworks/read", "Microsoft.Network/virtualNetworks/write", @@ -221,15 +229,29 @@ func (dv *dynamic) validateVnetPermissions(ctx context.Context, vnet azure.Resou "Microsoft.Network/virtualNetworks/subnets/write", }) - noPermissionsErr := api.NewCloudError( - http.StatusBadRequest, - errCode, - "", - errMsgSPHasNoRequiredPermissionsOnVNet, - dv.authorizerType, - dv.appID, - vnet.String(), - ) + var noPermissionsErr *api.CloudError + if err != nil { + if dv.authorizerType == AuthorizerWorkloadIdentity { + noPermissionsErr = api.NewCloudError( + http.StatusBadRequest, + api.CloudErrorCodeInvalidWorkloadIdentityPermissions, + "", + errMsgWIHasNoRequiredPermissionsOnVNet, + *operatorName, + vnet.String(), + ) + } else { + noPermissionsErr = api.NewCloudError( + http.StatusBadRequest, + errCode, + "", + errMsgSPHasNoRequiredPermissionsOnVNet, + dv.authorizerType, + *dv.appID, + vnet.String(), + ) + } + } if err == wait.ErrWaitTimeout { return noPermissionsErr @@ -292,12 +314,22 @@ func (dv *dynamic) validateRouteTablePermissions(ctx context.Context, s Subnet) errCode = api.CloudErrorCodeInvalidServicePrincipalPermissions } - err = dv.validateActions(ctx, &rtr, []string{ + operatorName, err := dv.validateActions(ctx, &rtr, []string{ "Microsoft.Network/routeTables/join/action", "Microsoft.Network/routeTables/read", "Microsoft.Network/routeTables/write", }) if err == wait.ErrWaitTimeout { + if dv.authorizerType == AuthorizerWorkloadIdentity { + return api.NewCloudError( + http.StatusBadRequest, + api.CloudErrorCodeInvalidWorkloadIdentityPermissions, + "", + errMsgWIHasNoRequiredPermissionsOnRT, + *operatorName, + rtID, + ) + } return api.NewCloudError( http.StatusBadRequest, errCode, @@ -358,12 +390,22 @@ func (dv *dynamic) validateNatGatewayPermissions(ctx context.Context, s Subnet) errCode = api.CloudErrorCodeInvalidServicePrincipalPermissions } - err = dv.validateActions(ctx, &ngr, []string{ + operatorName, err := dv.validateActions(ctx, &ngr, []string{ "Microsoft.Network/natGateways/join/action", "Microsoft.Network/natGateways/read", "Microsoft.Network/natGateways/write", }) if err == wait.ErrWaitTimeout { + if dv.authorizerType == AuthorizerWorkloadIdentity { + return api.NewCloudError( + http.StatusBadRequest, + api.CloudErrorCodeInvalidWorkloadIdentityPermissions, + "", + errMsgWIHasNoRequiredPermissionsOnNatGW, + *operatorName, + ngID, + ) + } return api.NewCloudError( http.StatusBadRequest, errCode, @@ -386,12 +428,13 @@ func (dv *dynamic) validateNatGatewayPermissions(ctx context.Context, s Subnet) return err } -func (dv *dynamic) validateActions(ctx context.Context, r *azure.Resource, actions []string) error { +// validateActionsByOID creates a closure with oid(nil in case of Non-MIWI) to call usingCheckAccessV2 for checking SP/MI has actions allowed on a resource +func (dv *dynamic) validateActionsByOID(ctx context.Context, r *azure.Resource, actions []string, oid *string) error { // ARM has a 5 minute cache around role assignment creation, so wait one minute longer timeoutCtx, cancel := context.WithTimeout(ctx, 6*time.Minute) defer cancel() - c := closure{dv: dv, ctx: ctx, resource: r, actions: actions} + c := closure{dv: dv, ctx: ctx, resource: r, actions: actions, oid: oid} return wait.PollImmediateUntil(30*time.Second, c.usingCheckAccessV2, timeoutCtx.Done()) } @@ -438,21 +481,22 @@ func (c closure) usingCheckAccessV2() (bool, error) { return false, nil } + actionsToFind := map[string]struct{}{} for _, action := range c.actions { - found := false - for _, result := range results.Value { - if result.ActionId == action { - found = true - if result.AccessDecision == remotepdp.Allowed { - break - } + actionsToFind[action] = struct{}{} + } + for _, result := range results.Value { + _, ok := actionsToFind[result.ActionId] + if ok { + delete(actionsToFind, result.ActionId) + if result.AccessDecision != remotepdp.Allowed { return false, nil } } - if !found { - c.dv.log.Infof("The result didn't include permission %s", action) - return false, nil - } + } + if len(actionsToFind) > 0 { + c.dv.log.Infof("The result didn't include permissions %v for object ID: %s", actionsToFind, *c.oid) + return false, nil } return true, nil @@ -781,13 +825,32 @@ func (dv *dynamic) ValidatePreConfiguredNSGs(ctx context.Context, oc *api.OpenSh return nil } +// validateActions calls validateActionsByOID with object ID in case of MIWI cluster otherwise without object ID +func (dv *dynamic) validateActions(ctx context.Context, r *azure.Resource, actions []string) (*string, error) { + if dv.platformIdentities != nil { + for _, platformIdentity := range dv.platformIdentities { + actionsToValidate := stringutils.GroupsIntersect(actions, dv.platformIdentitiesActionsMap[platformIdentity.OperatorName]) + if len(actionsToValidate) > 0 { + if err := dv.validateActionsByOID(ctx, r, actionsToValidate, &platformIdentity.ObjectID); err != nil { + return &platformIdentity.OperatorName, err + } + } + } + } else { + if err := dv.validateActionsByOID(ctx, r, actions, nil); err != nil { + return nil, err + } + } + return nil, nil +} + func (dv *dynamic) validateNSGPermissions(ctx context.Context, nsgID string) error { nsg, err := azure.ParseResourceID(nsgID) if err != nil { return err } - err = dv.validateActions(ctx, &nsg, []string{ + operatorName, err := dv.validateActions(ctx, &nsg, []string{ "Microsoft.Network/networkSecurityGroups/join/action", }) @@ -795,6 +858,15 @@ func (dv *dynamic) validateNSGPermissions(ctx context.Context, nsgID string) err errCode := api.CloudErrorCodeInvalidResourceProviderPermissions if dv.authorizerType == AuthorizerClusterServicePrincipal { errCode = api.CloudErrorCodeInvalidServicePrincipalPermissions + } else if dv.authorizerType == AuthorizerWorkloadIdentity { + return api.NewCloudError( + http.StatusBadRequest, + api.CloudErrorCodeInvalidWorkloadIdentityPermissions, + "", + errMsgWIHasNoRequiredPermissionsOnNSG, + *operatorName, + nsgID, + ) } return api.NewCloudError( http.StatusBadRequest, @@ -802,7 +874,7 @@ func (dv *dynamic) validateNSGPermissions(ctx context.Context, nsgID string) err "", errMsgSPHasNoRequiredPermissionsOnNSG, dv.authorizerType, - dv.appID, + *dv.appID, nsgID, ) } diff --git a/pkg/validate/dynamic/dynamic_test.go b/pkg/validate/dynamic/dynamic_test.go index 540b9a2645c..0e898b98d3b 100644 --- a/pkg/validate/dynamic/dynamic_test.go +++ b/pkg/validate/dynamic/dynamic_test.go @@ -23,6 +23,7 @@ import ( mock_remotepdp "github.com/Azure/ARO-RP/pkg/util/mocks/azureclient/authz/remotepdp" mock_azcore "github.com/Azure/ARO-RP/pkg/util/mocks/azureclient/azuresdk/azcore" mock_network "github.com/Azure/ARO-RP/pkg/util/mocks/azureclient/mgmt/network" + "github.com/Azure/ARO-RP/pkg/util/uuid" utilerror "github.com/Azure/ARO-RP/test/util/error" ) @@ -42,6 +43,9 @@ var ( workerNgID = resourceGroupID + "/providers/Microsoft.Network/natGateways/workerNg" masterNSGv1 = resourceGroupID + "/providers/Microsoft.Network/networkSecurityGroups/aro-controlplane-nsg" workerNSGv1 = resourceGroupID + "/providers/Microsoft.Network/networkSecurityGroups/aro-node-nsg" + platformIdentity1 = resourceGroupID + "/providers/Microsoft.ManagedIdentity/userAssignedIdentities/miwi-platform-identity" + dummyClientId = uuid.DefaultGenerator.Generate() + dummyObjectId = uuid.DefaultGenerator.Generate() ) func TestGetRouteTableID(t *testing.T) { @@ -601,6 +605,24 @@ var mockAccessToken = azcore.AccessToken{ } var ( + platformIdentity1SubnetActions = []string{ + "Microsoft.Network/virtualNetworks/read", + "Microsoft.Network/routeTables/write", + "Microsoft.Network/natGateways/read", + "Microsoft.Network/networkSecurityGroups/join/action", + "Microsoft.Compute/diskEncryptionSets/read", + } + platformIdentity1SubnetActionsNoIntersect = []string{ + "Microsoft.Network/virtualNetworks/nointersect/nointersect", + } + platformIdentities = []api.PlatformWorkloadIdentity{ + { + OperatorName: "Dummy", + ResourceID: platformIdentity1, + ClientID: dummyClientId, + ObjectID: dummyObjectId, + }, + } validSubnetsAuthorizationDecisions = remotepdp.AuthorizationDecisionResponse{ Value: []remotepdp.AuthorizationDecision{ { @@ -697,9 +719,11 @@ func TestValidateVnetPermissions(t *testing.T) { ctx := context.Background() for _, tt := range []struct { - name string - mocks func(*mock_azcore.MockTokenCredential, *mock_remotepdp.MockRemotePDPClient, context.CancelFunc) - wantErr string + name string + platformIdentities []api.PlatformWorkloadIdentity + platformIdentityMap map[string][]string + mocks func(*mock_azcore.MockTokenCredential, *mock_remotepdp.MockRemotePDPClient, context.CancelFunc) + wantErr string }{ { name: "pass", @@ -710,6 +734,29 @@ func TestValidateVnetPermissions(t *testing.T) { Return(&validSubnetsAuthorizationDecisions, nil) }, }, + { + name: "pass - MIWI Cluster", + platformIdentities: platformIdentities, + platformIdentityMap: map[string][]string{ + "Dummy": platformIdentity1SubnetActions, + }, + mocks: func(tokenCred *mock_azcore.MockTokenCredential, pdpClient *mock_remotepdp.MockRemotePDPClient, _ context.CancelFunc) { + mockTokenCredential(tokenCred) + pdpClient.EXPECT(). + CheckAccess(gomock.Any(), gomock.Any()). + Return(&validSubnetsAuthorizationDecisions, nil) + }, + }, + { + name: "Success - MIWI Cluster - No intersecting Subnet Actions", + platformIdentities: platformIdentities, + platformIdentityMap: map[string][]string{ + "Dummy": platformIdentity1SubnetActionsNoIntersect, + }, + mocks: func(tokenCred *mock_azcore.MockTokenCredential, pdpClient *mock_remotepdp.MockRemotePDPClient, _ context.CancelFunc) { + mockTokenCredential(tokenCred) + }, + }, { name: "fail: missing permissions", mocks: func(tokenCred *mock_azcore.MockTokenCredential, pdpClient *mock_remotepdp.MockRemotePDPClient, cancel context.CancelFunc) { @@ -723,6 +770,23 @@ func TestValidateVnetPermissions(t *testing.T) { }, wantErr: "400: InvalidServicePrincipalPermissions: : The cluster service principal (Application ID: fff51942-b1f9-4119-9453-aaa922259eb7) does not have Network Contributor role on vnet '" + vnetID + "'.", }, + { + name: "Fail - MIWI Cluster - missing permissions", + platformIdentities: platformIdentities, + platformIdentityMap: map[string][]string{ + "Dummy": platformIdentity1SubnetActions, + }, + mocks: func(tokenCred *mock_azcore.MockTokenCredential, pdpClient *mock_remotepdp.MockRemotePDPClient, cancel context.CancelFunc) { + mockTokenCredential(tokenCred) + pdpClient.EXPECT(). + CheckAccess(gomock.Any(), gomock.Any()). + Do(func(arg0, arg1 interface{}) { + cancel() + }). + Return(&invalidSubnetsAuthorizationDecisionsReadNotAllowed, nil) + }, + wantErr: "400: InvalidWorkloadIdentityPermissions: : The Dummy platform managed identity does not have required permissions on vnet '/subscriptions/0000000-0000-0000-0000-000000000000/resourceGroups/testGroup/providers/Microsoft.Network/virtualNetworks/testVnet'.", + }, { name: "fail: CheckAccess Return less entries than requested", mocks: func(tokenCred *mock_azcore.MockTokenCredential, pdpClient *mock_remotepdp.MockRemotePDPClient, cancel context.CancelFunc) { @@ -785,13 +849,19 @@ func TestValidateVnetPermissions(t *testing.T) { dv := &dynamic{ azEnv: &azureclient.PublicCloud, - appID: "fff51942-b1f9-4119-9453-aaa922259eb7", + appID: to.StringPtr("fff51942-b1f9-4119-9453-aaa922259eb7"), authorizerType: AuthorizerClusterServicePrincipal, log: logrus.NewEntry(logrus.StandardLogger()), pdpClient: pdpClient, checkAccessSubjectInfoCred: tokenCred, } + if tt.platformIdentities != nil { + dv.platformIdentities = tt.platformIdentities + dv.platformIdentitiesActionsMap = tt.platformIdentityMap + dv.authorizerType = AuthorizerWorkloadIdentity + } + vnetr, err := azure.ParseResourceID(vnetID) if err != nil { t.Fatal(err) @@ -855,11 +925,13 @@ func TestValidateRouteTablesPermissions(t *testing.T) { ctx := context.Background() for _, tt := range []struct { - name string - subnet Subnet - pdpClientMocks func(*mock_azcore.MockTokenCredential, *mock_remotepdp.MockRemotePDPClient, context.CancelFunc) - vnetMocks func(*mock_network.MockVirtualNetworksClient, mgmtnetwork.VirtualNetwork) - wantErr string + name string + subnet Subnet + platformIdentities []api.PlatformWorkloadIdentity + platformIdentityMap map[string][]string + pdpClientMocks func(*mock_azcore.MockTokenCredential, *mock_remotepdp.MockRemotePDPClient, context.CancelFunc) + vnetMocks func(*mock_network.MockVirtualNetworksClient, mgmtnetwork.VirtualNetwork) + wantErr string }{ { name: "fail: failed to get vnet", @@ -923,6 +995,29 @@ func TestValidateRouteTablesPermissions(t *testing.T) { }, wantErr: "400: InvalidServicePrincipalPermissions: : The cluster service principal does not have Network Contributor role on route table '" + workerRtID + "'.", }, + { + name: "Fail - MIWI Cluster - permissions don't exist", + subnet: Subnet{ID: workerSubnet}, + platformIdentities: platformIdentities, + platformIdentityMap: map[string][]string{ + "Dummy": platformIdentity1SubnetActions, + }, + vnetMocks: func(vnetClient *mock_network.MockVirtualNetworksClient, vnet mgmtnetwork.VirtualNetwork) { + vnetClient.EXPECT(). + Get(gomock.Any(), resourceGroupName, vnetName, ""). + Return(vnet, nil) + }, + pdpClientMocks: func(tokenCred *mock_azcore.MockTokenCredential, pdpClient *mock_remotepdp.MockRemotePDPClient, cancel context.CancelFunc) { + mockTokenCredential(tokenCred) + pdpClient.EXPECT(). + CheckAccess(gomock.Any(), gomock.Any()). + Do(func(arg0, arg1 interface{}) { + cancel() + }). + Return(&invalidRouteTablesAuthorizationDecisionsWriteNotAllowed, nil) + }, + wantErr: "400: InvalidWorkloadIdentityPermissions: : The Dummy platform managed identity does not have required permissions on route table '" + workerRtID + "'.", + }, { name: "fail: CheckAccessV2 doesn't return all the entries", subnet: Subnet{ID: workerSubnet}, @@ -957,6 +1052,41 @@ func TestValidateRouteTablesPermissions(t *testing.T) { Return(&validRouteTablesAuthorizationDecisions, nil) }, }, + { + name: "pass - MIWI Cluster", + subnet: Subnet{ID: workerSubnet}, + platformIdentities: platformIdentities, + platformIdentityMap: map[string][]string{ + "Dummy": platformIdentity1SubnetActions, + }, + vnetMocks: func(vnetClient *mock_network.MockVirtualNetworksClient, vnet mgmtnetwork.VirtualNetwork) { + vnetClient.EXPECT(). + Get(gomock.Any(), resourceGroupName, vnetName, ""). + Return(vnet, nil) + }, + pdpClientMocks: func(tokenCred *mock_azcore.MockTokenCredential, pdpClient *mock_remotepdp.MockRemotePDPClient, cancel context.CancelFunc) { + mockTokenCredential(tokenCred) + pdpClient.EXPECT(). + CheckAccess(gomock.Any(), gomock.Any()). + Return(&validRouteTablesAuthorizationDecisions, nil) + }, + }, + { + name: "Success - MIWI Cluster - No intersecting Subnet Actions", + subnet: Subnet{ID: workerSubnet}, + platformIdentities: platformIdentities, + platformIdentityMap: map[string][]string{ + "Dummy": platformIdentity1SubnetActionsNoIntersect, + }, + vnetMocks: func(vnetClient *mock_network.MockVirtualNetworksClient, vnet mgmtnetwork.VirtualNetwork) { + vnetClient.EXPECT(). + Get(gomock.Any(), resourceGroupName, vnetName, ""). + Return(vnet, nil) + }, + pdpClientMocks: func(tokenCred *mock_azcore.MockTokenCredential, pdpClient *mock_remotepdp.MockRemotePDPClient, cancel context.CancelFunc) { + mockTokenCredential(tokenCred) + }, + }, } { t.Run(tt.name, func(t *testing.T) { controller := gomock.NewController(t) @@ -996,6 +1126,7 @@ func TestValidateRouteTablesPermissions(t *testing.T) { } dv := &dynamic{ + appID: to.StringPtr("fff51942-b1f9-4119-9453-aaa922259eb7"), azEnv: &azureclient.PublicCloud, authorizerType: AuthorizerClusterServicePrincipal, log: logrus.NewEntry(logrus.StandardLogger()), @@ -1012,6 +1143,12 @@ func TestValidateRouteTablesPermissions(t *testing.T) { tt.vnetMocks(vnetClient, *vnet) } + if tt.platformIdentities != nil { + dv.platformIdentities = tt.platformIdentities + dv.platformIdentitiesActionsMap = tt.platformIdentityMap + dv.authorizerType = AuthorizerWorkloadIdentity + } + err := dv.validateRouteTablePermissions(ctx, tt.subnet) utilerror.AssertErrorMessage(t, err, tt.wantErr) }) @@ -1070,11 +1207,13 @@ func TestValidateNatGatewaysPermissions(t *testing.T) { ctx := context.Background() for _, tt := range []struct { - name string - subnet Subnet - pdpClientMocks func(*mock_azcore.MockTokenCredential, *mock_remotepdp.MockRemotePDPClient, context.CancelFunc) - vnetMocks func(*mock_network.MockVirtualNetworksClient, mgmtnetwork.VirtualNetwork) - wantErr string + name string + subnet Subnet + platformIdentities []api.PlatformWorkloadIdentity + platformIdentityMap map[string][]string + pdpClientMocks func(*mock_azcore.MockTokenCredential, *mock_remotepdp.MockRemotePDPClient, context.CancelFunc) + vnetMocks func(*mock_network.MockVirtualNetworksClient, mgmtnetwork.VirtualNetwork) + wantErr string }{ { name: "fail: failed to get vnet", @@ -1128,6 +1267,30 @@ func TestValidateNatGatewaysPermissions(t *testing.T) { }, wantErr: "400: InvalidServicePrincipalPermissions: : The cluster service principal does not have Network Contributor role on nat gateway '" + workerNgID + "'.", }, + { + name: "Fail - MIWI Cluster - permissions don't exist", + subnet: Subnet{ID: workerSubnet}, + platformIdentities: platformIdentities, + platformIdentityMap: map[string][]string{ + "Dummy": platformIdentity1SubnetActions, + }, + vnetMocks: func(vnetClient *mock_network.MockVirtualNetworksClient, vnet mgmtnetwork.VirtualNetwork) { + vnetClient.EXPECT(). + Get(gomock.Any(), resourceGroupName, vnetName, ""). + Return(vnet, nil) + }, + pdpClientMocks: func(tokenCred *mock_azcore.MockTokenCredential, pdpClient *mock_remotepdp.MockRemotePDPClient, cancel context.CancelFunc) { + mockTokenCredential(tokenCred) + pdpClient. + EXPECT(). + CheckAccess(gomock.Any(), gomock.Any()). + Do(func(arg0, arg1 interface{}) { + cancel() + }). + Return(&invalidNatGWAuthorizationDecisionsReadNotAllowed, nil) + }, + wantErr: "400: InvalidWorkloadIdentityPermissions: : The Dummy platform managed identity does not have required permissions on nat gateway '" + workerNgID + "'.", + }, { name: "fail: CheckAccessV2 doesn't return all permissions", subnet: Subnet{ID: workerSubnet}, @@ -1163,6 +1326,41 @@ func TestValidateNatGatewaysPermissions(t *testing.T) { Return(&validNatGWAuthorizationDecision, nil) }, }, + { + name: "pass - MIWI Cluster", + subnet: Subnet{ID: workerSubnet}, + platformIdentities: platformIdentities, + platformIdentityMap: map[string][]string{ + "Dummy": platformIdentity1SubnetActions, + }, + vnetMocks: func(vnetClient *mock_network.MockVirtualNetworksClient, vnet mgmtnetwork.VirtualNetwork) { + vnetClient.EXPECT(). + Get(gomock.Any(), resourceGroupName, vnetName, ""). + Return(vnet, nil) + }, + pdpClientMocks: func(tokenCred *mock_azcore.MockTokenCredential, pdpClient *mock_remotepdp.MockRemotePDPClient, cancel context.CancelFunc) { + mockTokenCredential(tokenCred) + pdpClient.EXPECT(). + CheckAccess(gomock.Any(), gomock.Any()). + Return(&validNatGWAuthorizationDecision, nil) + }, + }, + { + name: "Success - MIWI Cluster - No intersecting Subnet Actions", + subnet: Subnet{ID: workerSubnet}, + platformIdentities: platformIdentities, + platformIdentityMap: map[string][]string{ + "Dummy": platformIdentity1SubnetActionsNoIntersect, + }, + vnetMocks: func(vnetClient *mock_network.MockVirtualNetworksClient, vnet mgmtnetwork.VirtualNetwork) { + vnetClient.EXPECT(). + Get(gomock.Any(), resourceGroupName, vnetName, ""). + Return(vnet, nil) + }, + pdpClientMocks: func(tokenCred *mock_azcore.MockTokenCredential, pdpClient *mock_remotepdp.MockRemotePDPClient, cancel context.CancelFunc) { + mockTokenCredential(tokenCred) + }, + }, { name: "pass: no nat gateway to check", subnet: Subnet{ID: masterSubnet}, @@ -1213,6 +1411,7 @@ func TestValidateNatGatewaysPermissions(t *testing.T) { } dv := &dynamic{ + appID: to.StringPtr("fff51942-b1f9-4119-9453-aaa922259eb7"), azEnv: &azureclient.PublicCloud, authorizerType: AuthorizerClusterServicePrincipal, log: logrus.NewEntry(logrus.StandardLogger()), @@ -1229,6 +1428,12 @@ func TestValidateNatGatewaysPermissions(t *testing.T) { tt.vnetMocks(vnetClient, *vnet) } + if tt.platformIdentities != nil { + dv.platformIdentities = tt.platformIdentities + dv.platformIdentitiesActionsMap = tt.platformIdentityMap + dv.authorizerType = AuthorizerWorkloadIdentity + } + err := dv.validateNatGatewayPermissions(ctx, tt.subnet) utilerror.AssertErrorMessage(t, err, tt.wantErr) }) @@ -1308,11 +1513,13 @@ var ( func TestValidatePreconfiguredNSGPermissions(t *testing.T) { ctx := context.Background() for _, tt := range []struct { - name string - modifyOC func(*api.OpenShiftCluster) - checkAccessMocks func(context.CancelFunc, *mock_remotepdp.MockRemotePDPClient, *mock_azcore.MockTokenCredential) - vnetMocks func(*mock_network.MockVirtualNetworksClient, mgmtnetwork.VirtualNetwork) - wantErr string + name string + modifyOC func(*api.OpenShiftCluster) + platformIdentities []api.PlatformWorkloadIdentity + platformIdentityMap map[string][]string + checkAccessMocks func(context.CancelFunc, *mock_remotepdp.MockRemotePDPClient, *mock_azcore.MockTokenCredential) + vnetMocks func(*mock_network.MockVirtualNetworksClient, mgmtnetwork.VirtualNetwork) + wantErr string }{ { name: "pass: skip when preconfiguredNSG is not enabled", @@ -1348,6 +1555,38 @@ func TestValidatePreconfiguredNSGPermissions(t *testing.T) { }, wantErr: "400: InvalidServicePrincipalPermissions: : The cluster service principal (Application ID: fff51942-b1f9-4119-9453-aaa922259eb7) does not have Network Contributor role on network security group '/subscriptions/0000000-0000-0000-0000-000000000000/resourceGroups/testGroup/providers/Microsoft.Network/networkSecurityGroups/aro-node-nsg'. This is required when the enable-preconfigured-nsg option is specified.", }, + { + name: "Fail - MIWI Cluster - permissions don't exist on all nsg", + modifyOC: func(oc *api.OpenShiftCluster) { + oc.Properties.NetworkProfile.PreconfiguredNSG = api.PreconfiguredNSGEnabled + }, + vnetMocks: func(vnetClient *mock_network.MockVirtualNetworksClient, vnet mgmtnetwork.VirtualNetwork) { + vnetClient.EXPECT(). + Get(gomock.Any(), resourceGroupName, vnetName, ""). + AnyTimes(). + Return(vnet, nil) + }, + checkAccessMocks: func(cancel context.CancelFunc, pdpClient *mock_remotepdp.MockRemotePDPClient, tokenCred *mock_azcore.MockTokenCredential) { + mockTokenCredential(tokenCred) + pdpClient.EXPECT().CheckAccess(gomock.Any(), gomock.Any()). + DoAndReturn(func(_ context.Context, authReq remotepdp.AuthorizationRequest) (*remotepdp.AuthorizationDecisionResponse, error) { + cancel() // wait.PollImmediateUntil will always be invoked at least once + switch authReq.Resource.Id { + case masterNSGv1: + return &canJoinNSG, nil + case workerNSGv1: + return &cannotJoinNSG, nil + } + return &cannotJoinNSG, nil + }, + ).AnyTimes() + }, + platformIdentities: platformIdentities, + platformIdentityMap: map[string][]string{ + "Dummy": platformIdentity1SubnetActions, + }, + wantErr: "400: InvalidWorkloadIdentityPermissions: : The Dummy platform managed identity does not have required permissions on network security group '/subscriptions/0000000-0000-0000-0000-000000000000/resourceGroups/testGroup/providers/Microsoft.Network/networkSecurityGroups/aro-node-nsg'. This is required when the enable-preconfigured-nsg option is specified.", + }, { name: "pass: sp has the required permission on the NSG", modifyOC: func(oc *api.OpenShiftCluster) { @@ -1369,6 +1608,56 @@ func TestValidatePreconfiguredNSGPermissions(t *testing.T) { AnyTimes() }, }, + { + name: "pass - MIWI Cluster", + modifyOC: func(oc *api.OpenShiftCluster) { + oc.Properties.NetworkProfile.PreconfiguredNSG = api.PreconfiguredNSGEnabled + }, + vnetMocks: func(vnetClient *mock_network.MockVirtualNetworksClient, vnet mgmtnetwork.VirtualNetwork) { + vnetClient.EXPECT(). + Get(gomock.Any(), resourceGroupName, vnetName, ""). + AnyTimes(). + Return(vnet, nil) + }, + checkAccessMocks: func(cancel context.CancelFunc, pdpClient *mock_remotepdp.MockRemotePDPClient, tokenCred *mock_azcore.MockTokenCredential) { + mockTokenCredential(tokenCred) + pdpClient.EXPECT().CheckAccess(gomock.Any(), gomock.Any()). + Do(func(_, _ interface{}) { + cancel() + }). + Return(&canJoinNSG, nil). + AnyTimes() + }, + platformIdentities: platformIdentities, + platformIdentityMap: map[string][]string{ + "Dummy": platformIdentity1SubnetActions, + }, + }, + { + name: "Success - MIWI Cluster - No intersecting Subnet Actions", + modifyOC: func(oc *api.OpenShiftCluster) { + oc.Properties.NetworkProfile.PreconfiguredNSG = api.PreconfiguredNSGEnabled + }, + vnetMocks: func(vnetClient *mock_network.MockVirtualNetworksClient, vnet mgmtnetwork.VirtualNetwork) { + vnetClient.EXPECT(). + Get(gomock.Any(), resourceGroupName, vnetName, ""). + AnyTimes(). + Return(vnet, nil) + }, + checkAccessMocks: func(cancel context.CancelFunc, pdpClient *mock_remotepdp.MockRemotePDPClient, tokenCred *mock_azcore.MockTokenCredential) { + mockTokenCredential(tokenCred) + pdpClient.EXPECT().CheckAccess(gomock.Any(), gomock.Any()). + Do(func(_, _ interface{}) { + cancel() + }). + Return(&canJoinNSG, nil). + AnyTimes() + }, + platformIdentities: platformIdentities, + platformIdentityMap: map[string][]string{ + "Dummy": platformIdentity1SubnetActionsNoIntersect, + }, + }, } { t.Run(tt.name, func(t *testing.T) { controller := gomock.NewController(t) @@ -1431,7 +1720,7 @@ func TestValidatePreconfiguredNSGPermissions(t *testing.T) { dv := &dynamic{ azEnv: &azureclient.PublicCloud, - appID: "fff51942-b1f9-4119-9453-aaa922259eb7", + appID: to.StringPtr("fff51942-b1f9-4119-9453-aaa922259eb7"), authorizerType: AuthorizerClusterServicePrincipal, virtualNetworks: vnetClient, pdpClient: pdpClient, @@ -1448,6 +1737,12 @@ func TestValidatePreconfiguredNSGPermissions(t *testing.T) { }, } + if tt.platformIdentities != nil { + dv.platformIdentities = tt.platformIdentities + dv.platformIdentitiesActionsMap = tt.platformIdentityMap + dv.authorizerType = AuthorizerWorkloadIdentity + } + err := dv.ValidatePreConfiguredNSGs(ctx, oc, subnets) utilerror.AssertErrorMessage(t, err, tt.wantErr) }) diff --git a/pkg/validate/dynamic/platformworkloadidentityprofile.go b/pkg/validate/dynamic/platformworkloadidentityprofile.go new file mode 100644 index 00000000000..c1674e6b3ac --- /dev/null +++ b/pkg/validate/dynamic/platformworkloadidentityprofile.go @@ -0,0 +1,132 @@ +package dynamic + +import ( + "context" + "fmt" + "net/http" + + sdkauthorization "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3" + "github.com/Azure/go-autorest/autorest/azure" + + "github.com/Azure/ARO-RP/pkg/api" + "github.com/Azure/ARO-RP/pkg/util/azureclient/azuresdk/armauthorization" + "github.com/Azure/ARO-RP/pkg/util/rbac" + "github.com/Azure/ARO-RP/pkg/util/version" +) + +// Copyright (c) Microsoft Corporation. +// Licensed under the Apache License 2.0. + +func (dv *dynamic) ValidatePlatformWorkloadIdentityProfile(ctx context.Context, oc *api.OpenShiftCluster, platformWorkloadIdentityRolesByRoleName map[string]api.PlatformWorkloadIdentityRole, roleDefinitions armauthorization.RoleDefinitionsClient) error { + dv.log.Print("ValidatePlatformWorkloadIdentityProfile") + + dv.platformIdentitiesActionsMap = map[string][]string{} + dv.platformIdentities = []api.PlatformWorkloadIdentity{} + + for _, pwi := range oc.Properties.PlatformWorkloadIdentityProfile.PlatformWorkloadIdentities { + _, ok := platformWorkloadIdentityRolesByRoleName[pwi.OperatorName] + if ok { + dv.platformIdentitiesActionsMap[pwi.OperatorName] = nil + dv.platformIdentities = append(dv.platformIdentities, pwi) + } + } + + // Check if any required platform identity is missing + if len(dv.platformIdentities) != len(platformWorkloadIdentityRolesByRoleName) { + requiredOperatorIdentities := []string{} + for _, role := range platformWorkloadIdentityRolesByRoleName { + requiredOperatorIdentities = append(requiredOperatorIdentities, role.OperatorName) + } + currentOpenShiftVersion, err := version.ParseVersion(oc.Properties.ClusterProfile.Version) + if err != nil { + return err + } + currentMinorVersion := currentOpenShiftVersion.MinorVersion() + v := currentMinorVersion + if oc.Properties.PlatformWorkloadIdentityProfile.UpgradeableTo != nil { + upgradeableVersion, err := version.ParseVersion(string(*oc.Properties.PlatformWorkloadIdentityProfile.UpgradeableTo)) + if err != nil { + return err + } + upgradeableMinorVersion := upgradeableVersion.MinorVersion() + if currentMinorVersion != upgradeableMinorVersion && currentOpenShiftVersion.Lt(upgradeableVersion) { + v = fmt.Sprintf("%s or %s", v, upgradeableMinorVersion) + } + } + return api.NewCloudError(http.StatusBadRequest, api.CloudErrorCodePlatformWorkloadIdentityMismatch, + "properties.PlatformWorkloadIdentityProfile.PlatformWorkloadIdentities", "There's a mismatch between the required and expected set of platform workload identities for the requested OpenShift minor version '%s'. The required platform workload identities are '%v'", v, requiredOperatorIdentities) + } + + err := dv.validateClusterMSI(ctx, oc, roleDefinitions) + if err != nil { + return err + } + + for _, role := range platformWorkloadIdentityRolesByRoleName { + actions, err := getActionsForRoleDefinition(ctx, role.RoleDefinitionID, roleDefinitions) + if err != nil { + return err + } + + dv.platformIdentitiesActionsMap[role.OperatorName] = actions + } + + return nil +} + +func (dv *dynamic) validateClusterMSI(ctx context.Context, oc *api.OpenShiftCluster, roleDefinitions armauthorization.RoleDefinitionsClient) error { + for resourceID, identity := range oc.Identity.UserAssignedIdentities { + _, err := azure.ParseResourceID(resourceID) + if err != nil { + return err + } + + return dv.validateClusterMSIPermissions(ctx, identity.PrincipalID, oc.Properties.PlatformWorkloadIdentityProfile.PlatformWorkloadIdentities, roleDefinitions) + } + + return nil +} + +// Validate that the cluster MSI has all permissions specified in AzureRedHatOpenShiftFederatedCredentialRole over each platform managed identity +func (dv *dynamic) validateClusterMSIPermissions(ctx context.Context, oid string, platformIdentities []api.PlatformWorkloadIdentity, roleDefinitions armauthorization.RoleDefinitionsClient) error { + actions, err := getActionsForRoleDefinition(ctx, rbac.RoleAzureRedHatOpenShiftFederatedCredentialRole, roleDefinitions) + if err != nil { + return err + } + + for _, platformIdentity := range platformIdentities { + dv.log.Printf("validateClusterMSIPermissions for %s", platformIdentity.OperatorName) + pid, err := azure.ParseResourceID(platformIdentity.ResourceID) + if err != nil { + return err + } + + err = dv.validateActionsByOID(ctx, &pid, actions, &oid) + if err != nil { + return err + } + } + return nil +} + +func getActionsForRoleDefinition(ctx context.Context, roleDefinitionID string, roleDefinitions armauthorization.RoleDefinitionsClient) ([]string, error) { + definition, err := roleDefinitions.GetByID(ctx, roleDefinitionID, &sdkauthorization.RoleDefinitionsClientGetByIDOptions{}) + if err != nil { + return nil, err + } + + if len(definition.RoleDefinition.Properties.Permissions) == 0 { + return nil, api.NewCloudError(http.StatusInternalServerError, api.CloudErrorCodeInternalServerError, + "", "Internal server error.") + } + + actions := []string{} + for _, action := range definition.RoleDefinition.Properties.Permissions[0].Actions { + actions = append(actions, *action) + } + + for _, dataAction := range definition.RoleDefinition.Properties.Permissions[0].DataActions { + actions = append(actions, *dataAction) + } + return actions, nil +} diff --git a/pkg/validate/dynamic/platformworkloadidentityprofile_test.go b/pkg/validate/dynamic/platformworkloadidentityprofile_test.go new file mode 100644 index 00000000000..dcaafaca021 --- /dev/null +++ b/pkg/validate/dynamic/platformworkloadidentityprofile_test.go @@ -0,0 +1,587 @@ +package dynamic + +// Copyright (c) Microsoft Corporation. +// Licensed under the Apache License 2.0. + +import ( + "context" + "errors" + "fmt" + "reflect" + "testing" + + sdkauthorization "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3" + "github.com/golang/mock/gomock" + "github.com/sirupsen/logrus" + "k8s.io/utils/ptr" + + "github.com/Azure/ARO-RP/pkg/api" + "github.com/Azure/ARO-RP/pkg/util/azureclient/authz/remotepdp" + mock_remotepdp "github.com/Azure/ARO-RP/pkg/util/mocks/azureclient/authz/remotepdp" + mock_armauthorization "github.com/Azure/ARO-RP/pkg/util/mocks/azureclient/azuresdk/armauthorization" + mock_azcore "github.com/Azure/ARO-RP/pkg/util/mocks/azureclient/azuresdk/azcore" + mock_env "github.com/Azure/ARO-RP/pkg/util/mocks/env" + "github.com/Azure/ARO-RP/pkg/util/pointerutils" + "github.com/Azure/ARO-RP/pkg/util/rbac" + "github.com/Azure/ARO-RP/pkg/util/uuid" + utilerror "github.com/Azure/ARO-RP/test/util/error" +) + +var ( + msiAllowedActions = remotepdp.AuthorizationDecisionResponse{ + Value: []remotepdp.AuthorizationDecision{ + { + ActionId: "FakeMSIAction1", + AccessDecision: remotepdp.Allowed, + }, + { + ActionId: "FakeMSIAction2", + AccessDecision: remotepdp.Allowed, + }, + { + ActionId: "FakeMSIDataAction1", + AccessDecision: remotepdp.Allowed, + }, + { + ActionId: "FakeMSIDataAction2", + AccessDecision: remotepdp.Allowed, + }, + }, + } + + msiNotAllowedActions = remotepdp.AuthorizationDecisionResponse{ + Value: []remotepdp.AuthorizationDecision{ + { + ActionId: "FakeMSIAction1", + AccessDecision: remotepdp.Allowed, + }, + { + ActionId: "FakeMSIAction2", + AccessDecision: remotepdp.Denied, + }, + { + ActionId: "FakeMSIDataAction1", + AccessDecision: remotepdp.Allowed, + }, + { + ActionId: "FakeMSIDataAction2", + AccessDecision: remotepdp.Allowed, + }, + }, + } + + msiActionMissing = remotepdp.AuthorizationDecisionResponse{ + Value: []remotepdp.AuthorizationDecision{ + { + ActionId: "FakeMSIAction1", + AccessDecision: remotepdp.Allowed, + }, + { + ActionId: "FakeMSIAction2", + AccessDecision: remotepdp.Denied, + }, + { + ActionId: "FakeMSIDataAction2", + AccessDecision: remotepdp.Allowed, + }, + }, + } + + msiRequiredPermissions = sdkauthorization.RoleDefinitionsClientGetByIDResponse{ + RoleDefinition: sdkauthorization.RoleDefinition{ + Properties: &sdkauthorization.RoleDefinitionProperties{ + Permissions: []*sdkauthorization.Permission{ + { + Actions: []*string{ + pointerutils.ToPtr("FakeMSIAction1"), + pointerutils.ToPtr("FakeMSIAction2"), + }, + DataActions: []*string{ + pointerutils.ToPtr("FakeMSIDataAction1"), + pointerutils.ToPtr("FakeMSIDataAction2"), + }, + }, + }, + }, + }, + } + msiRequiredPermissionsList = []string{"FakeMSIAction1", "FakeMSIAction2", "FakeMSIDataAction1", "FakeMSIDataAction2"} + + platformIdentityRequiredPermissions = sdkauthorization.RoleDefinitionsClientGetByIDResponse{ + RoleDefinition: sdkauthorization.RoleDefinition{ + Properties: &sdkauthorization.RoleDefinitionProperties{ + Permissions: []*sdkauthorization.Permission{ + { + Actions: []*string{ + pointerutils.ToPtr("FakeAction1"), + pointerutils.ToPtr("FakeAction2"), + }, + DataActions: []*string{ + pointerutils.ToPtr("FakeDataAction1"), + pointerutils.ToPtr("FakeDataAction2"), + }, + }, + }, + }, + }, + } + + platformIdentityRequiredPermissionsList = []string{"FakeAction1", "FakeAction2", "FakeDataAction1", "FakeDataAction2"} +) + +func TestValidatePlatformWorkloadIdentityProfile(t *testing.T) { + ctx, cancel := context.WithCancel(context.Background()) + defer cancel() + msiResourceID := resourceGroupID + "/providers/Microsoft.ManagedIdentity/userAssignedIdentities/miwi-msi-resource" + dummyClientId := uuid.DefaultGenerator.Generate() + dummyObjectId := uuid.DefaultGenerator.Generate() + platformWorkloadIdentities := []api.PlatformWorkloadIdentity{ + { + OperatorName: "Dummy2", + ResourceID: platformIdentity1, + }, + { + OperatorName: "Dummy1", + ResourceID: platformIdentity1, + }, + } + desiredPlatformWorkloadIdentities := []api.PlatformWorkloadIdentity{ + { + OperatorName: "Dummy1", + ResourceID: platformIdentity1, + }, + } + desiredPlatformWorkloadIdentitiesMap := map[string]api.PlatformWorkloadIdentityRole{ + "Dummy1": { + OperatorName: "Dummy1", + }, + } + clusterMSI := api.UserAssignedIdentities{ + msiResourceID: api.ClusterUserAssignedIdentity{ + ClientID: dummyClientId, + PrincipalID: dummyObjectId, + }, + } + validRolesForVersion := map[string]api.PlatformWorkloadIdentityRole{ + "Dummy1": { + OperatorName: "Dummy1", + }, + } + openShiftVersion := "4.14.40" + + for _, tt := range []struct { + name string + platformIdentityRoles map[string]api.PlatformWorkloadIdentityRole + oc *api.OpenShiftCluster + mocks func(*mock_armauthorization.MockRoleDefinitionsClient) + wantPlatformIdentities []api.PlatformWorkloadIdentity + wantPlatformIdentitiesActionsMap map[string][]string + checkAccessMocks func(context.CancelFunc, *mock_remotepdp.MockRemotePDPClient, *mock_azcore.MockTokenCredential) + wantErr string + }{ + { + name: "Success - Validation for the OC doc for PlatformWorkloadIdentityProfile", + platformIdentityRoles: validRolesForVersion, + oc: &api.OpenShiftCluster{ + Properties: api.OpenShiftClusterProperties{ + PlatformWorkloadIdentityProfile: &api.PlatformWorkloadIdentityProfile{ + PlatformWorkloadIdentities: []api.PlatformWorkloadIdentity{ + { + OperatorName: "Dummy1", + ResourceID: platformIdentity1, + }, + }, + }, + ClusterProfile: api.ClusterProfile{ + Version: openShiftVersion, + }, + }, + Identity: &api.Identity{ + UserAssignedIdentities: clusterMSI, + }, + }, + mocks: func(roleDefinitions *mock_armauthorization.MockRoleDefinitionsClient) { + roleDefinitions.EXPECT().GetByID(ctx, rbac.RoleAzureRedHatOpenShiftFederatedCredentialRole, &sdkauthorization.RoleDefinitionsClientGetByIDOptions{}).Return(msiRequiredPermissions, nil) + roleDefinitions.EXPECT().GetByID(ctx, gomock.Any(), &sdkauthorization.RoleDefinitionsClientGetByIDOptions{}).AnyTimes().Return(platformIdentityRequiredPermissions, nil) + }, + checkAccessMocks: func(cancel context.CancelFunc, pdpClient *mock_remotepdp.MockRemotePDPClient, tokenCred *mock_azcore.MockTokenCredential) { + mockTokenCredential(tokenCred) + msiAuthReq := createAuthorizationRequest(dummyObjectId, platformIdentity1, msiRequiredPermissionsList...) + pdpClient.EXPECT().CheckAccess(gomock.Any(), msiAuthReq).Return(&msiAllowedActions, nil).AnyTimes() + }, + wantPlatformIdentities: desiredPlatformWorkloadIdentities, + wantPlatformIdentitiesActionsMap: map[string][]string{ + "Dummy1": platformIdentityRequiredPermissionsList, + }, + }, + { + name: "Success - UpgradeableTo is provided", + platformIdentityRoles: validRolesForVersion, + oc: &api.OpenShiftCluster{ + Properties: api.OpenShiftClusterProperties{ + PlatformWorkloadIdentityProfile: &api.PlatformWorkloadIdentityProfile{ + PlatformWorkloadIdentities: platformWorkloadIdentities, + UpgradeableTo: ptr.To(api.UpgradeableTo("4.15.40")), + }, + ClusterProfile: api.ClusterProfile{ + Version: openShiftVersion, + }, + }, + Identity: &api.Identity{ + UserAssignedIdentities: clusterMSI, + }, + }, + mocks: func(roleDefinitions *mock_armauthorization.MockRoleDefinitionsClient) { + roleDefinitions.EXPECT().GetByID(ctx, rbac.RoleAzureRedHatOpenShiftFederatedCredentialRole, &sdkauthorization.RoleDefinitionsClientGetByIDOptions{}).Return(msiRequiredPermissions, nil) + roleDefinitions.EXPECT().GetByID(ctx, gomock.Any(), &sdkauthorization.RoleDefinitionsClientGetByIDOptions{}).AnyTimes().Return(platformIdentityRequiredPermissions, nil) + }, + checkAccessMocks: func(cancel context.CancelFunc, pdpClient *mock_remotepdp.MockRemotePDPClient, tokenCred *mock_azcore.MockTokenCredential) { + mockTokenCredential(tokenCred) + msiAuthReq := createAuthorizationRequest(dummyObjectId, platformIdentity1, msiRequiredPermissionsList...) + pdpClient.EXPECT().CheckAccess(gomock.Any(), msiAuthReq).Return(&msiAllowedActions, nil).AnyTimes() + }, + wantPlatformIdentities: []api.PlatformWorkloadIdentity{ + { + OperatorName: "Dummy1", + ResourceID: platformIdentity1, + }, + }, + wantPlatformIdentitiesActionsMap: map[string][]string{ + "Dummy1": platformIdentityRequiredPermissionsList, + }, + }, + { + name: "Success - Mismatch between desired and provided platform Identities - desired are fulfilled", + platformIdentityRoles: validRolesForVersion, + oc: &api.OpenShiftCluster{ + Properties: api.OpenShiftClusterProperties{ + PlatformWorkloadIdentityProfile: &api.PlatformWorkloadIdentityProfile{ + PlatformWorkloadIdentities: platformWorkloadIdentities, + }, + ClusterProfile: api.ClusterProfile{ + Version: openShiftVersion, + }, + }, + Identity: &api.Identity{ + UserAssignedIdentities: clusterMSI, + }, + }, + mocks: func(roleDefinitions *mock_armauthorization.MockRoleDefinitionsClient) { + roleDefinitions.EXPECT().GetByID(ctx, rbac.RoleAzureRedHatOpenShiftFederatedCredentialRole, &sdkauthorization.RoleDefinitionsClientGetByIDOptions{}).Return(msiRequiredPermissions, nil) + roleDefinitions.EXPECT().GetByID(ctx, gomock.Any(), &sdkauthorization.RoleDefinitionsClientGetByIDOptions{}).AnyTimes().Return(platformIdentityRequiredPermissions, nil) + }, + checkAccessMocks: func(cancel context.CancelFunc, pdpClient *mock_remotepdp.MockRemotePDPClient, tokenCred *mock_azcore.MockTokenCredential) { + mockTokenCredential(tokenCred) + msiAuthReq := createAuthorizationRequest(dummyObjectId, platformIdentity1, msiRequiredPermissionsList...) + pdpClient.EXPECT().CheckAccess(gomock.Any(), msiAuthReq).Return(&msiAllowedActions, nil).AnyTimes() + }, + wantPlatformIdentities: desiredPlatformWorkloadIdentities, + wantPlatformIdentitiesActionsMap: map[string][]string{ + "Dummy1": platformIdentityRequiredPermissionsList, + }, + }, + { + name: "Fail - UpgradeableTo is provided, but desired identities are not fulfilled", + platformIdentityRoles: map[string]api.PlatformWorkloadIdentityRole{ + "Dummy3": { + OperatorName: "Dummy3", + }, + }, + oc: &api.OpenShiftCluster{ + Properties: api.OpenShiftClusterProperties{ + PlatformWorkloadIdentityProfile: &api.PlatformWorkloadIdentityProfile{ + PlatformWorkloadIdentities: platformWorkloadIdentities, + UpgradeableTo: ptr.To(api.UpgradeableTo("4.15.40")), + }, + ClusterProfile: api.ClusterProfile{ + Version: openShiftVersion, + }, + }, + Identity: &api.Identity{ + UserAssignedIdentities: clusterMSI, + }, + }, + wantErr: fmt.Sprintf("400: %s: properties.PlatformWorkloadIdentityProfile.PlatformWorkloadIdentities: There's a mismatch between the required and expected set of platform workload identities for the requested OpenShift minor version '%s or %s'. The required platform workload identities are '[Dummy3]'", api.CloudErrorCodePlatformWorkloadIdentityMismatch, "4.14", "4.15"), + }, + { + name: "Fail - UpgradeableTo is provided(ignored because minor version is equal to cluster minor version), but desired identities are not fulfilled", + platformIdentityRoles: map[string]api.PlatformWorkloadIdentityRole{ + "Dummy3": { + OperatorName: "Dummy3", + }, + }, + oc: &api.OpenShiftCluster{ + Properties: api.OpenShiftClusterProperties{ + PlatformWorkloadIdentityProfile: &api.PlatformWorkloadIdentityProfile{ + PlatformWorkloadIdentities: platformWorkloadIdentities, + UpgradeableTo: ptr.To(api.UpgradeableTo("4.14.60")), + }, + ClusterProfile: api.ClusterProfile{ + Version: openShiftVersion, + }, + }, + Identity: &api.Identity{ + UserAssignedIdentities: clusterMSI, + }, + }, + wantErr: fmt.Sprintf("400: %s: properties.PlatformWorkloadIdentityProfile.PlatformWorkloadIdentities: There's a mismatch between the required and expected set of platform workload identities for the requested OpenShift minor version '%s'. The required platform workload identities are '[Dummy3]'", api.CloudErrorCodePlatformWorkloadIdentityMismatch, "4.14"), + }, + { + name: "Fail - UpgradeableTo is provided(ignored because upgradeable version is smaller than cluster version), but desired identities are not fulfilled", + platformIdentityRoles: map[string]api.PlatformWorkloadIdentityRole{ + "Dummy3": { + OperatorName: "Dummy3", + }, + }, + oc: &api.OpenShiftCluster{ + Properties: api.OpenShiftClusterProperties{ + PlatformWorkloadIdentityProfile: &api.PlatformWorkloadIdentityProfile{ + PlatformWorkloadIdentities: platformWorkloadIdentities, + UpgradeableTo: ptr.To(api.UpgradeableTo("4.13.60")), + }, + ClusterProfile: api.ClusterProfile{ + Version: openShiftVersion, + }, + }, + Identity: &api.Identity{ + UserAssignedIdentities: clusterMSI, + }, + }, + wantErr: fmt.Sprintf("400: %s: properties.PlatformWorkloadIdentityProfile.PlatformWorkloadIdentities: There's a mismatch between the required and expected set of platform workload identities for the requested OpenShift minor version '%s'. The required platform workload identities are '[Dummy3]'", api.CloudErrorCodePlatformWorkloadIdentityMismatch, "4.14"), + }, + { + name: "Fail - Mismatch between desired and provided platform Identities - count mismatch 2", + platformIdentityRoles: validRolesForVersion, + oc: &api.OpenShiftCluster{ + Properties: api.OpenShiftClusterProperties{ + PlatformWorkloadIdentityProfile: &api.PlatformWorkloadIdentityProfile{ + PlatformWorkloadIdentities: []api.PlatformWorkloadIdentity{}, + }, + ClusterProfile: api.ClusterProfile{ + Version: openShiftVersion, + }, + }, + Identity: &api.Identity{ + UserAssignedIdentities: clusterMSI, + }, + }, + wantErr: fmt.Sprintf("400: %s: properties.PlatformWorkloadIdentityProfile.PlatformWorkloadIdentities: There's a mismatch between the required and expected set of platform workload identities for the requested OpenShift minor version '%s'. The required platform workload identities are '[Dummy1]'", api.CloudErrorCodePlatformWorkloadIdentityMismatch, "4.14"), + }, + { + name: "Fail - Mismatch between desired and provided platform Identities - different operators", + platformIdentityRoles: desiredPlatformWorkloadIdentitiesMap, + oc: &api.OpenShiftCluster{ + Properties: api.OpenShiftClusterProperties{ + PlatformWorkloadIdentityProfile: &api.PlatformWorkloadIdentityProfile{ + PlatformWorkloadIdentities: []api.PlatformWorkloadIdentity{ + { + OperatorName: "Dummy2", + ResourceID: platformIdentity1, + }, + { + OperatorName: "Dummy3", + ResourceID: platformIdentity1, + }, + }, + }, + ClusterProfile: api.ClusterProfile{ + Version: openShiftVersion, + }, + }, + Identity: &api.Identity{ + UserAssignedIdentities: clusterMSI, + }, + }, + wantErr: fmt.Sprintf("400: %s: properties.PlatformWorkloadIdentityProfile.PlatformWorkloadIdentities: There's a mismatch between the required and expected set of platform workload identities for the requested OpenShift minor version '%s'. The required platform workload identities are '[Dummy1]'", api.CloudErrorCodePlatformWorkloadIdentityMismatch, "4.14"), + }, + { + name: "Fail - MSI Resource ID is invalid", + platformIdentityRoles: validRolesForVersion, + oc: &api.OpenShiftCluster{ + Properties: api.OpenShiftClusterProperties{ + PlatformWorkloadIdentityProfile: &api.PlatformWorkloadIdentityProfile{ + PlatformWorkloadIdentities: platformWorkloadIdentities, + }, + ClusterProfile: api.ClusterProfile{ + Version: openShiftVersion, + }, + }, + Identity: &api.Identity{ + UserAssignedIdentities: api.UserAssignedIdentities{ + "invalidUUID": {}, + }, + }, + }, + wantErr: "parsing failed for invalidUUID. Invalid resource Id format", + }, + { + name: "Fail - Getting role definition failed", + platformIdentityRoles: validRolesForVersion, + oc: &api.OpenShiftCluster{ + Properties: api.OpenShiftClusterProperties{ + PlatformWorkloadIdentityProfile: &api.PlatformWorkloadIdentityProfile{ + PlatformWorkloadIdentities: platformWorkloadIdentities, + }, + ClusterProfile: api.ClusterProfile{ + Version: openShiftVersion, + }, + }, + Identity: &api.Identity{ + UserAssignedIdentities: clusterMSI, + }, + }, + mocks: func(roleDefinitions *mock_armauthorization.MockRoleDefinitionsClient) { + roleDefinitions.EXPECT().GetByID(ctx, rbac.RoleAzureRedHatOpenShiftFederatedCredentialRole, &sdkauthorization.RoleDefinitionsClientGetByIDOptions{}).Return(msiRequiredPermissions, errors.New("Generic Error")) + }, + wantErr: "Generic Error", + }, + { + name: "Fail - Invalid Platform identity Resource ID", + platformIdentityRoles: validRolesForVersion, + oc: &api.OpenShiftCluster{ + Properties: api.OpenShiftClusterProperties{ + PlatformWorkloadIdentityProfile: &api.PlatformWorkloadIdentityProfile{ + PlatformWorkloadIdentities: []api.PlatformWorkloadIdentity{ + { + OperatorName: "Dummy2", + ResourceID: "Invalid UUID", + }, + { + OperatorName: "Dummy1", + ResourceID: "Invalid UUID", + }, + }, + }, + }, + Identity: &api.Identity{ + UserAssignedIdentities: clusterMSI, + }, + }, + mocks: func(roleDefinitions *mock_armauthorization.MockRoleDefinitionsClient) { + roleDefinitions.EXPECT().GetByID(ctx, rbac.RoleAzureRedHatOpenShiftFederatedCredentialRole, &sdkauthorization.RoleDefinitionsClientGetByIDOptions{}).Return(msiRequiredPermissions, nil) + }, + wantErr: "parsing failed for Invalid UUID. Invalid resource Id format", + }, + { + name: "Fail - An action is denied for a platform identity", + platformIdentityRoles: validRolesForVersion, + oc: &api.OpenShiftCluster{ + Properties: api.OpenShiftClusterProperties{ + PlatformWorkloadIdentityProfile: &api.PlatformWorkloadIdentityProfile{ + PlatformWorkloadIdentities: platformWorkloadIdentities, + }, + ClusterProfile: api.ClusterProfile{ + Version: openShiftVersion, + }, + }, + Identity: &api.Identity{ + UserAssignedIdentities: clusterMSI, + }, + }, + mocks: func(roleDefinitions *mock_armauthorization.MockRoleDefinitionsClient) { + roleDefinitions.EXPECT().GetByID(ctx, rbac.RoleAzureRedHatOpenShiftFederatedCredentialRole, &sdkauthorization.RoleDefinitionsClientGetByIDOptions{}).Return(msiRequiredPermissions, nil) + roleDefinitions.EXPECT().GetByID(ctx, gomock.Any(), &sdkauthorization.RoleDefinitionsClientGetByIDOptions{}).AnyTimes().Return(platformIdentityRequiredPermissions, nil) + }, + checkAccessMocks: func(cancel context.CancelFunc, pdpClient *mock_remotepdp.MockRemotePDPClient, tokenCred *mock_azcore.MockTokenCredential) { + mockTokenCredential(tokenCred) + msiAuthReq := createAuthorizationRequest(dummyObjectId, platformIdentity1, msiRequiredPermissionsList...) + pdpClient.EXPECT().CheckAccess(gomock.Any(), msiAuthReq).Do(func(arg0, arg1 interface{}) { + cancel() + }).Return(&msiNotAllowedActions, nil).AnyTimes() + }, + wantErr: "timed out waiting for the condition", + }, + { + name: "Fail - An action is missing for a platform identity", + platformIdentityRoles: validRolesForVersion, + oc: &api.OpenShiftCluster{ + Properties: api.OpenShiftClusterProperties{ + PlatformWorkloadIdentityProfile: &api.PlatformWorkloadIdentityProfile{ + PlatformWorkloadIdentities: platformWorkloadIdentities, + }, + ClusterProfile: api.ClusterProfile{ + Version: openShiftVersion, + }, + }, + Identity: &api.Identity{ + UserAssignedIdentities: clusterMSI, + }, + }, + mocks: func(roleDefinitions *mock_armauthorization.MockRoleDefinitionsClient) { + roleDefinitions.EXPECT().GetByID(ctx, rbac.RoleAzureRedHatOpenShiftFederatedCredentialRole, &sdkauthorization.RoleDefinitionsClientGetByIDOptions{}).Return(msiRequiredPermissions, nil) + roleDefinitions.EXPECT().GetByID(ctx, gomock.Any(), &sdkauthorization.RoleDefinitionsClientGetByIDOptions{}).AnyTimes().Return(platformIdentityRequiredPermissions, nil) + }, + checkAccessMocks: func(cancel context.CancelFunc, pdpClient *mock_remotepdp.MockRemotePDPClient, tokenCred *mock_azcore.MockTokenCredential) { + mockTokenCredential(tokenCred) + msiAuthReq := createAuthorizationRequest(dummyObjectId, platformIdentity1, msiRequiredPermissionsList...) + pdpClient.EXPECT().CheckAccess(gomock.Any(), msiAuthReq).Do(func(arg0, arg1 interface{}) { + cancel() + }).Return(&msiActionMissing, nil).AnyTimes() + }, + wantErr: "timed out waiting for the condition", + }, + { + name: "Fail - Getting Role Definition for Platform Identity Role returns error", + platformIdentityRoles: validRolesForVersion, + oc: &api.OpenShiftCluster{ + Properties: api.OpenShiftClusterProperties{ + PlatformWorkloadIdentityProfile: &api.PlatformWorkloadIdentityProfile{ + PlatformWorkloadIdentities: platformWorkloadIdentities, + }, + ClusterProfile: api.ClusterProfile{ + Version: openShiftVersion, + }, + }, + Identity: &api.Identity{ + UserAssignedIdentities: clusterMSI, + }, + }, + mocks: func(roleDefinitions *mock_armauthorization.MockRoleDefinitionsClient) { + roleDefinitions.EXPECT().GetByID(ctx, rbac.RoleAzureRedHatOpenShiftFederatedCredentialRole, &sdkauthorization.RoleDefinitionsClientGetByIDOptions{}).Return(msiRequiredPermissions, nil) + roleDefinitions.EXPECT().GetByID(ctx, gomock.Any(), &sdkauthorization.RoleDefinitionsClientGetByIDOptions{}).AnyTimes().Return(platformIdentityRequiredPermissions, errors.New("Generic Error")) + }, + checkAccessMocks: func(cancel context.CancelFunc, pdpClient *mock_remotepdp.MockRemotePDPClient, tokenCred *mock_azcore.MockTokenCredential) { + mockTokenCredential(tokenCred) + msiAuthReq := createAuthorizationRequest(dummyObjectId, platformIdentity1, msiRequiredPermissionsList...) + pdpClient.EXPECT().CheckAccess(gomock.Any(), msiAuthReq).Return(&msiAllowedActions, errors.New("Generic Error")).AnyTimes() + }, + wantErr: "Generic Error", + }, + } { + t.Run(tt.name, func(t *testing.T) { + controller := gomock.NewController(t) + defer controller.Finish() + + _env := mock_env.NewMockInterface(controller) + roleDefinitions := mock_armauthorization.NewMockRoleDefinitionsClient(controller) + pdpClient := mock_remotepdp.NewMockRemotePDPClient(controller) + + dv := &dynamic{ + env: _env, + authorizerType: AuthorizerClusterServicePrincipal, + log: logrus.NewEntry(logrus.StandardLogger()), + pdpClient: pdpClient, + } + + tokenCred := mock_azcore.NewMockTokenCredential(controller) + + if tt.checkAccessMocks != nil { + tt.checkAccessMocks(cancel, pdpClient, tokenCred) + } + + if tt.mocks != nil { + tt.mocks(roleDefinitions) + } + + err := dv.ValidatePlatformWorkloadIdentityProfile(ctx, tt.oc, tt.platformIdentityRoles, roleDefinitions) + utilerror.AssertErrorMessage(t, err, tt.wantErr) + + if tt.wantPlatformIdentities != nil && !reflect.DeepEqual(tt.wantPlatformIdentities, dv.platformIdentities) { + t.Fatalf("Expected platform identities are not populated in dv object") + } + if tt.wantPlatformIdentitiesActionsMap != nil && !reflect.DeepEqual(tt.wantPlatformIdentitiesActionsMap, dv.platformIdentitiesActionsMap) { + t.Fatalf("Expected platform identities to permissions mapping is not populated in dv object") + } + }) + } +} diff --git a/pkg/validate/openshiftcluster_validatedynamic.go b/pkg/validate/openshiftcluster_validatedynamic.go index ab8b5517ac2..fa9156110d5 100644 --- a/pkg/validate/openshiftcluster_validatedynamic.go +++ b/pkg/validate/openshiftcluster_validatedynamic.go @@ -12,13 +12,15 @@ import ( "github.com/Azure/azure-sdk-for-go/sdk/azcore/policy" "github.com/Azure/azure-sdk-for-go/sdk/azidentity" "github.com/Azure/go-autorest/autorest" + "github.com/Azure/go-autorest/autorest/to" "github.com/form3tech-oss/jwt-go" - "github.com/jongio/azidext/go/azidext" "github.com/sirupsen/logrus" "github.com/Azure/ARO-RP/pkg/api" "github.com/Azure/ARO-RP/pkg/env" "github.com/Azure/ARO-RP/pkg/util/azureclient/authz/remotepdp" + "github.com/Azure/ARO-RP/pkg/util/azureclient/azuresdk/armauthorization" + "github.com/Azure/ARO-RP/pkg/util/platformworkloadidentity" "github.com/Azure/ARO-RP/pkg/validate/dynamic" ) @@ -34,14 +36,18 @@ func NewOpenShiftClusterDynamicValidator( oc *api.OpenShiftCluster, subscriptionDoc *api.SubscriptionDocument, fpAuthorizer autorest.Authorizer, + roleDefinitions armauthorization.RoleDefinitionsClient, + platformWorkloadIdentityRolesByVersion platformworkloadidentity.PlatformWorkloadIdentityRolesByVersion, ) OpenShiftClusterDynamicValidator { return &openShiftClusterDynamicValidator{ log: log, env: env, - oc: oc, - subscriptionDoc: subscriptionDoc, - fpAuthorizer: fpAuthorizer, + oc: oc, + subscriptionDoc: subscriptionDoc, + fpAuthorizer: fpAuthorizer, + roleDefinitions: roleDefinitions, + platformWorkloadIdentityRolesByVersion: platformWorkloadIdentityRolesByVersion, } } @@ -49,9 +55,11 @@ type openShiftClusterDynamicValidator struct { log *logrus.Entry env env.Interface - oc *api.OpenShiftCluster - subscriptionDoc *api.SubscriptionDocument - fpAuthorizer autorest.Authorizer + oc *api.OpenShiftCluster + subscriptionDoc *api.SubscriptionDocument + fpAuthorizer autorest.Authorizer + roleDefinitions armauthorization.RoleDefinitionsClient + platformWorkloadIdentityRolesByVersion platformworkloadidentity.PlatformWorkloadIdentityRolesByVersion } // ensureAccessTokenClaims can detect an error when the service principal (fp, cluster sp) has accidentally deleted from @@ -112,51 +120,67 @@ func (dv *openShiftClusterDynamicValidator) Dynamic(ctx context.Context) error { }) } - var pdpClient remotepdp.RemotePDPClient - spp := dv.oc.Properties.ServicePrincipalProfile - tenantID := dv.subscriptionDoc.Subscription.Properties.TenantID - options := dv.env.Environment().ClientSecretCredentialOptions() - spClientCred, err := azidentity.NewClientSecretCredential( - tenantID, spp.ClientID, string(spp.ClientSecret), options) - if err != nil { - return err - } fpClientCred, err := dv.env.FPNewClientCertificateCredential(tenantID) if err != nil { return err } aroEnv := dv.env.Environment() - pdpClient = remotepdp.NewRemotePDPClient( + pdpClient := remotepdp.NewRemotePDPClient( fmt.Sprintf(aroEnv.Endpoint, dv.env.Location()), aroEnv.OAuthScope, fpClientCred, ) scopes := []string{dv.env.Environment().ResourceManagerScope} - err = ensureAccessTokenClaims(ctx, spClientCred, scopes) - if err != nil { - return err - } - spAuthorizer := azidext.NewTokenCredentialAdapter(spClientCred, scopes) - - spDynamic := dynamic.NewValidator( - dv.log, - dv.env, - dv.env.Environment(), - dv.subscriptionDoc.ID, - spAuthorizer, - spp.ClientID, - dynamic.AuthorizerClusterServicePrincipal, - spClientCred, - pdpClient, - ) + var spDynamic dynamic.Dynamic + if !dv.oc.UsesWorkloadIdentity() { + // SP validation + spp := dv.oc.Properties.ServicePrincipalProfile + options := dv.env.Environment().ClientSecretCredentialOptions() + spClientCred, err := azidentity.NewClientSecretCredential( + tenantID, spp.ClientID, string(spp.ClientSecret), options) + if err != nil { + return err + } + err = ensureAccessTokenClaims(ctx, spClientCred, scopes) + if err != nil { + return err + } - // SP validation - err = spDynamic.ValidateServicePrincipal(ctx, spClientCred) - if err != nil { - return err + spDynamic = dynamic.NewValidator( + dv.log, + dv.env, + dv.env.Environment(), + dv.subscriptionDoc.ID, + dv.fpAuthorizer, + &spp.ClientID, + dynamic.AuthorizerClusterServicePrincipal, + spClientCred, + pdpClient, + ) + err = spDynamic.ValidateServicePrincipal(ctx, spClientCred) + if err != nil { + return err + } + } else { + // PlatformWorkloadIdentity and ClusterMSIIdentity Validation + spDynamic = dynamic.NewValidator( + dv.log, + dv.env, + dv.env.Environment(), + dv.subscriptionDoc.ID, + dv.fpAuthorizer, + nil, + dynamic.AuthorizerWorkloadIdentity, + nil, + pdpClient, + ) + err = spDynamic.ValidatePlatformWorkloadIdentityProfile(ctx, dv.oc, dv.platformWorkloadIdentityRolesByVersion.GetPlatformWorkloadIdentityRolesByRoleName(), dv.roleDefinitions) + if err != nil { + return err + } } err = spDynamic.ValidateVnet( @@ -202,7 +226,7 @@ func (dv *openShiftClusterDynamicValidator) Dynamic(ctx context.Context) error { dv.env.Environment(), dv.subscriptionDoc.ID, dv.fpAuthorizer, - dv.env.FPClientID(), + to.StringPtr(dv.env.FPClientID()), dynamic.AuthorizerFirstParty, fpClientCred, pdpClient, diff --git a/vendor/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3/CHANGELOG.md b/vendor/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3/CHANGELOG.md new file mode 100644 index 00000000000..ea8eafeeb4e --- /dev/null +++ b/vendor/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3/CHANGELOG.md @@ -0,0 +1,326 @@ +# Release History + +## 3.0.0-beta.2 (2023-11-30) +### Features Added + +- Support for test fakes and OpenTelemetry trace spans. + + +## 2.2.0 (2023-11-24) +### Features Added + +- Support for test fakes and OpenTelemetry trace spans. + + +## 3.0.0-beta.1 (2023-07-28) +### Breaking Changes + +- Field `EffectiveRules` of struct `RoleManagementPolicyAssignmentProperties` has been removed + +### Features Added + +- New enum type `AccessRecommendationType` with values `AccessRecommendationTypeApprove`, `AccessRecommendationTypeDeny`, `AccessRecommendationTypeNoInfoAvailable` +- New enum type `AccessReviewActorIdentityType` with values `AccessReviewActorIdentityTypeServicePrincipal`, `AccessReviewActorIdentityTypeUser` +- New enum type `AccessReviewApplyResult` with values `AccessReviewApplyResultAppliedSuccessfully`, `AccessReviewApplyResultAppliedSuccessfullyButObjectNotFound`, `AccessReviewApplyResultAppliedWithUnknownFailure`, `AccessReviewApplyResultApplyNotSupported`, `AccessReviewApplyResultApplying`, `AccessReviewApplyResultNew` +- New enum type `AccessReviewDecisionInsightType` with values `AccessReviewDecisionInsightTypeUserSignInInsight` +- New enum type `AccessReviewDecisionPrincipalResourceMembershipType` with values `AccessReviewDecisionPrincipalResourceMembershipTypeDirect`, `AccessReviewDecisionPrincipalResourceMembershipTypeIndirect` +- New enum type `AccessReviewHistoryDefinitionStatus` with values `AccessReviewHistoryDefinitionStatusDone`, `AccessReviewHistoryDefinitionStatusError`, `AccessReviewHistoryDefinitionStatusInProgress`, `AccessReviewHistoryDefinitionStatusRequested` +- New enum type `AccessReviewInstanceReviewersType` with values `AccessReviewInstanceReviewersTypeAssigned`, `AccessReviewInstanceReviewersTypeManagers`, `AccessReviewInstanceReviewersTypeSelf` +- New enum type `AccessReviewInstanceStatus` with values `AccessReviewInstanceStatusApplied`, `AccessReviewInstanceStatusApplying`, `AccessReviewInstanceStatusAutoReviewed`, `AccessReviewInstanceStatusAutoReviewing`, `AccessReviewInstanceStatusCompleted`, `AccessReviewInstanceStatusCompleting`, `AccessReviewInstanceStatusInProgress`, `AccessReviewInstanceStatusInitializing`, `AccessReviewInstanceStatusNotStarted`, `AccessReviewInstanceStatusScheduled`, `AccessReviewInstanceStatusStarting` +- New enum type `AccessReviewRecurrencePatternType` with values `AccessReviewRecurrencePatternTypeAbsoluteMonthly`, `AccessReviewRecurrencePatternTypeWeekly` +- New enum type `AccessReviewRecurrenceRangeType` with values `AccessReviewRecurrenceRangeTypeEndDate`, `AccessReviewRecurrenceRangeTypeNoEnd`, `AccessReviewRecurrenceRangeTypeNumbered` +- New enum type `AccessReviewResult` with values `AccessReviewResultApprove`, `AccessReviewResultDeny`, `AccessReviewResultDontKnow`, `AccessReviewResultNotNotified`, `AccessReviewResultNotReviewed` +- New enum type `AccessReviewReviewerType` with values `AccessReviewReviewerTypeServicePrincipal`, `AccessReviewReviewerTypeUser` +- New enum type `AccessReviewScheduleDefinitionReviewersType` with values `AccessReviewScheduleDefinitionReviewersTypeAssigned`, `AccessReviewScheduleDefinitionReviewersTypeManagers`, `AccessReviewScheduleDefinitionReviewersTypeSelf` +- New enum type `AccessReviewScheduleDefinitionStatus` with values `AccessReviewScheduleDefinitionStatusApplied`, `AccessReviewScheduleDefinitionStatusApplying`, `AccessReviewScheduleDefinitionStatusAutoReviewed`, `AccessReviewScheduleDefinitionStatusAutoReviewing`, `AccessReviewScheduleDefinitionStatusCompleted`, `AccessReviewScheduleDefinitionStatusCompleting`, `AccessReviewScheduleDefinitionStatusInProgress`, `AccessReviewScheduleDefinitionStatusInitializing`, `AccessReviewScheduleDefinitionStatusNotStarted`, `AccessReviewScheduleDefinitionStatusScheduled`, `AccessReviewScheduleDefinitionStatusStarting` +- New enum type `AccessReviewScopeAssignmentState` with values `AccessReviewScopeAssignmentStateActive`, `AccessReviewScopeAssignmentStateEligible` +- New enum type `AccessReviewScopePrincipalType` with values `AccessReviewScopePrincipalTypeGuestUser`, `AccessReviewScopePrincipalTypeRedeemedGuestUser`, `AccessReviewScopePrincipalTypeServicePrincipal`, `AccessReviewScopePrincipalTypeUser`, `AccessReviewScopePrincipalTypeUserGroup` +- New enum type `DecisionResourceType` with values `DecisionResourceTypeAzureRole` +- New enum type `DecisionTargetType` with values `DecisionTargetTypeServicePrincipal`, `DecisionTargetTypeUser` +- New enum type `DefaultDecisionType` with values `DefaultDecisionTypeApprove`, `DefaultDecisionTypeDeny`, `DefaultDecisionTypeRecommendation` +- New enum type `RecordAllDecisionsResult` with values `RecordAllDecisionsResultApprove`, `RecordAllDecisionsResultDeny` +- New enum type `SeverityLevel` with values `SeverityLevelHigh`, `SeverityLevelLow`, `SeverityLevelMedium` +- New function `*AccessReviewDecisionIdentity.GetAccessReviewDecisionIdentity() *AccessReviewDecisionIdentity` +- New function `*AccessReviewDecisionInsightProperties.GetAccessReviewDecisionInsightProperties() *AccessReviewDecisionInsightProperties` +- New function `*AccessReviewDecisionServicePrincipalIdentity.GetAccessReviewDecisionIdentity() *AccessReviewDecisionIdentity` +- New function `*AccessReviewDecisionUserIdentity.GetAccessReviewDecisionIdentity() *AccessReviewDecisionIdentity` +- New function `*AccessReviewDecisionUserSignInInsightProperties.GetAccessReviewDecisionInsightProperties() *AccessReviewDecisionInsightProperties` +- New function `NewAccessReviewDefaultSettingsClient(string, azcore.TokenCredential, *arm.ClientOptions) (*AccessReviewDefaultSettingsClient, error)` +- New function `*AccessReviewDefaultSettingsClient.Get(context.Context, *AccessReviewDefaultSettingsClientGetOptions) (AccessReviewDefaultSettingsClientGetResponse, error)` +- New function `*AccessReviewDefaultSettingsClient.Put(context.Context, AccessReviewScheduleSettings, *AccessReviewDefaultSettingsClientPutOptions) (AccessReviewDefaultSettingsClientPutResponse, error)` +- New function `NewAccessReviewHistoryDefinitionClient(string, azcore.TokenCredential, *arm.ClientOptions) (*AccessReviewHistoryDefinitionClient, error)` +- New function `*AccessReviewHistoryDefinitionClient.Create(context.Context, string, AccessReviewHistoryDefinitionProperties, *AccessReviewHistoryDefinitionClientCreateOptions) (AccessReviewHistoryDefinitionClientCreateResponse, error)` +- New function `*AccessReviewHistoryDefinitionClient.DeleteByID(context.Context, string, *AccessReviewHistoryDefinitionClientDeleteByIDOptions) (AccessReviewHistoryDefinitionClientDeleteByIDResponse, error)` +- New function `NewAccessReviewHistoryDefinitionInstanceClient(string, azcore.TokenCredential, *arm.ClientOptions) (*AccessReviewHistoryDefinitionInstanceClient, error)` +- New function `*AccessReviewHistoryDefinitionInstanceClient.GenerateDownloadURI(context.Context, string, string, *AccessReviewHistoryDefinitionInstanceClientGenerateDownloadURIOptions) (AccessReviewHistoryDefinitionInstanceClientGenerateDownloadURIResponse, error)` +- New function `NewAccessReviewHistoryDefinitionInstancesClient(string, azcore.TokenCredential, *arm.ClientOptions) (*AccessReviewHistoryDefinitionInstancesClient, error)` +- New function `*AccessReviewHistoryDefinitionInstancesClient.NewListPager(string, *AccessReviewHistoryDefinitionInstancesClientListOptions) *runtime.Pager[AccessReviewHistoryDefinitionInstancesClientListResponse]` +- New function `NewAccessReviewHistoryDefinitionsClient(string, azcore.TokenCredential, *arm.ClientOptions) (*AccessReviewHistoryDefinitionsClient, error)` +- New function `*AccessReviewHistoryDefinitionsClient.GetByID(context.Context, string, *AccessReviewHistoryDefinitionsClientGetByIDOptions) (AccessReviewHistoryDefinitionsClientGetByIDResponse, error)` +- New function `*AccessReviewHistoryDefinitionsClient.NewListPager(*AccessReviewHistoryDefinitionsClientListOptions) *runtime.Pager[AccessReviewHistoryDefinitionsClientListResponse]` +- New function `NewAccessReviewInstanceClient(string, azcore.TokenCredential, *arm.ClientOptions) (*AccessReviewInstanceClient, error)` +- New function `*AccessReviewInstanceClient.AcceptRecommendations(context.Context, string, string, *AccessReviewInstanceClientAcceptRecommendationsOptions) (AccessReviewInstanceClientAcceptRecommendationsResponse, error)` +- New function `*AccessReviewInstanceClient.ApplyDecisions(context.Context, string, string, *AccessReviewInstanceClientApplyDecisionsOptions) (AccessReviewInstanceClientApplyDecisionsResponse, error)` +- New function `*AccessReviewInstanceClient.ResetDecisions(context.Context, string, string, *AccessReviewInstanceClientResetDecisionsOptions) (AccessReviewInstanceClientResetDecisionsResponse, error)` +- New function `*AccessReviewInstanceClient.SendReminders(context.Context, string, string, *AccessReviewInstanceClientSendRemindersOptions) (AccessReviewInstanceClientSendRemindersResponse, error)` +- New function `*AccessReviewInstanceClient.Stop(context.Context, string, string, *AccessReviewInstanceClientStopOptions) (AccessReviewInstanceClientStopResponse, error)` +- New function `NewAccessReviewInstanceContactedReviewersClient(string, azcore.TokenCredential, *arm.ClientOptions) (*AccessReviewInstanceContactedReviewersClient, error)` +- New function `*AccessReviewInstanceContactedReviewersClient.NewListPager(string, string, *AccessReviewInstanceContactedReviewersClientListOptions) *runtime.Pager[AccessReviewInstanceContactedReviewersClientListResponse]` +- New function `NewAccessReviewInstanceDecisionsClient(string, azcore.TokenCredential, *arm.ClientOptions) (*AccessReviewInstanceDecisionsClient, error)` +- New function `*AccessReviewInstanceDecisionsClient.NewListPager(string, string, *AccessReviewInstanceDecisionsClientListOptions) *runtime.Pager[AccessReviewInstanceDecisionsClientListResponse]` +- New function `NewAccessReviewInstanceMyDecisionsClient(azcore.TokenCredential, *arm.ClientOptions) (*AccessReviewInstanceMyDecisionsClient, error)` +- New function `*AccessReviewInstanceMyDecisionsClient.GetByID(context.Context, string, string, string, *AccessReviewInstanceMyDecisionsClientGetByIDOptions) (AccessReviewInstanceMyDecisionsClientGetByIDResponse, error)` +- New function `*AccessReviewInstanceMyDecisionsClient.NewListPager(string, string, *AccessReviewInstanceMyDecisionsClientListOptions) *runtime.Pager[AccessReviewInstanceMyDecisionsClientListResponse]` +- New function `*AccessReviewInstanceMyDecisionsClient.Patch(context.Context, string, string, string, AccessReviewDecisionProperties, *AccessReviewInstanceMyDecisionsClientPatchOptions) (AccessReviewInstanceMyDecisionsClientPatchResponse, error)` +- New function `NewAccessReviewInstancesAssignedForMyApprovalClient(azcore.TokenCredential, *arm.ClientOptions) (*AccessReviewInstancesAssignedForMyApprovalClient, error)` +- New function `*AccessReviewInstancesAssignedForMyApprovalClient.GetByID(context.Context, string, string, *AccessReviewInstancesAssignedForMyApprovalClientGetByIDOptions) (AccessReviewInstancesAssignedForMyApprovalClientGetByIDResponse, error)` +- New function `*AccessReviewInstancesAssignedForMyApprovalClient.NewListPager(string, *AccessReviewInstancesAssignedForMyApprovalClientListOptions) *runtime.Pager[AccessReviewInstancesAssignedForMyApprovalClientListResponse]` +- New function `NewAccessReviewInstancesClient(string, azcore.TokenCredential, *arm.ClientOptions) (*AccessReviewInstancesClient, error)` +- New function `*AccessReviewInstancesClient.Create(context.Context, string, string, AccessReviewInstanceProperties, *AccessReviewInstancesClientCreateOptions) (AccessReviewInstancesClientCreateResponse, error)` +- New function `*AccessReviewInstancesClient.GetByID(context.Context, string, string, *AccessReviewInstancesClientGetByIDOptions) (AccessReviewInstancesClientGetByIDResponse, error)` +- New function `*AccessReviewInstancesClient.NewListPager(string, *AccessReviewInstancesClientListOptions) *runtime.Pager[AccessReviewInstancesClientListResponse]` +- New function `NewAccessReviewScheduleDefinitionsAssignedForMyApprovalClient(azcore.TokenCredential, *arm.ClientOptions) (*AccessReviewScheduleDefinitionsAssignedForMyApprovalClient, error)` +- New function `*AccessReviewScheduleDefinitionsAssignedForMyApprovalClient.NewListPager(*AccessReviewScheduleDefinitionsAssignedForMyApprovalClientListOptions) *runtime.Pager[AccessReviewScheduleDefinitionsAssignedForMyApprovalClientListResponse]` +- New function `NewAccessReviewScheduleDefinitionsClient(string, azcore.TokenCredential, *arm.ClientOptions) (*AccessReviewScheduleDefinitionsClient, error)` +- New function `*AccessReviewScheduleDefinitionsClient.CreateOrUpdateByID(context.Context, string, AccessReviewScheduleDefinitionProperties, *AccessReviewScheduleDefinitionsClientCreateOrUpdateByIDOptions) (AccessReviewScheduleDefinitionsClientCreateOrUpdateByIDResponse, error)` +- New function `*AccessReviewScheduleDefinitionsClient.DeleteByID(context.Context, string, *AccessReviewScheduleDefinitionsClientDeleteByIDOptions) (AccessReviewScheduleDefinitionsClientDeleteByIDResponse, error)` +- New function `*AccessReviewScheduleDefinitionsClient.GetByID(context.Context, string, *AccessReviewScheduleDefinitionsClientGetByIDOptions) (AccessReviewScheduleDefinitionsClientGetByIDResponse, error)` +- New function `*AccessReviewScheduleDefinitionsClient.NewListPager(*AccessReviewScheduleDefinitionsClientListOptions) *runtime.Pager[AccessReviewScheduleDefinitionsClientListResponse]` +- New function `*AccessReviewScheduleDefinitionsClient.Stop(context.Context, string, *AccessReviewScheduleDefinitionsClientStopOptions) (AccessReviewScheduleDefinitionsClientStopResponse, error)` +- New function `*AlertConfigurationProperties.GetAlertConfigurationProperties() *AlertConfigurationProperties` +- New function `NewAlertConfigurationsClient(azcore.TokenCredential, *arm.ClientOptions) (*AlertConfigurationsClient, error)` +- New function `*AlertConfigurationsClient.Get(context.Context, string, string, *AlertConfigurationsClientGetOptions) (AlertConfigurationsClientGetResponse, error)` +- New function `*AlertConfigurationsClient.NewListForScopePager(string, *AlertConfigurationsClientListForScopeOptions) *runtime.Pager[AlertConfigurationsClientListForScopeResponse]` +- New function `*AlertConfigurationsClient.Update(context.Context, string, string, AlertConfiguration, *AlertConfigurationsClientUpdateOptions) (AlertConfigurationsClientUpdateResponse, error)` +- New function `NewAlertDefinitionsClient(azcore.TokenCredential, *arm.ClientOptions) (*AlertDefinitionsClient, error)` +- New function `*AlertDefinitionsClient.Get(context.Context, string, string, *AlertDefinitionsClientGetOptions) (AlertDefinitionsClientGetResponse, error)` +- New function `*AlertDefinitionsClient.NewListForScopePager(string, *AlertDefinitionsClientListForScopeOptions) *runtime.Pager[AlertDefinitionsClientListForScopeResponse]` +- New function `*AlertIncidentProperties.GetAlertIncidentProperties() *AlertIncidentProperties` +- New function `NewAlertIncidentsClient(azcore.TokenCredential, *arm.ClientOptions) (*AlertIncidentsClient, error)` +- New function `*AlertIncidentsClient.Get(context.Context, string, string, string, *AlertIncidentsClientGetOptions) (AlertIncidentsClientGetResponse, error)` +- New function `*AlertIncidentsClient.NewListForScopePager(string, string, *AlertIncidentsClientListForScopeOptions) *runtime.Pager[AlertIncidentsClientListForScopeResponse]` +- New function `*AlertIncidentsClient.Remediate(context.Context, string, string, string, *AlertIncidentsClientRemediateOptions) (AlertIncidentsClientRemediateResponse, error)` +- New function `NewAlertOperationClient(azcore.TokenCredential, *arm.ClientOptions) (*AlertOperationClient, error)` +- New function `*AlertOperationClient.Get(context.Context, string, string, *AlertOperationClientGetOptions) (AlertOperationClientGetResponse, error)` +- New function `NewAlertsClient(azcore.TokenCredential, *arm.ClientOptions) (*AlertsClient, error)` +- New function `*AlertsClient.Get(context.Context, string, string, *AlertsClientGetOptions) (AlertsClientGetResponse, error)` +- New function `*AlertsClient.NewListForScopePager(string, *AlertsClientListForScopeOptions) *runtime.Pager[AlertsClientListForScopeResponse]` +- New function `*AlertsClient.BeginRefresh(context.Context, string, string, *AlertsClientBeginRefreshOptions) (*runtime.Poller[AlertsClientRefreshResponse], error)` +- New function `*AlertsClient.BeginRefreshAll(context.Context, string, *AlertsClientBeginRefreshAllOptions) (*runtime.Poller[AlertsClientRefreshAllResponse], error)` +- New function `*AlertsClient.Update(context.Context, string, string, Alert, *AlertsClientUpdateOptions) (AlertsClientUpdateResponse, error)` +- New function `*AzureRolesAssignedOutsidePimAlertConfigurationProperties.GetAlertConfigurationProperties() *AlertConfigurationProperties` +- New function `*AzureRolesAssignedOutsidePimAlertIncidentProperties.GetAlertIncidentProperties() *AlertIncidentProperties` +- New function `*ClientFactory.NewAccessReviewDefaultSettingsClient() *AccessReviewDefaultSettingsClient` +- New function `*ClientFactory.NewAccessReviewHistoryDefinitionClient() *AccessReviewHistoryDefinitionClient` +- New function `*ClientFactory.NewAccessReviewHistoryDefinitionInstanceClient() *AccessReviewHistoryDefinitionInstanceClient` +- New function `*ClientFactory.NewAccessReviewHistoryDefinitionInstancesClient() *AccessReviewHistoryDefinitionInstancesClient` +- New function `*ClientFactory.NewAccessReviewHistoryDefinitionsClient() *AccessReviewHistoryDefinitionsClient` +- New function `*ClientFactory.NewAccessReviewInstanceClient() *AccessReviewInstanceClient` +- New function `*ClientFactory.NewAccessReviewInstanceContactedReviewersClient() *AccessReviewInstanceContactedReviewersClient` +- New function `*ClientFactory.NewAccessReviewInstanceDecisionsClient() *AccessReviewInstanceDecisionsClient` +- New function `*ClientFactory.NewAccessReviewInstanceMyDecisionsClient() *AccessReviewInstanceMyDecisionsClient` +- New function `*ClientFactory.NewAccessReviewInstancesAssignedForMyApprovalClient() *AccessReviewInstancesAssignedForMyApprovalClient` +- New function `*ClientFactory.NewAccessReviewInstancesClient() *AccessReviewInstancesClient` +- New function `*ClientFactory.NewAccessReviewScheduleDefinitionsAssignedForMyApprovalClient() *AccessReviewScheduleDefinitionsAssignedForMyApprovalClient` +- New function `*ClientFactory.NewAccessReviewScheduleDefinitionsClient() *AccessReviewScheduleDefinitionsClient` +- New function `*ClientFactory.NewAlertConfigurationsClient() *AlertConfigurationsClient` +- New function `*ClientFactory.NewAlertDefinitionsClient() *AlertDefinitionsClient` +- New function `*ClientFactory.NewAlertIncidentsClient() *AlertIncidentsClient` +- New function `*ClientFactory.NewAlertOperationClient() *AlertOperationClient` +- New function `*ClientFactory.NewAlertsClient() *AlertsClient` +- New function `*ClientFactory.NewOperationsClient() *OperationsClient` +- New function `*ClientFactory.NewScopeAccessReviewDefaultSettingsClient() *ScopeAccessReviewDefaultSettingsClient` +- New function `*ClientFactory.NewScopeAccessReviewHistoryDefinitionClient() *ScopeAccessReviewHistoryDefinitionClient` +- New function `*ClientFactory.NewScopeAccessReviewHistoryDefinitionInstanceClient() *ScopeAccessReviewHistoryDefinitionInstanceClient` +- New function `*ClientFactory.NewScopeAccessReviewHistoryDefinitionInstancesClient() *ScopeAccessReviewHistoryDefinitionInstancesClient` +- New function `*ClientFactory.NewScopeAccessReviewHistoryDefinitionsClient() *ScopeAccessReviewHistoryDefinitionsClient` +- New function `*ClientFactory.NewScopeAccessReviewInstanceClient() *ScopeAccessReviewInstanceClient` +- New function `*ClientFactory.NewScopeAccessReviewInstanceContactedReviewersClient() *ScopeAccessReviewInstanceContactedReviewersClient` +- New function `*ClientFactory.NewScopeAccessReviewInstanceDecisionsClient() *ScopeAccessReviewInstanceDecisionsClient` +- New function `*ClientFactory.NewScopeAccessReviewInstancesClient() *ScopeAccessReviewInstancesClient` +- New function `*ClientFactory.NewScopeAccessReviewScheduleDefinitionsClient() *ScopeAccessReviewScheduleDefinitionsClient` +- New function `*ClientFactory.NewTenantLevelAccessReviewInstanceContactedReviewersClient() *TenantLevelAccessReviewInstanceContactedReviewersClient` +- New function `*DuplicateRoleCreatedAlertConfigurationProperties.GetAlertConfigurationProperties() *AlertConfigurationProperties` +- New function `*DuplicateRoleCreatedAlertIncidentProperties.GetAlertIncidentProperties() *AlertIncidentProperties` +- New function `NewOperationsClient(azcore.TokenCredential, *arm.ClientOptions) (*OperationsClient, error)` +- New function `*OperationsClient.NewListPager(*OperationsClientListOptions) *runtime.Pager[OperationsClientListResponse]` +- New function `NewScopeAccessReviewDefaultSettingsClient(azcore.TokenCredential, *arm.ClientOptions) (*ScopeAccessReviewDefaultSettingsClient, error)` +- New function `*ScopeAccessReviewDefaultSettingsClient.Get(context.Context, string, *ScopeAccessReviewDefaultSettingsClientGetOptions) (ScopeAccessReviewDefaultSettingsClientGetResponse, error)` +- New function `*ScopeAccessReviewDefaultSettingsClient.Put(context.Context, string, AccessReviewScheduleSettings, *ScopeAccessReviewDefaultSettingsClientPutOptions) (ScopeAccessReviewDefaultSettingsClientPutResponse, error)` +- New function `NewScopeAccessReviewHistoryDefinitionClient(azcore.TokenCredential, *arm.ClientOptions) (*ScopeAccessReviewHistoryDefinitionClient, error)` +- New function `*ScopeAccessReviewHistoryDefinitionClient.Create(context.Context, string, string, AccessReviewHistoryDefinitionProperties, *ScopeAccessReviewHistoryDefinitionClientCreateOptions) (ScopeAccessReviewHistoryDefinitionClientCreateResponse, error)` +- New function `*ScopeAccessReviewHistoryDefinitionClient.DeleteByID(context.Context, string, string, *ScopeAccessReviewHistoryDefinitionClientDeleteByIDOptions) (ScopeAccessReviewHistoryDefinitionClientDeleteByIDResponse, error)` +- New function `NewScopeAccessReviewHistoryDefinitionInstanceClient(azcore.TokenCredential, *arm.ClientOptions) (*ScopeAccessReviewHistoryDefinitionInstanceClient, error)` +- New function `*ScopeAccessReviewHistoryDefinitionInstanceClient.GenerateDownloadURI(context.Context, string, string, string, *ScopeAccessReviewHistoryDefinitionInstanceClientGenerateDownloadURIOptions) (ScopeAccessReviewHistoryDefinitionInstanceClientGenerateDownloadURIResponse, error)` +- New function `NewScopeAccessReviewHistoryDefinitionInstancesClient(azcore.TokenCredential, *arm.ClientOptions) (*ScopeAccessReviewHistoryDefinitionInstancesClient, error)` +- New function `*ScopeAccessReviewHistoryDefinitionInstancesClient.NewListPager(string, string, *ScopeAccessReviewHistoryDefinitionInstancesClientListOptions) *runtime.Pager[ScopeAccessReviewHistoryDefinitionInstancesClientListResponse]` +- New function `NewScopeAccessReviewHistoryDefinitionsClient(azcore.TokenCredential, *arm.ClientOptions) (*ScopeAccessReviewHistoryDefinitionsClient, error)` +- New function `*ScopeAccessReviewHistoryDefinitionsClient.GetByID(context.Context, string, string, *ScopeAccessReviewHistoryDefinitionsClientGetByIDOptions) (ScopeAccessReviewHistoryDefinitionsClientGetByIDResponse, error)` +- New function `*ScopeAccessReviewHistoryDefinitionsClient.NewListPager(string, *ScopeAccessReviewHistoryDefinitionsClientListOptions) *runtime.Pager[ScopeAccessReviewHistoryDefinitionsClientListResponse]` +- New function `NewScopeAccessReviewInstanceClient(azcore.TokenCredential, *arm.ClientOptions) (*ScopeAccessReviewInstanceClient, error)` +- New function `*ScopeAccessReviewInstanceClient.ApplyDecisions(context.Context, string, string, string, *ScopeAccessReviewInstanceClientApplyDecisionsOptions) (ScopeAccessReviewInstanceClientApplyDecisionsResponse, error)` +- New function `*ScopeAccessReviewInstanceClient.RecordAllDecisions(context.Context, string, string, string, RecordAllDecisionsProperties, *ScopeAccessReviewInstanceClientRecordAllDecisionsOptions) (ScopeAccessReviewInstanceClientRecordAllDecisionsResponse, error)` +- New function `*ScopeAccessReviewInstanceClient.ResetDecisions(context.Context, string, string, string, *ScopeAccessReviewInstanceClientResetDecisionsOptions) (ScopeAccessReviewInstanceClientResetDecisionsResponse, error)` +- New function `*ScopeAccessReviewInstanceClient.SendReminders(context.Context, string, string, string, *ScopeAccessReviewInstanceClientSendRemindersOptions) (ScopeAccessReviewInstanceClientSendRemindersResponse, error)` +- New function `*ScopeAccessReviewInstanceClient.Stop(context.Context, string, string, string, *ScopeAccessReviewInstanceClientStopOptions) (ScopeAccessReviewInstanceClientStopResponse, error)` +- New function `NewScopeAccessReviewInstanceContactedReviewersClient(azcore.TokenCredential, *arm.ClientOptions) (*ScopeAccessReviewInstanceContactedReviewersClient, error)` +- New function `*ScopeAccessReviewInstanceContactedReviewersClient.NewListPager(string, string, string, *ScopeAccessReviewInstanceContactedReviewersClientListOptions) *runtime.Pager[ScopeAccessReviewInstanceContactedReviewersClientListResponse]` +- New function `NewScopeAccessReviewInstanceDecisionsClient(azcore.TokenCredential, *arm.ClientOptions) (*ScopeAccessReviewInstanceDecisionsClient, error)` +- New function `*ScopeAccessReviewInstanceDecisionsClient.NewListPager(string, string, string, *ScopeAccessReviewInstanceDecisionsClientListOptions) *runtime.Pager[ScopeAccessReviewInstanceDecisionsClientListResponse]` +- New function `NewScopeAccessReviewInstancesClient(azcore.TokenCredential, *arm.ClientOptions) (*ScopeAccessReviewInstancesClient, error)` +- New function `*ScopeAccessReviewInstancesClient.Create(context.Context, string, string, string, AccessReviewInstanceProperties, *ScopeAccessReviewInstancesClientCreateOptions) (ScopeAccessReviewInstancesClientCreateResponse, error)` +- New function `*ScopeAccessReviewInstancesClient.GetByID(context.Context, string, string, string, *ScopeAccessReviewInstancesClientGetByIDOptions) (ScopeAccessReviewInstancesClientGetByIDResponse, error)` +- New function `*ScopeAccessReviewInstancesClient.NewListPager(string, string, *ScopeAccessReviewInstancesClientListOptions) *runtime.Pager[ScopeAccessReviewInstancesClientListResponse]` +- New function `NewScopeAccessReviewScheduleDefinitionsClient(azcore.TokenCredential, *arm.ClientOptions) (*ScopeAccessReviewScheduleDefinitionsClient, error)` +- New function `*ScopeAccessReviewScheduleDefinitionsClient.CreateOrUpdateByID(context.Context, string, string, AccessReviewScheduleDefinitionProperties, *ScopeAccessReviewScheduleDefinitionsClientCreateOrUpdateByIDOptions) (ScopeAccessReviewScheduleDefinitionsClientCreateOrUpdateByIDResponse, error)` +- New function `*ScopeAccessReviewScheduleDefinitionsClient.DeleteByID(context.Context, string, string, *ScopeAccessReviewScheduleDefinitionsClientDeleteByIDOptions) (ScopeAccessReviewScheduleDefinitionsClientDeleteByIDResponse, error)` +- New function `*ScopeAccessReviewScheduleDefinitionsClient.GetByID(context.Context, string, string, *ScopeAccessReviewScheduleDefinitionsClientGetByIDOptions) (ScopeAccessReviewScheduleDefinitionsClientGetByIDResponse, error)` +- New function `*ScopeAccessReviewScheduleDefinitionsClient.NewListPager(string, *ScopeAccessReviewScheduleDefinitionsClientListOptions) *runtime.Pager[ScopeAccessReviewScheduleDefinitionsClientListResponse]` +- New function `*ScopeAccessReviewScheduleDefinitionsClient.Stop(context.Context, string, string, *ScopeAccessReviewScheduleDefinitionsClientStopOptions) (ScopeAccessReviewScheduleDefinitionsClientStopResponse, error)` +- New function `NewTenantLevelAccessReviewInstanceContactedReviewersClient(azcore.TokenCredential, *arm.ClientOptions) (*TenantLevelAccessReviewInstanceContactedReviewersClient, error)` +- New function `*TenantLevelAccessReviewInstanceContactedReviewersClient.NewListPager(string, string, *TenantLevelAccessReviewInstanceContactedReviewersClientListOptions) *runtime.Pager[TenantLevelAccessReviewInstanceContactedReviewersClientListResponse]` +- New function `*TooManyOwnersAssignedToResourceAlertConfigurationProperties.GetAlertConfigurationProperties() *AlertConfigurationProperties` +- New function `*TooManyOwnersAssignedToResourceAlertIncidentProperties.GetAlertIncidentProperties() *AlertIncidentProperties` +- New function `*TooManyPermanentOwnersAssignedToResourceAlertConfigurationProperties.GetAlertConfigurationProperties() *AlertConfigurationProperties` +- New function `*TooManyPermanentOwnersAssignedToResourceAlertIncidentProperties.GetAlertIncidentProperties() *AlertIncidentProperties` +- New struct `AccessReviewActorIdentity` +- New struct `AccessReviewContactedReviewer` +- New struct `AccessReviewContactedReviewerListResult` +- New struct `AccessReviewContactedReviewerProperties` +- New struct `AccessReviewDecision` +- New struct `AccessReviewDecisionInsight` +- New struct `AccessReviewDecisionListResult` +- New struct `AccessReviewDecisionPrincipalResourceMembership` +- New struct `AccessReviewDecisionProperties` +- New struct `AccessReviewDecisionResource` +- New struct `AccessReviewDecisionServicePrincipalIdentity` +- New struct `AccessReviewDecisionUserIdentity` +- New struct `AccessReviewDecisionUserSignInInsightProperties` +- New struct `AccessReviewDefaultSettings` +- New struct `AccessReviewHistoryDefinition` +- New struct `AccessReviewHistoryDefinitionInstanceListResult` +- New struct `AccessReviewHistoryDefinitionListResult` +- New struct `AccessReviewHistoryDefinitionProperties` +- New struct `AccessReviewHistoryInstance` +- New struct `AccessReviewHistoryInstanceProperties` +- New struct `AccessReviewHistoryScheduleSettings` +- New struct `AccessReviewInstance` +- New struct `AccessReviewInstanceListResult` +- New struct `AccessReviewInstanceProperties` +- New struct `AccessReviewRecurrencePattern` +- New struct `AccessReviewRecurrenceRange` +- New struct `AccessReviewRecurrenceSettings` +- New struct `AccessReviewReviewer` +- New struct `AccessReviewScheduleDefinition` +- New struct `AccessReviewScheduleDefinitionListResult` +- New struct `AccessReviewScheduleDefinitionProperties` +- New struct `AccessReviewScheduleSettings` +- New struct `AccessReviewScope` +- New struct `Alert` +- New struct `AlertConfiguration` +- New struct `AlertConfigurationListResult` +- New struct `AlertDefinition` +- New struct `AlertDefinitionListResult` +- New struct `AlertDefinitionProperties` +- New struct `AlertIncident` +- New struct `AlertIncidentListResult` +- New struct `AlertListResult` +- New struct `AlertOperationResult` +- New struct `AlertProperties` +- New struct `AzureRolesAssignedOutsidePimAlertConfigurationProperties` +- New struct `AzureRolesAssignedOutsidePimAlertIncidentProperties` +- New struct `DuplicateRoleCreatedAlertConfigurationProperties` +- New struct `DuplicateRoleCreatedAlertIncidentProperties` +- New struct `ErrorDefinition` +- New struct `ErrorDefinitionProperties` +- New struct `Operation` +- New struct `OperationDisplay` +- New struct `OperationListResult` +- New struct `RecordAllDecisionsProperties` +- New struct `TooManyOwnersAssignedToResourceAlertConfigurationProperties` +- New struct `TooManyOwnersAssignedToResourceAlertIncidentProperties` +- New struct `TooManyPermanentOwnersAssignedToResourceAlertConfigurationProperties` +- New struct `TooManyPermanentOwnersAssignedToResourceAlertIncidentProperties` +- New field `Condition`, `ConditionVersion`, `CreatedBy`, `CreatedOn`, `UpdatedBy`, `UpdatedOn` in struct `DenyAssignmentProperties` +- New field `Condition`, `ConditionVersion` in struct `Permission` +- New field `CreatedBy`, `CreatedOn`, `UpdatedBy`, `UpdatedOn` in struct `RoleDefinitionProperties` + + +## 2.1.1 (2023-04-14) +### Bug Fixes + +- Fix serialization bug of empty value of `any` type. + +## 2.1.0 (2023-03-27) +### Features Added + +- New struct `ClientFactory` which is a client factory used to create any client in this module + + +## 2.0.0 (2022-09-26) +### Breaking Changes + +- Function `*RoleAssignmentsClient.NewListForResourcePager` parameter(s) have been changed from `(string, string, string, string, string, *RoleAssignmentsClientListForResourceOptions)` to `(string, string, string, string, *RoleAssignmentsClientListForResourceOptions)` +- Type of `RoleAssignment.Properties` has been changed from `*RoleAssignmentPropertiesWithScope` to `*RoleAssignmentProperties` +- Function `*RoleAssignmentsClient.NewListPager` has been renamed to `*RoleAssignmentsClient.NewListForSubscriptionPager` + +### Features Added + +- New function `*DenyAssignmentsClient.Get(context.Context, string, string, *DenyAssignmentsClientGetOptions) (DenyAssignmentsClientGetResponse, error)` +- New function `*DenyAssignmentsClient.NewListForScopePager(string, *DenyAssignmentsClientListForScopeOptions) *runtime.Pager[DenyAssignmentsClientListForScopeResponse]` +- New function `*DenyAssignmentsClient.NewListForResourcePager(string, string, string, string, string, *DenyAssignmentsClientListForResourceOptions) *runtime.Pager[DenyAssignmentsClientListForResourceResponse]` +- New function `*DenyAssignmentsClient.NewListForResourceGroupPager(string, *DenyAssignmentsClientListForResourceGroupOptions) *runtime.Pager[DenyAssignmentsClientListForResourceGroupResponse]` +- New function `*DenyAssignmentsClient.GetByID(context.Context, string, *DenyAssignmentsClientGetByIDOptions) (DenyAssignmentsClientGetByIDResponse, error)` +- New function `*DenyAssignmentsClient.NewListPager(*DenyAssignmentsClientListOptions) *runtime.Pager[DenyAssignmentsClientListResponse]` +- New function `NewDenyAssignmentsClient(string, azcore.TokenCredential, *arm.ClientOptions) (*DenyAssignmentsClient, error)` +- New struct `DenyAssignment` +- New struct `DenyAssignmentFilter` +- New struct `DenyAssignmentListResult` +- New struct `DenyAssignmentPermission` +- New struct `DenyAssignmentProperties` +- New struct `DenyAssignmentsClient` +- New struct `DenyAssignmentsClientGetByIDOptions` +- New struct `DenyAssignmentsClientGetByIDResponse` +- New struct `DenyAssignmentsClientGetOptions` +- New struct `DenyAssignmentsClientGetResponse` +- New struct `DenyAssignmentsClientListForResourceGroupOptions` +- New struct `DenyAssignmentsClientListForResourceGroupResponse` +- New struct `DenyAssignmentsClientListForResourceOptions` +- New struct `DenyAssignmentsClientListForResourceResponse` +- New struct `DenyAssignmentsClientListForScopeOptions` +- New struct `DenyAssignmentsClientListForScopeResponse` +- New struct `DenyAssignmentsClientListOptions` +- New struct `DenyAssignmentsClientListResponse` +- New struct `ValidationResponse` +- New struct `ValidationResponseErrorInfo` +- New field `TenantID` in struct `RoleAssignmentsClientGetByIDOptions` +- New field `DataActions` in struct `Permission` +- New field `NotDataActions` in struct `Permission` +- New field `TenantID` in struct `RoleAssignmentsClientListForResourceOptions` +- New field `UpdatedBy` in struct `RoleAssignmentProperties` +- New field `Condition` in struct `RoleAssignmentProperties` +- New field `CreatedOn` in struct `RoleAssignmentProperties` +- New field `UpdatedOn` in struct `RoleAssignmentProperties` +- New field `CreatedBy` in struct `RoleAssignmentProperties` +- New field `ConditionVersion` in struct `RoleAssignmentProperties` +- New field `DelegatedManagedIdentityResourceID` in struct `RoleAssignmentProperties` +- New field `Description` in struct `RoleAssignmentProperties` +- New field `PrincipalType` in struct `RoleAssignmentProperties` +- New field `Scope` in struct `RoleAssignmentProperties` +- New field `TenantID` in struct `RoleAssignmentsClientDeleteByIDOptions` +- New field `IsDataAction` in struct `ProviderOperation` +- New field `TenantID` in struct `RoleAssignmentsClientDeleteOptions` +- New field `Type` in struct `RoleDefinitionFilter` +- New field `TenantID` in struct `RoleAssignmentsClientListForResourceGroupOptions` +- New field `TenantID` in struct `RoleAssignmentsClientGetOptions` +- New field `SkipToken` in struct `RoleAssignmentsClientListForScopeOptions` +- New field `TenantID` in struct `RoleAssignmentsClientListForScopeOptions` + + +## 1.0.0 (2022-06-02) + +The package of `github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization` is using our [next generation design principles](https://azure.github.io/azure-sdk/general_introduction.html) since version 1.0.0, which contains breaking changes. + +To migrate the existing applications to the latest version, please refer to [Migration Guide](https://aka.ms/azsdk/go/mgmt/migration). + +To learn more, please refer to our documentation [Quick Start](https://aka.ms/azsdk/go/mgmt). diff --git a/vendor/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3/LICENSE.txt b/vendor/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3/LICENSE.txt new file mode 100644 index 00000000000..dc0c2ffb3dc --- /dev/null +++ b/vendor/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3/LICENSE.txt @@ -0,0 +1,21 @@ +MIT License + +Copyright (c) Microsoft Corporation. All rights reserved. + +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is +furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in all +copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE +SOFTWARE. \ No newline at end of file diff --git a/vendor/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3/README.md b/vendor/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3/README.md new file mode 100644 index 00000000000..84ccf4ab1f4 --- /dev/null +++ b/vendor/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3/README.md @@ -0,0 +1,170 @@ +# Azure Authorization Module for Go + +[![PkgGoDev](https://pkg.go.dev/badge/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization)](https://pkg.go.dev/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization) + +The `armauthorization` module provides operations for working with Azure Authorization. + +[Source code](https://github.com/Azure/azure-sdk-for-go/tree/main/sdk/resourcemanager/authorization/armauthorization) + +# Getting started + +## Prerequisites + +- an [Azure subscription](https://azure.microsoft.com/free/) +- Go 1.18 or above (You could download and install the latest version of Go from [here](https://go.dev/doc/install). It will replace the existing Go on your machine. If you want to install multiple Go versions on the same machine, you could refer this [doc](https://go.dev/doc/manage-install).) + +## Install the package + +This project uses [Go modules](https://github.com/golang/go/wiki/Modules) for versioning and dependency management. + +Install the Azure Authorization module: + +```sh +go get github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization +``` + +## Authorization + +When creating a client, you will need to provide a credential for authenticating with Azure Authorization. The `azidentity` module provides facilities for various ways of authenticating with Azure including client/secret, certificate, managed identity, and more. + +```go +cred, err := azidentity.NewDefaultAzureCredential(nil) +``` + +For more information on authentication, please see the documentation for `azidentity` at [pkg.go.dev/github.com/Azure/azure-sdk-for-go/sdk/azidentity](https://pkg.go.dev/github.com/Azure/azure-sdk-for-go/sdk/azidentity). + +## Client Factory + +Azure Authorization module consists of one or more clients. We provide a client factory which could be used to create any client in this module. + +```go +clientFactory, err := armauthorization.NewClientFactory(, cred, nil) +``` + +You can use `ClientOptions` in package `github.com/Azure/azure-sdk-for-go/sdk/azcore/arm` to set endpoint to connect with public and sovereign clouds as well as Azure Stack. For more information, please see the documentation for `azcore` at [pkg.go.dev/github.com/Azure/azure-sdk-for-go/sdk/azcore](https://pkg.go.dev/github.com/Azure/azure-sdk-for-go/sdk/azcore). + +```go +options := arm.ClientOptions { + ClientOptions: azcore.ClientOptions { + Cloud: cloud.AzureChina, + }, +} +clientFactory, err := armauthorization.NewClientFactory(, cred, &options) +``` + +## Client Factory + +Azure XXX module consists of one or more clients. We provide a client factory which could be used to create any client in this module. + +```go +clientFactory, err := armX.NewClientFactory(, cred, nil) +``` + +You can use `ClientOptions` in package `github.com/Azure/azure-sdk-for-go/sdk/azcore/arm` to set endpoint to connect with public and sovereign clouds as well as Azure Stack. For more information, please see the documentation for `azcore` at [pkg.go.dev/github.com/Azure/azure-sdk-for-go/sdk/azcore](https://pkg.go.dev/github.com/Azure/azure-sdk-for-go/sdk/azcore). + +```go +options := arm.ClientOptions { + ClientOptions: azcore.ClientOptions { + Cloud: cloud.AzureChina, + }, +} +clientFactory, err := armX.NewClientFactory(, cred, &options) +``` + +## Clients + +A client groups a set of related APIs, providing access to its functionality. Create one or more clients to access the APIs you require using client factory. + +```go +client := clientFactory.NewXClient() + +[![PkgGoDev](https://pkg.go.dev/badge/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization)](https://pkg.go.dev/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization) + +The `armauthorization` module provides operations for working with Azure Authorization. + +[Source code](https://github.com/Azure/azure-sdk-for-go/tree/main/sdk/resourcemanager/authorization/armauthorization) + +# Getting started + +## Prerequisites + +- an [Azure subscription](https://azure.microsoft.com/free/) +- Go 1.18 or above (You could download and install the latest version of Go from [here](https://go.dev/doc/install). It will replace the existing Go on your machine. If you want to install multiple Go versions on the same machine, you could refer this [doc](https://go.dev/doc/manage-install).) + +## Install the package + +This project uses [Go modules](https://github.com/golang/go/wiki/Modules) for versioning and dependency management. + +Install the Azure Authorization module: + +```sh +go get github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization +``` + +## Fakes + +The fake package contains types used for constructing in-memory fake servers used in unit tests. +This allows writing tests to cover various success/error conditions without the need for connecting to a live service. + +Please see https://github.com/Azure/azure-sdk-for-go/tree/main/sdk/samples/fakes for details and examples on how to use fakes. + +## Authorization + +When creating a client, you will need to provide a credential for authenticating with Azure Authorization. The `azidentity` module provides facilities for various ways of authenticating with Azure including client/secret, certificate, managed identity, and more. + +```go +cred, err := azidentity.NewDefaultAzureCredential(nil) +``` + +For more information on authentication, please see the documentation for `azidentity` at [pkg.go.dev/github.com/Azure/azure-sdk-for-go/sdk/azidentity](https://pkg.go.dev/github.com/Azure/azure-sdk-for-go/sdk/azidentity). + +## Client Factory + +Azure Authorization module consists of one or more clients. We provide a client factory which could be used to create any client in this module. + +```go +clientFactory, err := armauthorization.NewClientFactory(, cred, nil) +``` + +You can use `ClientOptions` in package `github.com/Azure/azure-sdk-for-go/sdk/azcore/arm` to set endpoint to connect with public and sovereign clouds as well as Azure Stack. For more information, please see the documentation for `azcore` at [pkg.go.dev/github.com/Azure/azure-sdk-for-go/sdk/azcore](https://pkg.go.dev/github.com/Azure/azure-sdk-for-go/sdk/azcore). + +```go +options := arm.ClientOptions { + ClientOptions: azcore.ClientOptions { + Cloud: cloud.AzureChina, + }, +} +clientFactory, err := armauthorization.NewClientFactory(, cred, &options) +``` + +## Clients + +A client groups a set of related APIs, providing access to its functionality. Create one or more clients to access the APIs you require using client factory. + +```go +client := clientFactory.NewPermissionsClient() +``` + +## Provide Feedback + +If you encounter bugs or have suggestions, please +[open an issue](https://github.com/Azure/azure-sdk-for-go/issues) and assign the `Authorization` label. + +# Contributing + +This project welcomes contributions and suggestions. Most contributions require +you to agree to a Contributor License Agreement (CLA) declaring that you have +the right to, and actually do, grant us the rights to use your contribution. +For details, visit [https://cla.microsoft.com](https://cla.microsoft.com). + +When you submit a pull request, a CLA-bot will automatically determine whether +you need to provide a CLA and decorate the PR appropriately (e.g., label, +comment). Simply follow the instructions provided by the bot. You will only +need to do this once across all repos using our CLA. + +This project has adopted the +[Microsoft Open Source Code of Conduct](https://opensource.microsoft.com/codeofconduct/). +For more information, see the +[Code of Conduct FAQ](https://opensource.microsoft.com/codeofconduct/faq/) +or contact [opencode@microsoft.com](mailto:opencode@microsoft.com) with any +additional questions or comments. \ No newline at end of file diff --git a/vendor/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3/accessreviewdefaultsettings_client.go b/vendor/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3/accessreviewdefaultsettings_client.go new file mode 100644 index 00000000000..3a188e626fa --- /dev/null +++ b/vendor/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3/accessreviewdefaultsettings_client.go @@ -0,0 +1,158 @@ +//go:build go1.18 +// +build go1.18 + +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package armauthorization + +import ( + "context" + "errors" + "github.com/Azure/azure-sdk-for-go/sdk/azcore" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/arm" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/policy" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "net/http" + "net/url" + "strings" +) + +// AccessReviewDefaultSettingsClient contains the methods for the AccessReviewDefaultSettings group. +// Don't use this type directly, use NewAccessReviewDefaultSettingsClient() instead. +type AccessReviewDefaultSettingsClient struct { + internal *arm.Client + subscriptionID string +} + +// NewAccessReviewDefaultSettingsClient creates a new instance of AccessReviewDefaultSettingsClient with the specified values. +// - subscriptionID - The ID of the target subscription. +// - credential - used to authorize requests. Usually a credential from azidentity. +// - options - pass nil to accept the default values. +func NewAccessReviewDefaultSettingsClient(subscriptionID string, credential azcore.TokenCredential, options *arm.ClientOptions) (*AccessReviewDefaultSettingsClient, error) { + cl, err := arm.NewClient(moduleName, moduleVersion, credential, options) + if err != nil { + return nil, err + } + client := &AccessReviewDefaultSettingsClient{ + subscriptionID: subscriptionID, + internal: cl, + } + return client, nil +} + +// Get - Get access review default settings for the subscription +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2021-12-01-preview +// - options - AccessReviewDefaultSettingsClientGetOptions contains the optional parameters for the AccessReviewDefaultSettingsClient.Get +// method. +func (client *AccessReviewDefaultSettingsClient) Get(ctx context.Context, options *AccessReviewDefaultSettingsClientGetOptions) (AccessReviewDefaultSettingsClientGetResponse, error) { + var err error + const operationName = "AccessReviewDefaultSettingsClient.Get" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.getCreateRequest(ctx, options) + if err != nil { + return AccessReviewDefaultSettingsClientGetResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return AccessReviewDefaultSettingsClientGetResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK) { + err = runtime.NewResponseError(httpResp) + return AccessReviewDefaultSettingsClientGetResponse{}, err + } + resp, err := client.getHandleResponse(httpResp) + return resp, err +} + +// getCreateRequest creates the Get request. +func (client *AccessReviewDefaultSettingsClient) getCreateRequest(ctx context.Context, options *AccessReviewDefaultSettingsClientGetOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/providers/Microsoft.Authorization/accessReviewScheduleSettings/default" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2021-12-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// getHandleResponse handles the Get response. +func (client *AccessReviewDefaultSettingsClient) getHandleResponse(resp *http.Response) (AccessReviewDefaultSettingsClientGetResponse, error) { + result := AccessReviewDefaultSettingsClientGetResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.AccessReviewDefaultSettings); err != nil { + return AccessReviewDefaultSettingsClientGetResponse{}, err + } + return result, nil +} + +// Put - Get access review default settings for the subscription +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2021-12-01-preview +// - properties - Access review schedule settings. +// - options - AccessReviewDefaultSettingsClientPutOptions contains the optional parameters for the AccessReviewDefaultSettingsClient.Put +// method. +func (client *AccessReviewDefaultSettingsClient) Put(ctx context.Context, properties AccessReviewScheduleSettings, options *AccessReviewDefaultSettingsClientPutOptions) (AccessReviewDefaultSettingsClientPutResponse, error) { + var err error + const operationName = "AccessReviewDefaultSettingsClient.Put" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.putCreateRequest(ctx, properties, options) + if err != nil { + return AccessReviewDefaultSettingsClientPutResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return AccessReviewDefaultSettingsClientPutResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK) { + err = runtime.NewResponseError(httpResp) + return AccessReviewDefaultSettingsClientPutResponse{}, err + } + resp, err := client.putHandleResponse(httpResp) + return resp, err +} + +// putCreateRequest creates the Put request. +func (client *AccessReviewDefaultSettingsClient) putCreateRequest(ctx context.Context, properties AccessReviewScheduleSettings, options *AccessReviewDefaultSettingsClientPutOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/providers/Microsoft.Authorization/accessReviewScheduleSettings/default" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + req, err := runtime.NewRequest(ctx, http.MethodPut, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2021-12-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + if err := runtime.MarshalAsJSON(req, properties); err != nil { + return nil, err + } + return req, nil +} + +// putHandleResponse handles the Put response. +func (client *AccessReviewDefaultSettingsClient) putHandleResponse(resp *http.Response) (AccessReviewDefaultSettingsClientPutResponse, error) { + result := AccessReviewDefaultSettingsClientPutResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.AccessReviewDefaultSettings); err != nil { + return AccessReviewDefaultSettingsClientPutResponse{}, err + } + return result, nil +} diff --git a/vendor/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3/accessreviewhistorydefinition_client.go b/vendor/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3/accessreviewhistorydefinition_client.go new file mode 100644 index 00000000000..efd64bf2388 --- /dev/null +++ b/vendor/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3/accessreviewhistorydefinition_client.go @@ -0,0 +1,158 @@ +//go:build go1.18 +// +build go1.18 + +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package armauthorization + +import ( + "context" + "errors" + "github.com/Azure/azure-sdk-for-go/sdk/azcore" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/arm" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/policy" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "net/http" + "net/url" + "strings" +) + +// AccessReviewHistoryDefinitionClient contains the methods for the AccessReviewHistoryDefinition group. +// Don't use this type directly, use NewAccessReviewHistoryDefinitionClient() instead. +type AccessReviewHistoryDefinitionClient struct { + internal *arm.Client + subscriptionID string +} + +// NewAccessReviewHistoryDefinitionClient creates a new instance of AccessReviewHistoryDefinitionClient with the specified values. +// - subscriptionID - The ID of the target subscription. +// - credential - used to authorize requests. Usually a credential from azidentity. +// - options - pass nil to accept the default values. +func NewAccessReviewHistoryDefinitionClient(subscriptionID string, credential azcore.TokenCredential, options *arm.ClientOptions) (*AccessReviewHistoryDefinitionClient, error) { + cl, err := arm.NewClient(moduleName, moduleVersion, credential, options) + if err != nil { + return nil, err + } + client := &AccessReviewHistoryDefinitionClient{ + subscriptionID: subscriptionID, + internal: cl, + } + return client, nil +} + +// Create - Create a scheduled or one-time Access Review History Definition +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2021-12-01-preview +// - historyDefinitionID - The id of the access review history definition. +// - properties - Access review history definition properties. +// - options - AccessReviewHistoryDefinitionClientCreateOptions contains the optional parameters for the AccessReviewHistoryDefinitionClient.Create +// method. +func (client *AccessReviewHistoryDefinitionClient) Create(ctx context.Context, historyDefinitionID string, properties AccessReviewHistoryDefinitionProperties, options *AccessReviewHistoryDefinitionClientCreateOptions) (AccessReviewHistoryDefinitionClientCreateResponse, error) { + var err error + const operationName = "AccessReviewHistoryDefinitionClient.Create" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.createCreateRequest(ctx, historyDefinitionID, properties, options) + if err != nil { + return AccessReviewHistoryDefinitionClientCreateResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return AccessReviewHistoryDefinitionClientCreateResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK) { + err = runtime.NewResponseError(httpResp) + return AccessReviewHistoryDefinitionClientCreateResponse{}, err + } + resp, err := client.createHandleResponse(httpResp) + return resp, err +} + +// createCreateRequest creates the Create request. +func (client *AccessReviewHistoryDefinitionClient) createCreateRequest(ctx context.Context, historyDefinitionID string, properties AccessReviewHistoryDefinitionProperties, options *AccessReviewHistoryDefinitionClientCreateOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/providers/Microsoft.Authorization/accessReviewHistoryDefinitions/{historyDefinitionId}" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if historyDefinitionID == "" { + return nil, errors.New("parameter historyDefinitionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{historyDefinitionId}", url.PathEscape(historyDefinitionID)) + req, err := runtime.NewRequest(ctx, http.MethodPut, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2021-12-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + if err := runtime.MarshalAsJSON(req, properties); err != nil { + return nil, err + } + return req, nil +} + +// createHandleResponse handles the Create response. +func (client *AccessReviewHistoryDefinitionClient) createHandleResponse(resp *http.Response) (AccessReviewHistoryDefinitionClientCreateResponse, error) { + result := AccessReviewHistoryDefinitionClientCreateResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.AccessReviewHistoryDefinition); err != nil { + return AccessReviewHistoryDefinitionClientCreateResponse{}, err + } + return result, nil +} + +// DeleteByID - Delete an access review history definition +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2021-12-01-preview +// - historyDefinitionID - The id of the access review history definition. +// - options - AccessReviewHistoryDefinitionClientDeleteByIDOptions contains the optional parameters for the AccessReviewHistoryDefinitionClient.DeleteByID +// method. +func (client *AccessReviewHistoryDefinitionClient) DeleteByID(ctx context.Context, historyDefinitionID string, options *AccessReviewHistoryDefinitionClientDeleteByIDOptions) (AccessReviewHistoryDefinitionClientDeleteByIDResponse, error) { + var err error + const operationName = "AccessReviewHistoryDefinitionClient.DeleteByID" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.deleteByIDCreateRequest(ctx, historyDefinitionID, options) + if err != nil { + return AccessReviewHistoryDefinitionClientDeleteByIDResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return AccessReviewHistoryDefinitionClientDeleteByIDResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK, http.StatusNoContent) { + err = runtime.NewResponseError(httpResp) + return AccessReviewHistoryDefinitionClientDeleteByIDResponse{}, err + } + return AccessReviewHistoryDefinitionClientDeleteByIDResponse{}, nil +} + +// deleteByIDCreateRequest creates the DeleteByID request. +func (client *AccessReviewHistoryDefinitionClient) deleteByIDCreateRequest(ctx context.Context, historyDefinitionID string, options *AccessReviewHistoryDefinitionClientDeleteByIDOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/providers/Microsoft.Authorization/accessReviewHistoryDefinitions/{historyDefinitionId}" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if historyDefinitionID == "" { + return nil, errors.New("parameter historyDefinitionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{historyDefinitionId}", url.PathEscape(historyDefinitionID)) + req, err := runtime.NewRequest(ctx, http.MethodDelete, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2021-12-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} diff --git a/vendor/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3/accessreviewhistorydefinitioninstance_client.go b/vendor/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3/accessreviewhistorydefinitioninstance_client.go new file mode 100644 index 00000000000..10219d4217f --- /dev/null +++ b/vendor/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3/accessreviewhistorydefinitioninstance_client.go @@ -0,0 +1,110 @@ +//go:build go1.18 +// +build go1.18 + +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package armauthorization + +import ( + "context" + "errors" + "github.com/Azure/azure-sdk-for-go/sdk/azcore" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/arm" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/policy" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "net/http" + "net/url" + "strings" +) + +// AccessReviewHistoryDefinitionInstanceClient contains the methods for the AccessReviewHistoryDefinitionInstance group. +// Don't use this type directly, use NewAccessReviewHistoryDefinitionInstanceClient() instead. +type AccessReviewHistoryDefinitionInstanceClient struct { + internal *arm.Client + subscriptionID string +} + +// NewAccessReviewHistoryDefinitionInstanceClient creates a new instance of AccessReviewHistoryDefinitionInstanceClient with the specified values. +// - subscriptionID - The ID of the target subscription. +// - credential - used to authorize requests. Usually a credential from azidentity. +// - options - pass nil to accept the default values. +func NewAccessReviewHistoryDefinitionInstanceClient(subscriptionID string, credential azcore.TokenCredential, options *arm.ClientOptions) (*AccessReviewHistoryDefinitionInstanceClient, error) { + cl, err := arm.NewClient(moduleName, moduleVersion, credential, options) + if err != nil { + return nil, err + } + client := &AccessReviewHistoryDefinitionInstanceClient{ + subscriptionID: subscriptionID, + internal: cl, + } + return client, nil +} + +// GenerateDownloadURI - Generates a uri which can be used to retrieve review history data. This URI has a TTL of 1 day and +// can be retrieved by fetching the accessReviewHistoryDefinition object. +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2021-12-01-preview +// - historyDefinitionID - The id of the access review history definition. +// - instanceID - The id of the access review history definition instance to generate a URI for. +// - options - AccessReviewHistoryDefinitionInstanceClientGenerateDownloadURIOptions contains the optional parameters for the +// AccessReviewHistoryDefinitionInstanceClient.GenerateDownloadURI method. +func (client *AccessReviewHistoryDefinitionInstanceClient) GenerateDownloadURI(ctx context.Context, historyDefinitionID string, instanceID string, options *AccessReviewHistoryDefinitionInstanceClientGenerateDownloadURIOptions) (AccessReviewHistoryDefinitionInstanceClientGenerateDownloadURIResponse, error) { + var err error + const operationName = "AccessReviewHistoryDefinitionInstanceClient.GenerateDownloadURI" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.generateDownloadURICreateRequest(ctx, historyDefinitionID, instanceID, options) + if err != nil { + return AccessReviewHistoryDefinitionInstanceClientGenerateDownloadURIResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return AccessReviewHistoryDefinitionInstanceClientGenerateDownloadURIResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK) { + err = runtime.NewResponseError(httpResp) + return AccessReviewHistoryDefinitionInstanceClientGenerateDownloadURIResponse{}, err + } + resp, err := client.generateDownloadURIHandleResponse(httpResp) + return resp, err +} + +// generateDownloadURICreateRequest creates the GenerateDownloadURI request. +func (client *AccessReviewHistoryDefinitionInstanceClient) generateDownloadURICreateRequest(ctx context.Context, historyDefinitionID string, instanceID string, options *AccessReviewHistoryDefinitionInstanceClientGenerateDownloadURIOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/providers/Microsoft.Authorization/accessReviewHistoryDefinitions/{historyDefinitionId}/instances/{instanceId}/generateDownloadUri" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if historyDefinitionID == "" { + return nil, errors.New("parameter historyDefinitionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{historyDefinitionId}", url.PathEscape(historyDefinitionID)) + if instanceID == "" { + return nil, errors.New("parameter instanceID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{instanceId}", url.PathEscape(instanceID)) + req, err := runtime.NewRequest(ctx, http.MethodPost, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2021-12-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// generateDownloadURIHandleResponse handles the GenerateDownloadURI response. +func (client *AccessReviewHistoryDefinitionInstanceClient) generateDownloadURIHandleResponse(resp *http.Response) (AccessReviewHistoryDefinitionInstanceClientGenerateDownloadURIResponse, error) { + result := AccessReviewHistoryDefinitionInstanceClientGenerateDownloadURIResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.AccessReviewHistoryInstance); err != nil { + return AccessReviewHistoryDefinitionInstanceClientGenerateDownloadURIResponse{}, err + } + return result, nil +} diff --git a/vendor/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3/accessreviewhistorydefinitioninstances_client.go b/vendor/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3/accessreviewhistorydefinitioninstances_client.go new file mode 100644 index 00000000000..d49b23164b5 --- /dev/null +++ b/vendor/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3/accessreviewhistorydefinitioninstances_client.go @@ -0,0 +1,104 @@ +//go:build go1.18 +// +build go1.18 + +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package armauthorization + +import ( + "context" + "errors" + "github.com/Azure/azure-sdk-for-go/sdk/azcore" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/arm" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/policy" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "net/http" + "net/url" + "strings" +) + +// AccessReviewHistoryDefinitionInstancesClient contains the methods for the AccessReviewHistoryDefinitionInstances group. +// Don't use this type directly, use NewAccessReviewHistoryDefinitionInstancesClient() instead. +type AccessReviewHistoryDefinitionInstancesClient struct { + internal *arm.Client + subscriptionID string +} + +// NewAccessReviewHistoryDefinitionInstancesClient creates a new instance of AccessReviewHistoryDefinitionInstancesClient with the specified values. +// - subscriptionID - The ID of the target subscription. +// - credential - used to authorize requests. Usually a credential from azidentity. +// - options - pass nil to accept the default values. +func NewAccessReviewHistoryDefinitionInstancesClient(subscriptionID string, credential azcore.TokenCredential, options *arm.ClientOptions) (*AccessReviewHistoryDefinitionInstancesClient, error) { + cl, err := arm.NewClient(moduleName, moduleVersion, credential, options) + if err != nil { + return nil, err + } + client := &AccessReviewHistoryDefinitionInstancesClient{ + subscriptionID: subscriptionID, + internal: cl, + } + return client, nil +} + +// NewListPager - Get access review history definition instances by definition Id +// +// Generated from API version 2021-12-01-preview +// - historyDefinitionID - The id of the access review history definition. +// - options - AccessReviewHistoryDefinitionInstancesClientListOptions contains the optional parameters for the AccessReviewHistoryDefinitionInstancesClient.NewListPager +// method. +func (client *AccessReviewHistoryDefinitionInstancesClient) NewListPager(historyDefinitionID string, options *AccessReviewHistoryDefinitionInstancesClientListOptions) *runtime.Pager[AccessReviewHistoryDefinitionInstancesClientListResponse] { + return runtime.NewPager(runtime.PagingHandler[AccessReviewHistoryDefinitionInstancesClientListResponse]{ + More: func(page AccessReviewHistoryDefinitionInstancesClientListResponse) bool { + return page.NextLink != nil && len(*page.NextLink) > 0 + }, + Fetcher: func(ctx context.Context, page *AccessReviewHistoryDefinitionInstancesClientListResponse) (AccessReviewHistoryDefinitionInstancesClientListResponse, error) { + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, "AccessReviewHistoryDefinitionInstancesClient.NewListPager") + nextLink := "" + if page != nil { + nextLink = *page.NextLink + } + resp, err := runtime.FetcherForNextLink(ctx, client.internal.Pipeline(), nextLink, func(ctx context.Context) (*policy.Request, error) { + return client.listCreateRequest(ctx, historyDefinitionID, options) + }, nil) + if err != nil { + return AccessReviewHistoryDefinitionInstancesClientListResponse{}, err + } + return client.listHandleResponse(resp) + }, + Tracer: client.internal.Tracer(), + }) +} + +// listCreateRequest creates the List request. +func (client *AccessReviewHistoryDefinitionInstancesClient) listCreateRequest(ctx context.Context, historyDefinitionID string, options *AccessReviewHistoryDefinitionInstancesClientListOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/providers/Microsoft.Authorization/accessReviewHistoryDefinitions/{historyDefinitionId}/instances" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if historyDefinitionID == "" { + return nil, errors.New("parameter historyDefinitionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{historyDefinitionId}", url.PathEscape(historyDefinitionID)) + req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2021-12-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// listHandleResponse handles the List response. +func (client *AccessReviewHistoryDefinitionInstancesClient) listHandleResponse(resp *http.Response) (AccessReviewHistoryDefinitionInstancesClientListResponse, error) { + result := AccessReviewHistoryDefinitionInstancesClientListResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.AccessReviewHistoryDefinitionInstanceListResult); err != nil { + return AccessReviewHistoryDefinitionInstancesClientListResponse{}, err + } + return result, nil +} diff --git a/vendor/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3/accessreviewhistorydefinitions_client.go b/vendor/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3/accessreviewhistorydefinitions_client.go new file mode 100644 index 00000000000..364b8a49ed4 --- /dev/null +++ b/vendor/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3/accessreviewhistorydefinitions_client.go @@ -0,0 +1,165 @@ +//go:build go1.18 +// +build go1.18 + +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package armauthorization + +import ( + "context" + "errors" + "github.com/Azure/azure-sdk-for-go/sdk/azcore" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/arm" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/policy" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "net/http" + "net/url" + "strings" +) + +// AccessReviewHistoryDefinitionsClient contains the methods for the AccessReviewHistoryDefinitions group. +// Don't use this type directly, use NewAccessReviewHistoryDefinitionsClient() instead. +type AccessReviewHistoryDefinitionsClient struct { + internal *arm.Client + subscriptionID string +} + +// NewAccessReviewHistoryDefinitionsClient creates a new instance of AccessReviewHistoryDefinitionsClient with the specified values. +// - subscriptionID - The ID of the target subscription. +// - credential - used to authorize requests. Usually a credential from azidentity. +// - options - pass nil to accept the default values. +func NewAccessReviewHistoryDefinitionsClient(subscriptionID string, credential azcore.TokenCredential, options *arm.ClientOptions) (*AccessReviewHistoryDefinitionsClient, error) { + cl, err := arm.NewClient(moduleName, moduleVersion, credential, options) + if err != nil { + return nil, err + } + client := &AccessReviewHistoryDefinitionsClient{ + subscriptionID: subscriptionID, + internal: cl, + } + return client, nil +} + +// GetByID - Get access review history definition by definition Id +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2021-12-01-preview +// - historyDefinitionID - The id of the access review history definition. +// - options - AccessReviewHistoryDefinitionsClientGetByIDOptions contains the optional parameters for the AccessReviewHistoryDefinitionsClient.GetByID +// method. +func (client *AccessReviewHistoryDefinitionsClient) GetByID(ctx context.Context, historyDefinitionID string, options *AccessReviewHistoryDefinitionsClientGetByIDOptions) (AccessReviewHistoryDefinitionsClientGetByIDResponse, error) { + var err error + const operationName = "AccessReviewHistoryDefinitionsClient.GetByID" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.getByIDCreateRequest(ctx, historyDefinitionID, options) + if err != nil { + return AccessReviewHistoryDefinitionsClientGetByIDResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return AccessReviewHistoryDefinitionsClientGetByIDResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK) { + err = runtime.NewResponseError(httpResp) + return AccessReviewHistoryDefinitionsClientGetByIDResponse{}, err + } + resp, err := client.getByIDHandleResponse(httpResp) + return resp, err +} + +// getByIDCreateRequest creates the GetByID request. +func (client *AccessReviewHistoryDefinitionsClient) getByIDCreateRequest(ctx context.Context, historyDefinitionID string, options *AccessReviewHistoryDefinitionsClientGetByIDOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/providers/Microsoft.Authorization/accessReviewHistoryDefinitions/{historyDefinitionId}" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if historyDefinitionID == "" { + return nil, errors.New("parameter historyDefinitionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{historyDefinitionId}", url.PathEscape(historyDefinitionID)) + req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2021-12-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// getByIDHandleResponse handles the GetByID response. +func (client *AccessReviewHistoryDefinitionsClient) getByIDHandleResponse(resp *http.Response) (AccessReviewHistoryDefinitionsClientGetByIDResponse, error) { + result := AccessReviewHistoryDefinitionsClientGetByIDResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.AccessReviewHistoryDefinition); err != nil { + return AccessReviewHistoryDefinitionsClientGetByIDResponse{}, err + } + return result, nil +} + +// NewListPager - Lists the accessReviewHistoryDefinitions available from this provider, definition instances are only available +// for 30 days after creation. +// +// Generated from API version 2021-12-01-preview +// - options - AccessReviewHistoryDefinitionsClientListOptions contains the optional parameters for the AccessReviewHistoryDefinitionsClient.NewListPager +// method. +func (client *AccessReviewHistoryDefinitionsClient) NewListPager(options *AccessReviewHistoryDefinitionsClientListOptions) *runtime.Pager[AccessReviewHistoryDefinitionsClientListResponse] { + return runtime.NewPager(runtime.PagingHandler[AccessReviewHistoryDefinitionsClientListResponse]{ + More: func(page AccessReviewHistoryDefinitionsClientListResponse) bool { + return page.NextLink != nil && len(*page.NextLink) > 0 + }, + Fetcher: func(ctx context.Context, page *AccessReviewHistoryDefinitionsClientListResponse) (AccessReviewHistoryDefinitionsClientListResponse, error) { + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, "AccessReviewHistoryDefinitionsClient.NewListPager") + nextLink := "" + if page != nil { + nextLink = *page.NextLink + } + resp, err := runtime.FetcherForNextLink(ctx, client.internal.Pipeline(), nextLink, func(ctx context.Context) (*policy.Request, error) { + return client.listCreateRequest(ctx, options) + }, nil) + if err != nil { + return AccessReviewHistoryDefinitionsClientListResponse{}, err + } + return client.listHandleResponse(resp) + }, + Tracer: client.internal.Tracer(), + }) +} + +// listCreateRequest creates the List request. +func (client *AccessReviewHistoryDefinitionsClient) listCreateRequest(ctx context.Context, options *AccessReviewHistoryDefinitionsClientListOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/providers/Microsoft.Authorization/accessReviewHistoryDefinitions" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2021-12-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + unencodedParams := []string{req.Raw().URL.RawQuery} + if options != nil && options.Filter != nil { + unencodedParams = append(unencodedParams, "$filter="+*options.Filter) + } + req.Raw().URL.RawQuery = strings.Join(unencodedParams, "&") + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// listHandleResponse handles the List response. +func (client *AccessReviewHistoryDefinitionsClient) listHandleResponse(resp *http.Response) (AccessReviewHistoryDefinitionsClientListResponse, error) { + result := AccessReviewHistoryDefinitionsClientListResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.AccessReviewHistoryDefinitionListResult); err != nil { + return AccessReviewHistoryDefinitionsClientListResponse{}, err + } + return result, nil +} diff --git a/vendor/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3/accessreviewinstance_client.go b/vendor/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3/accessreviewinstance_client.go new file mode 100644 index 00000000000..f4fcd0780cf --- /dev/null +++ b/vendor/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3/accessreviewinstance_client.go @@ -0,0 +1,315 @@ +//go:build go1.18 +// +build go1.18 + +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package armauthorization + +import ( + "context" + "errors" + "github.com/Azure/azure-sdk-for-go/sdk/azcore" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/arm" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/policy" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "net/http" + "net/url" + "strings" +) + +// AccessReviewInstanceClient contains the methods for the AccessReviewInstance group. +// Don't use this type directly, use NewAccessReviewInstanceClient() instead. +type AccessReviewInstanceClient struct { + internal *arm.Client + subscriptionID string +} + +// NewAccessReviewInstanceClient creates a new instance of AccessReviewInstanceClient with the specified values. +// - subscriptionID - The ID of the target subscription. +// - credential - used to authorize requests. Usually a credential from azidentity. +// - options - pass nil to accept the default values. +func NewAccessReviewInstanceClient(subscriptionID string, credential azcore.TokenCredential, options *arm.ClientOptions) (*AccessReviewInstanceClient, error) { + cl, err := arm.NewClient(moduleName, moduleVersion, credential, options) + if err != nil { + return nil, err + } + client := &AccessReviewInstanceClient{ + subscriptionID: subscriptionID, + internal: cl, + } + return client, nil +} + +// AcceptRecommendations - An action to accept recommendations for decision in an access review instance. +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2021-12-01-preview +// - scheduleDefinitionID - The id of the access review schedule definition. +// - id - The id of the access review instance. +// - options - AccessReviewInstanceClientAcceptRecommendationsOptions contains the optional parameters for the AccessReviewInstanceClient.AcceptRecommendations +// method. +func (client *AccessReviewInstanceClient) AcceptRecommendations(ctx context.Context, scheduleDefinitionID string, id string, options *AccessReviewInstanceClientAcceptRecommendationsOptions) (AccessReviewInstanceClientAcceptRecommendationsResponse, error) { + var err error + const operationName = "AccessReviewInstanceClient.AcceptRecommendations" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.acceptRecommendationsCreateRequest(ctx, scheduleDefinitionID, id, options) + if err != nil { + return AccessReviewInstanceClientAcceptRecommendationsResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return AccessReviewInstanceClientAcceptRecommendationsResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusNoContent) { + err = runtime.NewResponseError(httpResp) + return AccessReviewInstanceClientAcceptRecommendationsResponse{}, err + } + return AccessReviewInstanceClientAcceptRecommendationsResponse{}, nil +} + +// acceptRecommendationsCreateRequest creates the AcceptRecommendations request. +func (client *AccessReviewInstanceClient) acceptRecommendationsCreateRequest(ctx context.Context, scheduleDefinitionID string, id string, options *AccessReviewInstanceClientAcceptRecommendationsOptions) (*policy.Request, error) { + urlPath := "/providers/Microsoft.Authorization/accessReviewScheduleDefinitions/{scheduleDefinitionId}/instances/{id}/acceptRecommendations" + if scheduleDefinitionID == "" { + return nil, errors.New("parameter scheduleDefinitionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{scheduleDefinitionId}", url.PathEscape(scheduleDefinitionID)) + if id == "" { + return nil, errors.New("parameter id cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{id}", url.PathEscape(id)) + req, err := runtime.NewRequest(ctx, http.MethodPost, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2021-12-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// ApplyDecisions - An action to apply all decisions for an access review instance. +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2021-12-01-preview +// - scheduleDefinitionID - The id of the access review schedule definition. +// - id - The id of the access review instance. +// - options - AccessReviewInstanceClientApplyDecisionsOptions contains the optional parameters for the AccessReviewInstanceClient.ApplyDecisions +// method. +func (client *AccessReviewInstanceClient) ApplyDecisions(ctx context.Context, scheduleDefinitionID string, id string, options *AccessReviewInstanceClientApplyDecisionsOptions) (AccessReviewInstanceClientApplyDecisionsResponse, error) { + var err error + const operationName = "AccessReviewInstanceClient.ApplyDecisions" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.applyDecisionsCreateRequest(ctx, scheduleDefinitionID, id, options) + if err != nil { + return AccessReviewInstanceClientApplyDecisionsResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return AccessReviewInstanceClientApplyDecisionsResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusNoContent) { + err = runtime.NewResponseError(httpResp) + return AccessReviewInstanceClientApplyDecisionsResponse{}, err + } + return AccessReviewInstanceClientApplyDecisionsResponse{}, nil +} + +// applyDecisionsCreateRequest creates the ApplyDecisions request. +func (client *AccessReviewInstanceClient) applyDecisionsCreateRequest(ctx context.Context, scheduleDefinitionID string, id string, options *AccessReviewInstanceClientApplyDecisionsOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/providers/Microsoft.Authorization/accessReviewScheduleDefinitions/{scheduleDefinitionId}/instances/{id}/applyDecisions" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if scheduleDefinitionID == "" { + return nil, errors.New("parameter scheduleDefinitionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{scheduleDefinitionId}", url.PathEscape(scheduleDefinitionID)) + if id == "" { + return nil, errors.New("parameter id cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{id}", url.PathEscape(id)) + req, err := runtime.NewRequest(ctx, http.MethodPost, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2021-12-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// ResetDecisions - An action to reset all decisions for an access review instance. +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2021-12-01-preview +// - scheduleDefinitionID - The id of the access review schedule definition. +// - id - The id of the access review instance. +// - options - AccessReviewInstanceClientResetDecisionsOptions contains the optional parameters for the AccessReviewInstanceClient.ResetDecisions +// method. +func (client *AccessReviewInstanceClient) ResetDecisions(ctx context.Context, scheduleDefinitionID string, id string, options *AccessReviewInstanceClientResetDecisionsOptions) (AccessReviewInstanceClientResetDecisionsResponse, error) { + var err error + const operationName = "AccessReviewInstanceClient.ResetDecisions" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.resetDecisionsCreateRequest(ctx, scheduleDefinitionID, id, options) + if err != nil { + return AccessReviewInstanceClientResetDecisionsResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return AccessReviewInstanceClientResetDecisionsResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusNoContent) { + err = runtime.NewResponseError(httpResp) + return AccessReviewInstanceClientResetDecisionsResponse{}, err + } + return AccessReviewInstanceClientResetDecisionsResponse{}, nil +} + +// resetDecisionsCreateRequest creates the ResetDecisions request. +func (client *AccessReviewInstanceClient) resetDecisionsCreateRequest(ctx context.Context, scheduleDefinitionID string, id string, options *AccessReviewInstanceClientResetDecisionsOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/providers/Microsoft.Authorization/accessReviewScheduleDefinitions/{scheduleDefinitionId}/instances/{id}/resetDecisions" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if scheduleDefinitionID == "" { + return nil, errors.New("parameter scheduleDefinitionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{scheduleDefinitionId}", url.PathEscape(scheduleDefinitionID)) + if id == "" { + return nil, errors.New("parameter id cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{id}", url.PathEscape(id)) + req, err := runtime.NewRequest(ctx, http.MethodPost, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2021-12-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// SendReminders - An action to send reminders for an access review instance. +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2021-12-01-preview +// - scheduleDefinitionID - The id of the access review schedule definition. +// - id - The id of the access review instance. +// - options - AccessReviewInstanceClientSendRemindersOptions contains the optional parameters for the AccessReviewInstanceClient.SendReminders +// method. +func (client *AccessReviewInstanceClient) SendReminders(ctx context.Context, scheduleDefinitionID string, id string, options *AccessReviewInstanceClientSendRemindersOptions) (AccessReviewInstanceClientSendRemindersResponse, error) { + var err error + const operationName = "AccessReviewInstanceClient.SendReminders" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.sendRemindersCreateRequest(ctx, scheduleDefinitionID, id, options) + if err != nil { + return AccessReviewInstanceClientSendRemindersResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return AccessReviewInstanceClientSendRemindersResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusNoContent) { + err = runtime.NewResponseError(httpResp) + return AccessReviewInstanceClientSendRemindersResponse{}, err + } + return AccessReviewInstanceClientSendRemindersResponse{}, nil +} + +// sendRemindersCreateRequest creates the SendReminders request. +func (client *AccessReviewInstanceClient) sendRemindersCreateRequest(ctx context.Context, scheduleDefinitionID string, id string, options *AccessReviewInstanceClientSendRemindersOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/providers/Microsoft.Authorization/accessReviewScheduleDefinitions/{scheduleDefinitionId}/instances/{id}/sendReminders" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if scheduleDefinitionID == "" { + return nil, errors.New("parameter scheduleDefinitionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{scheduleDefinitionId}", url.PathEscape(scheduleDefinitionID)) + if id == "" { + return nil, errors.New("parameter id cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{id}", url.PathEscape(id)) + req, err := runtime.NewRequest(ctx, http.MethodPost, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2021-12-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// Stop - An action to stop an access review instance. +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2021-12-01-preview +// - scheduleDefinitionID - The id of the access review schedule definition. +// - id - The id of the access review instance. +// - options - AccessReviewInstanceClientStopOptions contains the optional parameters for the AccessReviewInstanceClient.Stop +// method. +func (client *AccessReviewInstanceClient) Stop(ctx context.Context, scheduleDefinitionID string, id string, options *AccessReviewInstanceClientStopOptions) (AccessReviewInstanceClientStopResponse, error) { + var err error + const operationName = "AccessReviewInstanceClient.Stop" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.stopCreateRequest(ctx, scheduleDefinitionID, id, options) + if err != nil { + return AccessReviewInstanceClientStopResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return AccessReviewInstanceClientStopResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusNoContent) { + err = runtime.NewResponseError(httpResp) + return AccessReviewInstanceClientStopResponse{}, err + } + return AccessReviewInstanceClientStopResponse{}, nil +} + +// stopCreateRequest creates the Stop request. +func (client *AccessReviewInstanceClient) stopCreateRequest(ctx context.Context, scheduleDefinitionID string, id string, options *AccessReviewInstanceClientStopOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/providers/Microsoft.Authorization/accessReviewScheduleDefinitions/{scheduleDefinitionId}/instances/{id}/stop" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if scheduleDefinitionID == "" { + return nil, errors.New("parameter scheduleDefinitionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{scheduleDefinitionId}", url.PathEscape(scheduleDefinitionID)) + if id == "" { + return nil, errors.New("parameter id cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{id}", url.PathEscape(id)) + req, err := runtime.NewRequest(ctx, http.MethodPost, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2021-12-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} diff --git a/vendor/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3/accessreviewinstancecontactedreviewers_client.go b/vendor/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3/accessreviewinstancecontactedreviewers_client.go new file mode 100644 index 00000000000..cf1084ac79a --- /dev/null +++ b/vendor/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3/accessreviewinstancecontactedreviewers_client.go @@ -0,0 +1,109 @@ +//go:build go1.18 +// +build go1.18 + +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package armauthorization + +import ( + "context" + "errors" + "github.com/Azure/azure-sdk-for-go/sdk/azcore" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/arm" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/policy" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "net/http" + "net/url" + "strings" +) + +// AccessReviewInstanceContactedReviewersClient contains the methods for the AccessReviewInstanceContactedReviewers group. +// Don't use this type directly, use NewAccessReviewInstanceContactedReviewersClient() instead. +type AccessReviewInstanceContactedReviewersClient struct { + internal *arm.Client + subscriptionID string +} + +// NewAccessReviewInstanceContactedReviewersClient creates a new instance of AccessReviewInstanceContactedReviewersClient with the specified values. +// - subscriptionID - The ID of the target subscription. +// - credential - used to authorize requests. Usually a credential from azidentity. +// - options - pass nil to accept the default values. +func NewAccessReviewInstanceContactedReviewersClient(subscriptionID string, credential azcore.TokenCredential, options *arm.ClientOptions) (*AccessReviewInstanceContactedReviewersClient, error) { + cl, err := arm.NewClient(moduleName, moduleVersion, credential, options) + if err != nil { + return nil, err + } + client := &AccessReviewInstanceContactedReviewersClient{ + subscriptionID: subscriptionID, + internal: cl, + } + return client, nil +} + +// NewListPager - Get access review instance contacted reviewers +// +// Generated from API version 2021-12-01-preview +// - scheduleDefinitionID - The id of the access review schedule definition. +// - id - The id of the access review instance. +// - options - AccessReviewInstanceContactedReviewersClientListOptions contains the optional parameters for the AccessReviewInstanceContactedReviewersClient.NewListPager +// method. +func (client *AccessReviewInstanceContactedReviewersClient) NewListPager(scheduleDefinitionID string, id string, options *AccessReviewInstanceContactedReviewersClientListOptions) *runtime.Pager[AccessReviewInstanceContactedReviewersClientListResponse] { + return runtime.NewPager(runtime.PagingHandler[AccessReviewInstanceContactedReviewersClientListResponse]{ + More: func(page AccessReviewInstanceContactedReviewersClientListResponse) bool { + return page.NextLink != nil && len(*page.NextLink) > 0 + }, + Fetcher: func(ctx context.Context, page *AccessReviewInstanceContactedReviewersClientListResponse) (AccessReviewInstanceContactedReviewersClientListResponse, error) { + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, "AccessReviewInstanceContactedReviewersClient.NewListPager") + nextLink := "" + if page != nil { + nextLink = *page.NextLink + } + resp, err := runtime.FetcherForNextLink(ctx, client.internal.Pipeline(), nextLink, func(ctx context.Context) (*policy.Request, error) { + return client.listCreateRequest(ctx, scheduleDefinitionID, id, options) + }, nil) + if err != nil { + return AccessReviewInstanceContactedReviewersClientListResponse{}, err + } + return client.listHandleResponse(resp) + }, + Tracer: client.internal.Tracer(), + }) +} + +// listCreateRequest creates the List request. +func (client *AccessReviewInstanceContactedReviewersClient) listCreateRequest(ctx context.Context, scheduleDefinitionID string, id string, options *AccessReviewInstanceContactedReviewersClientListOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/providers/Microsoft.Authorization/accessReviewScheduleDefinitions/{scheduleDefinitionId}/instances/{id}/contactedReviewers" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if scheduleDefinitionID == "" { + return nil, errors.New("parameter scheduleDefinitionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{scheduleDefinitionId}", url.PathEscape(scheduleDefinitionID)) + if id == "" { + return nil, errors.New("parameter id cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{id}", url.PathEscape(id)) + req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2021-12-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// listHandleResponse handles the List response. +func (client *AccessReviewInstanceContactedReviewersClient) listHandleResponse(resp *http.Response) (AccessReviewInstanceContactedReviewersClientListResponse, error) { + result := AccessReviewInstanceContactedReviewersClientListResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.AccessReviewContactedReviewerListResult); err != nil { + return AccessReviewInstanceContactedReviewersClientListResponse{}, err + } + return result, nil +} diff --git a/vendor/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3/accessreviewinstancedecisions_client.go b/vendor/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3/accessreviewinstancedecisions_client.go new file mode 100644 index 00000000000..0df9ec88167 --- /dev/null +++ b/vendor/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3/accessreviewinstancedecisions_client.go @@ -0,0 +1,114 @@ +//go:build go1.18 +// +build go1.18 + +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package armauthorization + +import ( + "context" + "errors" + "github.com/Azure/azure-sdk-for-go/sdk/azcore" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/arm" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/policy" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "net/http" + "net/url" + "strings" +) + +// AccessReviewInstanceDecisionsClient contains the methods for the AccessReviewInstanceDecisions group. +// Don't use this type directly, use NewAccessReviewInstanceDecisionsClient() instead. +type AccessReviewInstanceDecisionsClient struct { + internal *arm.Client + subscriptionID string +} + +// NewAccessReviewInstanceDecisionsClient creates a new instance of AccessReviewInstanceDecisionsClient with the specified values. +// - subscriptionID - The ID of the target subscription. +// - credential - used to authorize requests. Usually a credential from azidentity. +// - options - pass nil to accept the default values. +func NewAccessReviewInstanceDecisionsClient(subscriptionID string, credential azcore.TokenCredential, options *arm.ClientOptions) (*AccessReviewInstanceDecisionsClient, error) { + cl, err := arm.NewClient(moduleName, moduleVersion, credential, options) + if err != nil { + return nil, err + } + client := &AccessReviewInstanceDecisionsClient{ + subscriptionID: subscriptionID, + internal: cl, + } + return client, nil +} + +// NewListPager - Get access review instance decisions +// +// Generated from API version 2021-12-01-preview +// - scheduleDefinitionID - The id of the access review schedule definition. +// - id - The id of the access review instance. +// - options - AccessReviewInstanceDecisionsClientListOptions contains the optional parameters for the AccessReviewInstanceDecisionsClient.NewListPager +// method. +func (client *AccessReviewInstanceDecisionsClient) NewListPager(scheduleDefinitionID string, id string, options *AccessReviewInstanceDecisionsClientListOptions) *runtime.Pager[AccessReviewInstanceDecisionsClientListResponse] { + return runtime.NewPager(runtime.PagingHandler[AccessReviewInstanceDecisionsClientListResponse]{ + More: func(page AccessReviewInstanceDecisionsClientListResponse) bool { + return page.NextLink != nil && len(*page.NextLink) > 0 + }, + Fetcher: func(ctx context.Context, page *AccessReviewInstanceDecisionsClientListResponse) (AccessReviewInstanceDecisionsClientListResponse, error) { + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, "AccessReviewInstanceDecisionsClient.NewListPager") + nextLink := "" + if page != nil { + nextLink = *page.NextLink + } + resp, err := runtime.FetcherForNextLink(ctx, client.internal.Pipeline(), nextLink, func(ctx context.Context) (*policy.Request, error) { + return client.listCreateRequest(ctx, scheduleDefinitionID, id, options) + }, nil) + if err != nil { + return AccessReviewInstanceDecisionsClientListResponse{}, err + } + return client.listHandleResponse(resp) + }, + Tracer: client.internal.Tracer(), + }) +} + +// listCreateRequest creates the List request. +func (client *AccessReviewInstanceDecisionsClient) listCreateRequest(ctx context.Context, scheduleDefinitionID string, id string, options *AccessReviewInstanceDecisionsClientListOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/providers/Microsoft.Authorization/accessReviewScheduleDefinitions/{scheduleDefinitionId}/instances/{id}/decisions" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if scheduleDefinitionID == "" { + return nil, errors.New("parameter scheduleDefinitionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{scheduleDefinitionId}", url.PathEscape(scheduleDefinitionID)) + if id == "" { + return nil, errors.New("parameter id cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{id}", url.PathEscape(id)) + req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2021-12-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + unencodedParams := []string{req.Raw().URL.RawQuery} + if options != nil && options.Filter != nil { + unencodedParams = append(unencodedParams, "$filter="+*options.Filter) + } + req.Raw().URL.RawQuery = strings.Join(unencodedParams, "&") + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// listHandleResponse handles the List response. +func (client *AccessReviewInstanceDecisionsClient) listHandleResponse(resp *http.Response) (AccessReviewInstanceDecisionsClientListResponse, error) { + result := AccessReviewInstanceDecisionsClientListResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.AccessReviewDecisionListResult); err != nil { + return AccessReviewInstanceDecisionsClientListResponse{}, err + } + return result, nil +} diff --git a/vendor/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3/accessreviewinstancemydecisions_client.go b/vendor/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3/accessreviewinstancemydecisions_client.go new file mode 100644 index 00000000000..0dfd20292aa --- /dev/null +++ b/vendor/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3/accessreviewinstancemydecisions_client.go @@ -0,0 +1,243 @@ +//go:build go1.18 +// +build go1.18 + +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package armauthorization + +import ( + "context" + "errors" + "github.com/Azure/azure-sdk-for-go/sdk/azcore" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/arm" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/policy" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "net/http" + "net/url" + "strings" +) + +// AccessReviewInstanceMyDecisionsClient contains the methods for the AccessReviewInstanceMyDecisions group. +// Don't use this type directly, use NewAccessReviewInstanceMyDecisionsClient() instead. +type AccessReviewInstanceMyDecisionsClient struct { + internal *arm.Client +} + +// NewAccessReviewInstanceMyDecisionsClient creates a new instance of AccessReviewInstanceMyDecisionsClient with the specified values. +// - credential - used to authorize requests. Usually a credential from azidentity. +// - options - pass nil to accept the default values. +func NewAccessReviewInstanceMyDecisionsClient(credential azcore.TokenCredential, options *arm.ClientOptions) (*AccessReviewInstanceMyDecisionsClient, error) { + cl, err := arm.NewClient(moduleName, moduleVersion, credential, options) + if err != nil { + return nil, err + } + client := &AccessReviewInstanceMyDecisionsClient{ + internal: cl, + } + return client, nil +} + +// GetByID - Get my single access review instance decision. +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2021-12-01-preview +// - scheduleDefinitionID - The id of the access review schedule definition. +// - id - The id of the access review instance. +// - decisionID - The id of the decision record. +// - options - AccessReviewInstanceMyDecisionsClientGetByIDOptions contains the optional parameters for the AccessReviewInstanceMyDecisionsClient.GetByID +// method. +func (client *AccessReviewInstanceMyDecisionsClient) GetByID(ctx context.Context, scheduleDefinitionID string, id string, decisionID string, options *AccessReviewInstanceMyDecisionsClientGetByIDOptions) (AccessReviewInstanceMyDecisionsClientGetByIDResponse, error) { + var err error + const operationName = "AccessReviewInstanceMyDecisionsClient.GetByID" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.getByIDCreateRequest(ctx, scheduleDefinitionID, id, decisionID, options) + if err != nil { + return AccessReviewInstanceMyDecisionsClientGetByIDResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return AccessReviewInstanceMyDecisionsClientGetByIDResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK) { + err = runtime.NewResponseError(httpResp) + return AccessReviewInstanceMyDecisionsClientGetByIDResponse{}, err + } + resp, err := client.getByIDHandleResponse(httpResp) + return resp, err +} + +// getByIDCreateRequest creates the GetByID request. +func (client *AccessReviewInstanceMyDecisionsClient) getByIDCreateRequest(ctx context.Context, scheduleDefinitionID string, id string, decisionID string, options *AccessReviewInstanceMyDecisionsClientGetByIDOptions) (*policy.Request, error) { + urlPath := "/providers/Microsoft.Authorization/accessReviewScheduleDefinitions/{scheduleDefinitionId}/instances/{id}/decisions/{decisionId}" + if scheduleDefinitionID == "" { + return nil, errors.New("parameter scheduleDefinitionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{scheduleDefinitionId}", url.PathEscape(scheduleDefinitionID)) + if id == "" { + return nil, errors.New("parameter id cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{id}", url.PathEscape(id)) + if decisionID == "" { + return nil, errors.New("parameter decisionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{decisionId}", url.PathEscape(decisionID)) + req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2021-12-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// getByIDHandleResponse handles the GetByID response. +func (client *AccessReviewInstanceMyDecisionsClient) getByIDHandleResponse(resp *http.Response) (AccessReviewInstanceMyDecisionsClientGetByIDResponse, error) { + result := AccessReviewInstanceMyDecisionsClientGetByIDResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.AccessReviewDecision); err != nil { + return AccessReviewInstanceMyDecisionsClientGetByIDResponse{}, err + } + return result, nil +} + +// NewListPager - Get my access review instance decisions. +// +// Generated from API version 2021-12-01-preview +// - scheduleDefinitionID - The id of the access review schedule definition. +// - id - The id of the access review instance. +// - options - AccessReviewInstanceMyDecisionsClientListOptions contains the optional parameters for the AccessReviewInstanceMyDecisionsClient.NewListPager +// method. +func (client *AccessReviewInstanceMyDecisionsClient) NewListPager(scheduleDefinitionID string, id string, options *AccessReviewInstanceMyDecisionsClientListOptions) *runtime.Pager[AccessReviewInstanceMyDecisionsClientListResponse] { + return runtime.NewPager(runtime.PagingHandler[AccessReviewInstanceMyDecisionsClientListResponse]{ + More: func(page AccessReviewInstanceMyDecisionsClientListResponse) bool { + return page.NextLink != nil && len(*page.NextLink) > 0 + }, + Fetcher: func(ctx context.Context, page *AccessReviewInstanceMyDecisionsClientListResponse) (AccessReviewInstanceMyDecisionsClientListResponse, error) { + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, "AccessReviewInstanceMyDecisionsClient.NewListPager") + nextLink := "" + if page != nil { + nextLink = *page.NextLink + } + resp, err := runtime.FetcherForNextLink(ctx, client.internal.Pipeline(), nextLink, func(ctx context.Context) (*policy.Request, error) { + return client.listCreateRequest(ctx, scheduleDefinitionID, id, options) + }, nil) + if err != nil { + return AccessReviewInstanceMyDecisionsClientListResponse{}, err + } + return client.listHandleResponse(resp) + }, + Tracer: client.internal.Tracer(), + }) +} + +// listCreateRequest creates the List request. +func (client *AccessReviewInstanceMyDecisionsClient) listCreateRequest(ctx context.Context, scheduleDefinitionID string, id string, options *AccessReviewInstanceMyDecisionsClientListOptions) (*policy.Request, error) { + urlPath := "/providers/Microsoft.Authorization/accessReviewScheduleDefinitions/{scheduleDefinitionId}/instances/{id}/decisions" + if scheduleDefinitionID == "" { + return nil, errors.New("parameter scheduleDefinitionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{scheduleDefinitionId}", url.PathEscape(scheduleDefinitionID)) + if id == "" { + return nil, errors.New("parameter id cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{id}", url.PathEscape(id)) + req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2021-12-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + unencodedParams := []string{req.Raw().URL.RawQuery} + if options != nil && options.Filter != nil { + unencodedParams = append(unencodedParams, "$filter="+*options.Filter) + } + req.Raw().URL.RawQuery = strings.Join(unencodedParams, "&") + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// listHandleResponse handles the List response. +func (client *AccessReviewInstanceMyDecisionsClient) listHandleResponse(resp *http.Response) (AccessReviewInstanceMyDecisionsClientListResponse, error) { + result := AccessReviewInstanceMyDecisionsClientListResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.AccessReviewDecisionListResult); err != nil { + return AccessReviewInstanceMyDecisionsClientListResponse{}, err + } + return result, nil +} + +// Patch - Record a decision. +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2021-12-01-preview +// - scheduleDefinitionID - The id of the access review schedule definition. +// - id - The id of the access review instance. +// - decisionID - The id of the decision record. +// - properties - Access review decision properties to patch. +// - options - AccessReviewInstanceMyDecisionsClientPatchOptions contains the optional parameters for the AccessReviewInstanceMyDecisionsClient.Patch +// method. +func (client *AccessReviewInstanceMyDecisionsClient) Patch(ctx context.Context, scheduleDefinitionID string, id string, decisionID string, properties AccessReviewDecisionProperties, options *AccessReviewInstanceMyDecisionsClientPatchOptions) (AccessReviewInstanceMyDecisionsClientPatchResponse, error) { + var err error + const operationName = "AccessReviewInstanceMyDecisionsClient.Patch" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.patchCreateRequest(ctx, scheduleDefinitionID, id, decisionID, properties, options) + if err != nil { + return AccessReviewInstanceMyDecisionsClientPatchResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return AccessReviewInstanceMyDecisionsClientPatchResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK) { + err = runtime.NewResponseError(httpResp) + return AccessReviewInstanceMyDecisionsClientPatchResponse{}, err + } + resp, err := client.patchHandleResponse(httpResp) + return resp, err +} + +// patchCreateRequest creates the Patch request. +func (client *AccessReviewInstanceMyDecisionsClient) patchCreateRequest(ctx context.Context, scheduleDefinitionID string, id string, decisionID string, properties AccessReviewDecisionProperties, options *AccessReviewInstanceMyDecisionsClientPatchOptions) (*policy.Request, error) { + urlPath := "/providers/Microsoft.Authorization/accessReviewScheduleDefinitions/{scheduleDefinitionId}/instances/{id}/decisions/{decisionId}" + if scheduleDefinitionID == "" { + return nil, errors.New("parameter scheduleDefinitionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{scheduleDefinitionId}", url.PathEscape(scheduleDefinitionID)) + if id == "" { + return nil, errors.New("parameter id cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{id}", url.PathEscape(id)) + if decisionID == "" { + return nil, errors.New("parameter decisionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{decisionId}", url.PathEscape(decisionID)) + req, err := runtime.NewRequest(ctx, http.MethodPatch, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2021-12-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + if err := runtime.MarshalAsJSON(req, properties); err != nil { + return nil, err + } + return req, nil +} + +// patchHandleResponse handles the Patch response. +func (client *AccessReviewInstanceMyDecisionsClient) patchHandleResponse(resp *http.Response) (AccessReviewInstanceMyDecisionsClientPatchResponse, error) { + result := AccessReviewInstanceMyDecisionsClientPatchResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.AccessReviewDecision); err != nil { + return AccessReviewInstanceMyDecisionsClientPatchResponse{}, err + } + return result, nil +} diff --git a/vendor/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3/accessreviewinstances_client.go b/vendor/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3/accessreviewinstances_client.go new file mode 100644 index 00000000000..0323f15fe6f --- /dev/null +++ b/vendor/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3/accessreviewinstances_client.go @@ -0,0 +1,243 @@ +//go:build go1.18 +// +build go1.18 + +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package armauthorization + +import ( + "context" + "errors" + "github.com/Azure/azure-sdk-for-go/sdk/azcore" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/arm" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/policy" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "net/http" + "net/url" + "strings" +) + +// AccessReviewInstancesClient contains the methods for the AccessReviewInstances group. +// Don't use this type directly, use NewAccessReviewInstancesClient() instead. +type AccessReviewInstancesClient struct { + internal *arm.Client + subscriptionID string +} + +// NewAccessReviewInstancesClient creates a new instance of AccessReviewInstancesClient with the specified values. +// - subscriptionID - The ID of the target subscription. +// - credential - used to authorize requests. Usually a credential from azidentity. +// - options - pass nil to accept the default values. +func NewAccessReviewInstancesClient(subscriptionID string, credential azcore.TokenCredential, options *arm.ClientOptions) (*AccessReviewInstancesClient, error) { + cl, err := arm.NewClient(moduleName, moduleVersion, credential, options) + if err != nil { + return nil, err + } + client := &AccessReviewInstancesClient{ + subscriptionID: subscriptionID, + internal: cl, + } + return client, nil +} + +// Create - Update access review instance. +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2021-12-01-preview +// - scheduleDefinitionID - The id of the access review schedule definition. +// - id - The id of the access review instance. +// - properties - Access review instance properties. +// - options - AccessReviewInstancesClientCreateOptions contains the optional parameters for the AccessReviewInstancesClient.Create +// method. +func (client *AccessReviewInstancesClient) Create(ctx context.Context, scheduleDefinitionID string, id string, properties AccessReviewInstanceProperties, options *AccessReviewInstancesClientCreateOptions) (AccessReviewInstancesClientCreateResponse, error) { + var err error + const operationName = "AccessReviewInstancesClient.Create" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.createCreateRequest(ctx, scheduleDefinitionID, id, properties, options) + if err != nil { + return AccessReviewInstancesClientCreateResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return AccessReviewInstancesClientCreateResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK) { + err = runtime.NewResponseError(httpResp) + return AccessReviewInstancesClientCreateResponse{}, err + } + resp, err := client.createHandleResponse(httpResp) + return resp, err +} + +// createCreateRequest creates the Create request. +func (client *AccessReviewInstancesClient) createCreateRequest(ctx context.Context, scheduleDefinitionID string, id string, properties AccessReviewInstanceProperties, options *AccessReviewInstancesClientCreateOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/providers/Microsoft.Authorization/accessReviewScheduleDefinitions/{scheduleDefinitionId}/instances/{id}" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if scheduleDefinitionID == "" { + return nil, errors.New("parameter scheduleDefinitionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{scheduleDefinitionId}", url.PathEscape(scheduleDefinitionID)) + if id == "" { + return nil, errors.New("parameter id cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{id}", url.PathEscape(id)) + req, err := runtime.NewRequest(ctx, http.MethodPut, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2021-12-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + if err := runtime.MarshalAsJSON(req, properties); err != nil { + return nil, err + } + return req, nil +} + +// createHandleResponse handles the Create response. +func (client *AccessReviewInstancesClient) createHandleResponse(resp *http.Response) (AccessReviewInstancesClientCreateResponse, error) { + result := AccessReviewInstancesClientCreateResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.AccessReviewInstance); err != nil { + return AccessReviewInstancesClientCreateResponse{}, err + } + return result, nil +} + +// GetByID - Get access review instances +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2021-12-01-preview +// - scheduleDefinitionID - The id of the access review schedule definition. +// - id - The id of the access review instance. +// - options - AccessReviewInstancesClientGetByIDOptions contains the optional parameters for the AccessReviewInstancesClient.GetByID +// method. +func (client *AccessReviewInstancesClient) GetByID(ctx context.Context, scheduleDefinitionID string, id string, options *AccessReviewInstancesClientGetByIDOptions) (AccessReviewInstancesClientGetByIDResponse, error) { + var err error + const operationName = "AccessReviewInstancesClient.GetByID" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.getByIDCreateRequest(ctx, scheduleDefinitionID, id, options) + if err != nil { + return AccessReviewInstancesClientGetByIDResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return AccessReviewInstancesClientGetByIDResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK) { + err = runtime.NewResponseError(httpResp) + return AccessReviewInstancesClientGetByIDResponse{}, err + } + resp, err := client.getByIDHandleResponse(httpResp) + return resp, err +} + +// getByIDCreateRequest creates the GetByID request. +func (client *AccessReviewInstancesClient) getByIDCreateRequest(ctx context.Context, scheduleDefinitionID string, id string, options *AccessReviewInstancesClientGetByIDOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/providers/Microsoft.Authorization/accessReviewScheduleDefinitions/{scheduleDefinitionId}/instances/{id}" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if scheduleDefinitionID == "" { + return nil, errors.New("parameter scheduleDefinitionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{scheduleDefinitionId}", url.PathEscape(scheduleDefinitionID)) + if id == "" { + return nil, errors.New("parameter id cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{id}", url.PathEscape(id)) + req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2021-12-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// getByIDHandleResponse handles the GetByID response. +func (client *AccessReviewInstancesClient) getByIDHandleResponse(resp *http.Response) (AccessReviewInstancesClientGetByIDResponse, error) { + result := AccessReviewInstancesClientGetByIDResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.AccessReviewInstance); err != nil { + return AccessReviewInstancesClientGetByIDResponse{}, err + } + return result, nil +} + +// NewListPager - Get access review instances +// +// Generated from API version 2021-12-01-preview +// - scheduleDefinitionID - The id of the access review schedule definition. +// - options - AccessReviewInstancesClientListOptions contains the optional parameters for the AccessReviewInstancesClient.NewListPager +// method. +func (client *AccessReviewInstancesClient) NewListPager(scheduleDefinitionID string, options *AccessReviewInstancesClientListOptions) *runtime.Pager[AccessReviewInstancesClientListResponse] { + return runtime.NewPager(runtime.PagingHandler[AccessReviewInstancesClientListResponse]{ + More: func(page AccessReviewInstancesClientListResponse) bool { + return page.NextLink != nil && len(*page.NextLink) > 0 + }, + Fetcher: func(ctx context.Context, page *AccessReviewInstancesClientListResponse) (AccessReviewInstancesClientListResponse, error) { + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, "AccessReviewInstancesClient.NewListPager") + nextLink := "" + if page != nil { + nextLink = *page.NextLink + } + resp, err := runtime.FetcherForNextLink(ctx, client.internal.Pipeline(), nextLink, func(ctx context.Context) (*policy.Request, error) { + return client.listCreateRequest(ctx, scheduleDefinitionID, options) + }, nil) + if err != nil { + return AccessReviewInstancesClientListResponse{}, err + } + return client.listHandleResponse(resp) + }, + Tracer: client.internal.Tracer(), + }) +} + +// listCreateRequest creates the List request. +func (client *AccessReviewInstancesClient) listCreateRequest(ctx context.Context, scheduleDefinitionID string, options *AccessReviewInstancesClientListOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/providers/Microsoft.Authorization/accessReviewScheduleDefinitions/{scheduleDefinitionId}/instances" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if scheduleDefinitionID == "" { + return nil, errors.New("parameter scheduleDefinitionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{scheduleDefinitionId}", url.PathEscape(scheduleDefinitionID)) + req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2021-12-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + unencodedParams := []string{req.Raw().URL.RawQuery} + if options != nil && options.Filter != nil { + unencodedParams = append(unencodedParams, "$filter="+*options.Filter) + } + req.Raw().URL.RawQuery = strings.Join(unencodedParams, "&") + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// listHandleResponse handles the List response. +func (client *AccessReviewInstancesClient) listHandleResponse(resp *http.Response) (AccessReviewInstancesClientListResponse, error) { + result := AccessReviewInstancesClientListResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.AccessReviewInstanceListResult); err != nil { + return AccessReviewInstancesClientListResponse{}, err + } + return result, nil +} diff --git a/vendor/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3/accessreviewinstancesassignedformyapproval_client.go b/vendor/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3/accessreviewinstancesassignedformyapproval_client.go new file mode 100644 index 00000000000..ef06f1b6566 --- /dev/null +++ b/vendor/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3/accessreviewinstancesassignedformyapproval_client.go @@ -0,0 +1,163 @@ +//go:build go1.18 +// +build go1.18 + +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package armauthorization + +import ( + "context" + "errors" + "github.com/Azure/azure-sdk-for-go/sdk/azcore" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/arm" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/policy" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "net/http" + "net/url" + "strings" +) + +// AccessReviewInstancesAssignedForMyApprovalClient contains the methods for the AccessReviewInstancesAssignedForMyApproval group. +// Don't use this type directly, use NewAccessReviewInstancesAssignedForMyApprovalClient() instead. +type AccessReviewInstancesAssignedForMyApprovalClient struct { + internal *arm.Client +} + +// NewAccessReviewInstancesAssignedForMyApprovalClient creates a new instance of AccessReviewInstancesAssignedForMyApprovalClient with the specified values. +// - credential - used to authorize requests. Usually a credential from azidentity. +// - options - pass nil to accept the default values. +func NewAccessReviewInstancesAssignedForMyApprovalClient(credential azcore.TokenCredential, options *arm.ClientOptions) (*AccessReviewInstancesAssignedForMyApprovalClient, error) { + cl, err := arm.NewClient(moduleName, moduleVersion, credential, options) + if err != nil { + return nil, err + } + client := &AccessReviewInstancesAssignedForMyApprovalClient{ + internal: cl, + } + return client, nil +} + +// GetByID - Get single access review instance assigned for my approval. +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2021-12-01-preview +// - scheduleDefinitionID - The id of the access review schedule definition. +// - id - The id of the access review instance. +// - options - AccessReviewInstancesAssignedForMyApprovalClientGetByIDOptions contains the optional parameters for the AccessReviewInstancesAssignedForMyApprovalClient.GetByID +// method. +func (client *AccessReviewInstancesAssignedForMyApprovalClient) GetByID(ctx context.Context, scheduleDefinitionID string, id string, options *AccessReviewInstancesAssignedForMyApprovalClientGetByIDOptions) (AccessReviewInstancesAssignedForMyApprovalClientGetByIDResponse, error) { + var err error + const operationName = "AccessReviewInstancesAssignedForMyApprovalClient.GetByID" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.getByIDCreateRequest(ctx, scheduleDefinitionID, id, options) + if err != nil { + return AccessReviewInstancesAssignedForMyApprovalClientGetByIDResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return AccessReviewInstancesAssignedForMyApprovalClientGetByIDResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK) { + err = runtime.NewResponseError(httpResp) + return AccessReviewInstancesAssignedForMyApprovalClientGetByIDResponse{}, err + } + resp, err := client.getByIDHandleResponse(httpResp) + return resp, err +} + +// getByIDCreateRequest creates the GetByID request. +func (client *AccessReviewInstancesAssignedForMyApprovalClient) getByIDCreateRequest(ctx context.Context, scheduleDefinitionID string, id string, options *AccessReviewInstancesAssignedForMyApprovalClientGetByIDOptions) (*policy.Request, error) { + urlPath := "/providers/Microsoft.Authorization/accessReviewScheduleDefinitions/{scheduleDefinitionId}/instances/{id}" + if scheduleDefinitionID == "" { + return nil, errors.New("parameter scheduleDefinitionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{scheduleDefinitionId}", url.PathEscape(scheduleDefinitionID)) + if id == "" { + return nil, errors.New("parameter id cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{id}", url.PathEscape(id)) + req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2021-12-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// getByIDHandleResponse handles the GetByID response. +func (client *AccessReviewInstancesAssignedForMyApprovalClient) getByIDHandleResponse(resp *http.Response) (AccessReviewInstancesAssignedForMyApprovalClientGetByIDResponse, error) { + result := AccessReviewInstancesAssignedForMyApprovalClientGetByIDResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.AccessReviewInstance); err != nil { + return AccessReviewInstancesAssignedForMyApprovalClientGetByIDResponse{}, err + } + return result, nil +} + +// NewListPager - Get access review instances assigned for my approval. +// +// Generated from API version 2021-12-01-preview +// - scheduleDefinitionID - The id of the access review schedule definition. +// - options - AccessReviewInstancesAssignedForMyApprovalClientListOptions contains the optional parameters for the AccessReviewInstancesAssignedForMyApprovalClient.NewListPager +// method. +func (client *AccessReviewInstancesAssignedForMyApprovalClient) NewListPager(scheduleDefinitionID string, options *AccessReviewInstancesAssignedForMyApprovalClientListOptions) *runtime.Pager[AccessReviewInstancesAssignedForMyApprovalClientListResponse] { + return runtime.NewPager(runtime.PagingHandler[AccessReviewInstancesAssignedForMyApprovalClientListResponse]{ + More: func(page AccessReviewInstancesAssignedForMyApprovalClientListResponse) bool { + return page.NextLink != nil && len(*page.NextLink) > 0 + }, + Fetcher: func(ctx context.Context, page *AccessReviewInstancesAssignedForMyApprovalClientListResponse) (AccessReviewInstancesAssignedForMyApprovalClientListResponse, error) { + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, "AccessReviewInstancesAssignedForMyApprovalClient.NewListPager") + nextLink := "" + if page != nil { + nextLink = *page.NextLink + } + resp, err := runtime.FetcherForNextLink(ctx, client.internal.Pipeline(), nextLink, func(ctx context.Context) (*policy.Request, error) { + return client.listCreateRequest(ctx, scheduleDefinitionID, options) + }, nil) + if err != nil { + return AccessReviewInstancesAssignedForMyApprovalClientListResponse{}, err + } + return client.listHandleResponse(resp) + }, + Tracer: client.internal.Tracer(), + }) +} + +// listCreateRequest creates the List request. +func (client *AccessReviewInstancesAssignedForMyApprovalClient) listCreateRequest(ctx context.Context, scheduleDefinitionID string, options *AccessReviewInstancesAssignedForMyApprovalClientListOptions) (*policy.Request, error) { + urlPath := "/providers/Microsoft.Authorization/accessReviewScheduleDefinitions/{scheduleDefinitionId}/instances" + if scheduleDefinitionID == "" { + return nil, errors.New("parameter scheduleDefinitionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{scheduleDefinitionId}", url.PathEscape(scheduleDefinitionID)) + req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2021-12-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + unencodedParams := []string{req.Raw().URL.RawQuery} + if options != nil && options.Filter != nil { + unencodedParams = append(unencodedParams, "$filter="+*options.Filter) + } + req.Raw().URL.RawQuery = strings.Join(unencodedParams, "&") + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// listHandleResponse handles the List response. +func (client *AccessReviewInstancesAssignedForMyApprovalClient) listHandleResponse(resp *http.Response) (AccessReviewInstancesAssignedForMyApprovalClientListResponse, error) { + result := AccessReviewInstancesAssignedForMyApprovalClientListResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.AccessReviewInstanceListResult); err != nil { + return AccessReviewInstancesAssignedForMyApprovalClientListResponse{}, err + } + return result, nil +} diff --git a/vendor/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3/accessreviewscheduledefinitions_client.go b/vendor/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3/accessreviewscheduledefinitions_client.go new file mode 100644 index 00000000000..ea70770a497 --- /dev/null +++ b/vendor/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3/accessreviewscheduledefinitions_client.go @@ -0,0 +1,328 @@ +//go:build go1.18 +// +build go1.18 + +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package armauthorization + +import ( + "context" + "errors" + "github.com/Azure/azure-sdk-for-go/sdk/azcore" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/arm" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/policy" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "net/http" + "net/url" + "strings" +) + +// AccessReviewScheduleDefinitionsClient contains the methods for the AccessReviewScheduleDefinitions group. +// Don't use this type directly, use NewAccessReviewScheduleDefinitionsClient() instead. +type AccessReviewScheduleDefinitionsClient struct { + internal *arm.Client + subscriptionID string +} + +// NewAccessReviewScheduleDefinitionsClient creates a new instance of AccessReviewScheduleDefinitionsClient with the specified values. +// - subscriptionID - The ID of the target subscription. +// - credential - used to authorize requests. Usually a credential from azidentity. +// - options - pass nil to accept the default values. +func NewAccessReviewScheduleDefinitionsClient(subscriptionID string, credential azcore.TokenCredential, options *arm.ClientOptions) (*AccessReviewScheduleDefinitionsClient, error) { + cl, err := arm.NewClient(moduleName, moduleVersion, credential, options) + if err != nil { + return nil, err + } + client := &AccessReviewScheduleDefinitionsClient{ + subscriptionID: subscriptionID, + internal: cl, + } + return client, nil +} + +// CreateOrUpdateByID - Create or Update access review schedule definition. +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2021-12-01-preview +// - scheduleDefinitionID - The id of the access review schedule definition. +// - properties - Access review schedule definition properties. +// - options - AccessReviewScheduleDefinitionsClientCreateOrUpdateByIDOptions contains the optional parameters for the AccessReviewScheduleDefinitionsClient.CreateOrUpdateByID +// method. +func (client *AccessReviewScheduleDefinitionsClient) CreateOrUpdateByID(ctx context.Context, scheduleDefinitionID string, properties AccessReviewScheduleDefinitionProperties, options *AccessReviewScheduleDefinitionsClientCreateOrUpdateByIDOptions) (AccessReviewScheduleDefinitionsClientCreateOrUpdateByIDResponse, error) { + var err error + const operationName = "AccessReviewScheduleDefinitionsClient.CreateOrUpdateByID" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.createOrUpdateByIDCreateRequest(ctx, scheduleDefinitionID, properties, options) + if err != nil { + return AccessReviewScheduleDefinitionsClientCreateOrUpdateByIDResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return AccessReviewScheduleDefinitionsClientCreateOrUpdateByIDResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK) { + err = runtime.NewResponseError(httpResp) + return AccessReviewScheduleDefinitionsClientCreateOrUpdateByIDResponse{}, err + } + resp, err := client.createOrUpdateByIDHandleResponse(httpResp) + return resp, err +} + +// createOrUpdateByIDCreateRequest creates the CreateOrUpdateByID request. +func (client *AccessReviewScheduleDefinitionsClient) createOrUpdateByIDCreateRequest(ctx context.Context, scheduleDefinitionID string, properties AccessReviewScheduleDefinitionProperties, options *AccessReviewScheduleDefinitionsClientCreateOrUpdateByIDOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/providers/Microsoft.Authorization/accessReviewScheduleDefinitions/{scheduleDefinitionId}" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if scheduleDefinitionID == "" { + return nil, errors.New("parameter scheduleDefinitionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{scheduleDefinitionId}", url.PathEscape(scheduleDefinitionID)) + req, err := runtime.NewRequest(ctx, http.MethodPut, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2021-12-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + if err := runtime.MarshalAsJSON(req, properties); err != nil { + return nil, err + } + return req, nil +} + +// createOrUpdateByIDHandleResponse handles the CreateOrUpdateByID response. +func (client *AccessReviewScheduleDefinitionsClient) createOrUpdateByIDHandleResponse(resp *http.Response) (AccessReviewScheduleDefinitionsClientCreateOrUpdateByIDResponse, error) { + result := AccessReviewScheduleDefinitionsClientCreateOrUpdateByIDResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.AccessReviewScheduleDefinition); err != nil { + return AccessReviewScheduleDefinitionsClientCreateOrUpdateByIDResponse{}, err + } + return result, nil +} + +// DeleteByID - Delete access review schedule definition +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2021-12-01-preview +// - scheduleDefinitionID - The id of the access review schedule definition. +// - options - AccessReviewScheduleDefinitionsClientDeleteByIDOptions contains the optional parameters for the AccessReviewScheduleDefinitionsClient.DeleteByID +// method. +func (client *AccessReviewScheduleDefinitionsClient) DeleteByID(ctx context.Context, scheduleDefinitionID string, options *AccessReviewScheduleDefinitionsClientDeleteByIDOptions) (AccessReviewScheduleDefinitionsClientDeleteByIDResponse, error) { + var err error + const operationName = "AccessReviewScheduleDefinitionsClient.DeleteByID" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.deleteByIDCreateRequest(ctx, scheduleDefinitionID, options) + if err != nil { + return AccessReviewScheduleDefinitionsClientDeleteByIDResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return AccessReviewScheduleDefinitionsClientDeleteByIDResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK, http.StatusNoContent) { + err = runtime.NewResponseError(httpResp) + return AccessReviewScheduleDefinitionsClientDeleteByIDResponse{}, err + } + return AccessReviewScheduleDefinitionsClientDeleteByIDResponse{}, nil +} + +// deleteByIDCreateRequest creates the DeleteByID request. +func (client *AccessReviewScheduleDefinitionsClient) deleteByIDCreateRequest(ctx context.Context, scheduleDefinitionID string, options *AccessReviewScheduleDefinitionsClientDeleteByIDOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/providers/Microsoft.Authorization/accessReviewScheduleDefinitions/{scheduleDefinitionId}" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if scheduleDefinitionID == "" { + return nil, errors.New("parameter scheduleDefinitionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{scheduleDefinitionId}", url.PathEscape(scheduleDefinitionID)) + req, err := runtime.NewRequest(ctx, http.MethodDelete, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2021-12-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// GetByID - Get single access review definition +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2021-12-01-preview +// - scheduleDefinitionID - The id of the access review schedule definition. +// - options - AccessReviewScheduleDefinitionsClientGetByIDOptions contains the optional parameters for the AccessReviewScheduleDefinitionsClient.GetByID +// method. +func (client *AccessReviewScheduleDefinitionsClient) GetByID(ctx context.Context, scheduleDefinitionID string, options *AccessReviewScheduleDefinitionsClientGetByIDOptions) (AccessReviewScheduleDefinitionsClientGetByIDResponse, error) { + var err error + const operationName = "AccessReviewScheduleDefinitionsClient.GetByID" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.getByIDCreateRequest(ctx, scheduleDefinitionID, options) + if err != nil { + return AccessReviewScheduleDefinitionsClientGetByIDResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return AccessReviewScheduleDefinitionsClientGetByIDResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK) { + err = runtime.NewResponseError(httpResp) + return AccessReviewScheduleDefinitionsClientGetByIDResponse{}, err + } + resp, err := client.getByIDHandleResponse(httpResp) + return resp, err +} + +// getByIDCreateRequest creates the GetByID request. +func (client *AccessReviewScheduleDefinitionsClient) getByIDCreateRequest(ctx context.Context, scheduleDefinitionID string, options *AccessReviewScheduleDefinitionsClientGetByIDOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/providers/Microsoft.Authorization/accessReviewScheduleDefinitions/{scheduleDefinitionId}" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if scheduleDefinitionID == "" { + return nil, errors.New("parameter scheduleDefinitionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{scheduleDefinitionId}", url.PathEscape(scheduleDefinitionID)) + req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2021-12-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// getByIDHandleResponse handles the GetByID response. +func (client *AccessReviewScheduleDefinitionsClient) getByIDHandleResponse(resp *http.Response) (AccessReviewScheduleDefinitionsClientGetByIDResponse, error) { + result := AccessReviewScheduleDefinitionsClientGetByIDResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.AccessReviewScheduleDefinition); err != nil { + return AccessReviewScheduleDefinitionsClientGetByIDResponse{}, err + } + return result, nil +} + +// NewListPager - Get access review schedule definitions +// +// Generated from API version 2021-12-01-preview +// - options - AccessReviewScheduleDefinitionsClientListOptions contains the optional parameters for the AccessReviewScheduleDefinitionsClient.NewListPager +// method. +func (client *AccessReviewScheduleDefinitionsClient) NewListPager(options *AccessReviewScheduleDefinitionsClientListOptions) *runtime.Pager[AccessReviewScheduleDefinitionsClientListResponse] { + return runtime.NewPager(runtime.PagingHandler[AccessReviewScheduleDefinitionsClientListResponse]{ + More: func(page AccessReviewScheduleDefinitionsClientListResponse) bool { + return page.NextLink != nil && len(*page.NextLink) > 0 + }, + Fetcher: func(ctx context.Context, page *AccessReviewScheduleDefinitionsClientListResponse) (AccessReviewScheduleDefinitionsClientListResponse, error) { + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, "AccessReviewScheduleDefinitionsClient.NewListPager") + nextLink := "" + if page != nil { + nextLink = *page.NextLink + } + resp, err := runtime.FetcherForNextLink(ctx, client.internal.Pipeline(), nextLink, func(ctx context.Context) (*policy.Request, error) { + return client.listCreateRequest(ctx, options) + }, nil) + if err != nil { + return AccessReviewScheduleDefinitionsClientListResponse{}, err + } + return client.listHandleResponse(resp) + }, + Tracer: client.internal.Tracer(), + }) +} + +// listCreateRequest creates the List request. +func (client *AccessReviewScheduleDefinitionsClient) listCreateRequest(ctx context.Context, options *AccessReviewScheduleDefinitionsClientListOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/providers/Microsoft.Authorization/accessReviewScheduleDefinitions" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2021-12-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + unencodedParams := []string{req.Raw().URL.RawQuery} + if options != nil && options.Filter != nil { + unencodedParams = append(unencodedParams, "$filter="+*options.Filter) + } + req.Raw().URL.RawQuery = strings.Join(unencodedParams, "&") + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// listHandleResponse handles the List response. +func (client *AccessReviewScheduleDefinitionsClient) listHandleResponse(resp *http.Response) (AccessReviewScheduleDefinitionsClientListResponse, error) { + result := AccessReviewScheduleDefinitionsClientListResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.AccessReviewScheduleDefinitionListResult); err != nil { + return AccessReviewScheduleDefinitionsClientListResponse{}, err + } + return result, nil +} + +// Stop - Stop access review definition +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2021-12-01-preview +// - scheduleDefinitionID - The id of the access review schedule definition. +// - options - AccessReviewScheduleDefinitionsClientStopOptions contains the optional parameters for the AccessReviewScheduleDefinitionsClient.Stop +// method. +func (client *AccessReviewScheduleDefinitionsClient) Stop(ctx context.Context, scheduleDefinitionID string, options *AccessReviewScheduleDefinitionsClientStopOptions) (AccessReviewScheduleDefinitionsClientStopResponse, error) { + var err error + const operationName = "AccessReviewScheduleDefinitionsClient.Stop" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.stopCreateRequest(ctx, scheduleDefinitionID, options) + if err != nil { + return AccessReviewScheduleDefinitionsClientStopResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return AccessReviewScheduleDefinitionsClientStopResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusNoContent) { + err = runtime.NewResponseError(httpResp) + return AccessReviewScheduleDefinitionsClientStopResponse{}, err + } + return AccessReviewScheduleDefinitionsClientStopResponse{}, nil +} + +// stopCreateRequest creates the Stop request. +func (client *AccessReviewScheduleDefinitionsClient) stopCreateRequest(ctx context.Context, scheduleDefinitionID string, options *AccessReviewScheduleDefinitionsClientStopOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/providers/Microsoft.Authorization/accessReviewScheduleDefinitions/{scheduleDefinitionId}/stop" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if scheduleDefinitionID == "" { + return nil, errors.New("parameter scheduleDefinitionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{scheduleDefinitionId}", url.PathEscape(scheduleDefinitionID)) + req, err := runtime.NewRequest(ctx, http.MethodPost, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2021-12-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} diff --git a/vendor/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3/accessreviewscheduledefinitionsassignedformyapproval_client.go b/vendor/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3/accessreviewscheduledefinitionsassignedformyapproval_client.go new file mode 100644 index 00000000000..698d468a752 --- /dev/null +++ b/vendor/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3/accessreviewscheduledefinitionsassignedformyapproval_client.go @@ -0,0 +1,95 @@ +//go:build go1.18 +// +build go1.18 + +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package armauthorization + +import ( + "context" + "github.com/Azure/azure-sdk-for-go/sdk/azcore" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/arm" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/policy" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "net/http" + "strings" +) + +// AccessReviewScheduleDefinitionsAssignedForMyApprovalClient contains the methods for the AccessReviewScheduleDefinitionsAssignedForMyApproval group. +// Don't use this type directly, use NewAccessReviewScheduleDefinitionsAssignedForMyApprovalClient() instead. +type AccessReviewScheduleDefinitionsAssignedForMyApprovalClient struct { + internal *arm.Client +} + +// NewAccessReviewScheduleDefinitionsAssignedForMyApprovalClient creates a new instance of AccessReviewScheduleDefinitionsAssignedForMyApprovalClient with the specified values. +// - credential - used to authorize requests. Usually a credential from azidentity. +// - options - pass nil to accept the default values. +func NewAccessReviewScheduleDefinitionsAssignedForMyApprovalClient(credential azcore.TokenCredential, options *arm.ClientOptions) (*AccessReviewScheduleDefinitionsAssignedForMyApprovalClient, error) { + cl, err := arm.NewClient(moduleName, moduleVersion, credential, options) + if err != nil { + return nil, err + } + client := &AccessReviewScheduleDefinitionsAssignedForMyApprovalClient{ + internal: cl, + } + return client, nil +} + +// NewListPager - Get access review instances assigned for my approval. +// +// Generated from API version 2021-12-01-preview +// - options - AccessReviewScheduleDefinitionsAssignedForMyApprovalClientListOptions contains the optional parameters for the +// AccessReviewScheduleDefinitionsAssignedForMyApprovalClient.NewListPager method. +func (client *AccessReviewScheduleDefinitionsAssignedForMyApprovalClient) NewListPager(options *AccessReviewScheduleDefinitionsAssignedForMyApprovalClientListOptions) *runtime.Pager[AccessReviewScheduleDefinitionsAssignedForMyApprovalClientListResponse] { + return runtime.NewPager(runtime.PagingHandler[AccessReviewScheduleDefinitionsAssignedForMyApprovalClientListResponse]{ + More: func(page AccessReviewScheduleDefinitionsAssignedForMyApprovalClientListResponse) bool { + return page.NextLink != nil && len(*page.NextLink) > 0 + }, + Fetcher: func(ctx context.Context, page *AccessReviewScheduleDefinitionsAssignedForMyApprovalClientListResponse) (AccessReviewScheduleDefinitionsAssignedForMyApprovalClientListResponse, error) { + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, "AccessReviewScheduleDefinitionsAssignedForMyApprovalClient.NewListPager") + nextLink := "" + if page != nil { + nextLink = *page.NextLink + } + resp, err := runtime.FetcherForNextLink(ctx, client.internal.Pipeline(), nextLink, func(ctx context.Context) (*policy.Request, error) { + return client.listCreateRequest(ctx, options) + }, nil) + if err != nil { + return AccessReviewScheduleDefinitionsAssignedForMyApprovalClientListResponse{}, err + } + return client.listHandleResponse(resp) + }, + Tracer: client.internal.Tracer(), + }) +} + +// listCreateRequest creates the List request. +func (client *AccessReviewScheduleDefinitionsAssignedForMyApprovalClient) listCreateRequest(ctx context.Context, options *AccessReviewScheduleDefinitionsAssignedForMyApprovalClientListOptions) (*policy.Request, error) { + urlPath := "/providers/Microsoft.Authorization/accessReviewScheduleDefinitions" + req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2021-12-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + unencodedParams := []string{req.Raw().URL.RawQuery} + if options != nil && options.Filter != nil { + unencodedParams = append(unencodedParams, "$filter="+*options.Filter) + } + req.Raw().URL.RawQuery = strings.Join(unencodedParams, "&") + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// listHandleResponse handles the List response. +func (client *AccessReviewScheduleDefinitionsAssignedForMyApprovalClient) listHandleResponse(resp *http.Response) (AccessReviewScheduleDefinitionsAssignedForMyApprovalClientListResponse, error) { + result := AccessReviewScheduleDefinitionsAssignedForMyApprovalClientListResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.AccessReviewScheduleDefinitionListResult); err != nil { + return AccessReviewScheduleDefinitionsAssignedForMyApprovalClientListResponse{}, err + } + return result, nil +} diff --git a/vendor/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3/alertconfigurations_client.go b/vendor/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3/alertconfigurations_client.go new file mode 100644 index 00000000000..25ff2d4b9d9 --- /dev/null +++ b/vendor/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3/alertconfigurations_client.go @@ -0,0 +1,200 @@ +//go:build go1.18 +// +build go1.18 + +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package armauthorization + +import ( + "context" + "github.com/Azure/azure-sdk-for-go/sdk/azcore" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/arm" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/policy" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "net/http" + "strings" +) + +// AlertConfigurationsClient contains the methods for the AlertConfigurations group. +// Don't use this type directly, use NewAlertConfigurationsClient() instead. +type AlertConfigurationsClient struct { + internal *arm.Client +} + +// NewAlertConfigurationsClient creates a new instance of AlertConfigurationsClient with the specified values. +// - credential - used to authorize requests. Usually a credential from azidentity. +// - options - pass nil to accept the default values. +func NewAlertConfigurationsClient(credential azcore.TokenCredential, options *arm.ClientOptions) (*AlertConfigurationsClient, error) { + cl, err := arm.NewClient(moduleName, moduleVersion, credential, options) + if err != nil { + return nil, err + } + client := &AlertConfigurationsClient{ + internal: cl, + } + return client, nil +} + +// Get - Get the specified alert configuration. +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2022-08-01-preview +// - scope - The scope of the alert configuration. The scope can be any REST resource instance. For example, use '/providers/Microsoft.Subscription/subscriptions/{subscription-id}/' +// for a subscription, +// '/providers/Microsoft.Subscription/subscriptions/{subscription-id}/resourceGroups/{resource-group-name}' for a resource +// group, and +// '/providers/Microsoft.Subscription/subscriptions/{subscription-id}/resourceGroups/{resource-group-name}/providers/{resource-provider}/{resource-type}/{resource-name}' +// for a resource. +// - alertID - The name of the alert configuration to get. +// - options - AlertConfigurationsClientGetOptions contains the optional parameters for the AlertConfigurationsClient.Get method. +func (client *AlertConfigurationsClient) Get(ctx context.Context, scope string, alertID string, options *AlertConfigurationsClientGetOptions) (AlertConfigurationsClientGetResponse, error) { + var err error + const operationName = "AlertConfigurationsClient.Get" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.getCreateRequest(ctx, scope, alertID, options) + if err != nil { + return AlertConfigurationsClientGetResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return AlertConfigurationsClientGetResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK) { + err = runtime.NewResponseError(httpResp) + return AlertConfigurationsClientGetResponse{}, err + } + resp, err := client.getHandleResponse(httpResp) + return resp, err +} + +// getCreateRequest creates the Get request. +func (client *AlertConfigurationsClient) getCreateRequest(ctx context.Context, scope string, alertID string, options *AlertConfigurationsClientGetOptions) (*policy.Request, error) { + urlPath := "/{scope}/providers/Microsoft.Authorization/roleManagementAlertConfigurations/{alertId}" + urlPath = strings.ReplaceAll(urlPath, "{scope}", scope) + urlPath = strings.ReplaceAll(urlPath, "{alertId}", alertID) + req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2022-08-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// getHandleResponse handles the Get response. +func (client *AlertConfigurationsClient) getHandleResponse(resp *http.Response) (AlertConfigurationsClientGetResponse, error) { + result := AlertConfigurationsClientGetResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.AlertConfiguration); err != nil { + return AlertConfigurationsClientGetResponse{}, err + } + return result, nil +} + +// NewListForScopePager - Gets alert configurations for a resource scope. +// +// Generated from API version 2022-08-01-preview +// - scope - The scope of the alert configuration. +// - options - AlertConfigurationsClientListForScopeOptions contains the optional parameters for the AlertConfigurationsClient.NewListForScopePager +// method. +func (client *AlertConfigurationsClient) NewListForScopePager(scope string, options *AlertConfigurationsClientListForScopeOptions) *runtime.Pager[AlertConfigurationsClientListForScopeResponse] { + return runtime.NewPager(runtime.PagingHandler[AlertConfigurationsClientListForScopeResponse]{ + More: func(page AlertConfigurationsClientListForScopeResponse) bool { + return page.NextLink != nil && len(*page.NextLink) > 0 + }, + Fetcher: func(ctx context.Context, page *AlertConfigurationsClientListForScopeResponse) (AlertConfigurationsClientListForScopeResponse, error) { + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, "AlertConfigurationsClient.NewListForScopePager") + nextLink := "" + if page != nil { + nextLink = *page.NextLink + } + resp, err := runtime.FetcherForNextLink(ctx, client.internal.Pipeline(), nextLink, func(ctx context.Context) (*policy.Request, error) { + return client.listForScopeCreateRequest(ctx, scope, options) + }, nil) + if err != nil { + return AlertConfigurationsClientListForScopeResponse{}, err + } + return client.listForScopeHandleResponse(resp) + }, + Tracer: client.internal.Tracer(), + }) +} + +// listForScopeCreateRequest creates the ListForScope request. +func (client *AlertConfigurationsClient) listForScopeCreateRequest(ctx context.Context, scope string, options *AlertConfigurationsClientListForScopeOptions) (*policy.Request, error) { + urlPath := "/{scope}/providers/Microsoft.Authorization/roleManagementAlertConfigurations" + urlPath = strings.ReplaceAll(urlPath, "{scope}", scope) + req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2022-08-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// listForScopeHandleResponse handles the ListForScope response. +func (client *AlertConfigurationsClient) listForScopeHandleResponse(resp *http.Response) (AlertConfigurationsClientListForScopeResponse, error) { + result := AlertConfigurationsClientListForScopeResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.AlertConfigurationListResult); err != nil { + return AlertConfigurationsClientListForScopeResponse{}, err + } + return result, nil +} + +// Update - Update an alert configuration. +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2022-08-01-preview +// - scope - The scope of the alert configuration. +// - alertID - The name of the alert configuration to update. +// - parameters - Parameters for the alert configuration. +// - options - AlertConfigurationsClientUpdateOptions contains the optional parameters for the AlertConfigurationsClient.Update +// method. +func (client *AlertConfigurationsClient) Update(ctx context.Context, scope string, alertID string, parameters AlertConfiguration, options *AlertConfigurationsClientUpdateOptions) (AlertConfigurationsClientUpdateResponse, error) { + var err error + const operationName = "AlertConfigurationsClient.Update" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.updateCreateRequest(ctx, scope, alertID, parameters, options) + if err != nil { + return AlertConfigurationsClientUpdateResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return AlertConfigurationsClientUpdateResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusNoContent) { + err = runtime.NewResponseError(httpResp) + return AlertConfigurationsClientUpdateResponse{}, err + } + return AlertConfigurationsClientUpdateResponse{}, nil +} + +// updateCreateRequest creates the Update request. +func (client *AlertConfigurationsClient) updateCreateRequest(ctx context.Context, scope string, alertID string, parameters AlertConfiguration, options *AlertConfigurationsClientUpdateOptions) (*policy.Request, error) { + urlPath := "/{scope}/providers/Microsoft.Authorization/roleManagementAlertConfigurations/{alertId}" + urlPath = strings.ReplaceAll(urlPath, "{scope}", scope) + urlPath = strings.ReplaceAll(urlPath, "{alertId}", alertID) + req, err := runtime.NewRequest(ctx, http.MethodPatch, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2022-08-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + if err := runtime.MarshalAsJSON(req, parameters); err != nil { + return nil, err + } + return req, nil +} diff --git a/vendor/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3/alertdefinitions_client.go b/vendor/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3/alertdefinitions_client.go new file mode 100644 index 00000000000..df5cdbfcaf5 --- /dev/null +++ b/vendor/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3/alertdefinitions_client.go @@ -0,0 +1,151 @@ +//go:build go1.18 +// +build go1.18 + +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package armauthorization + +import ( + "context" + "github.com/Azure/azure-sdk-for-go/sdk/azcore" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/arm" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/policy" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "net/http" + "strings" +) + +// AlertDefinitionsClient contains the methods for the AlertDefinitions group. +// Don't use this type directly, use NewAlertDefinitionsClient() instead. +type AlertDefinitionsClient struct { + internal *arm.Client +} + +// NewAlertDefinitionsClient creates a new instance of AlertDefinitionsClient with the specified values. +// - credential - used to authorize requests. Usually a credential from azidentity. +// - options - pass nil to accept the default values. +func NewAlertDefinitionsClient(credential azcore.TokenCredential, options *arm.ClientOptions) (*AlertDefinitionsClient, error) { + cl, err := arm.NewClient(moduleName, moduleVersion, credential, options) + if err != nil { + return nil, err + } + client := &AlertDefinitionsClient{ + internal: cl, + } + return client, nil +} + +// Get - Get the specified alert definition. +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2022-08-01-preview +// - scope - The scope of the alert definition. The scope can be any REST resource instance. For example, use '/providers/Microsoft.Subscription/subscriptions/{subscription-id}/' +// for a subscription, +// '/providers/Microsoft.Subscription/subscriptions/{subscription-id}/resourceGroups/{resource-group-name}' for a resource +// group, and +// '/providers/Microsoft.Subscription/subscriptions/{subscription-id}/resourceGroups/{resource-group-name}/providers/{resource-provider}/{resource-type}/{resource-name}' +// for a resource. +// - alertDefinitionID - The name of the alert definition to get. +// - options - AlertDefinitionsClientGetOptions contains the optional parameters for the AlertDefinitionsClient.Get method. +func (client *AlertDefinitionsClient) Get(ctx context.Context, scope string, alertDefinitionID string, options *AlertDefinitionsClientGetOptions) (AlertDefinitionsClientGetResponse, error) { + var err error + const operationName = "AlertDefinitionsClient.Get" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.getCreateRequest(ctx, scope, alertDefinitionID, options) + if err != nil { + return AlertDefinitionsClientGetResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return AlertDefinitionsClientGetResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK) { + err = runtime.NewResponseError(httpResp) + return AlertDefinitionsClientGetResponse{}, err + } + resp, err := client.getHandleResponse(httpResp) + return resp, err +} + +// getCreateRequest creates the Get request. +func (client *AlertDefinitionsClient) getCreateRequest(ctx context.Context, scope string, alertDefinitionID string, options *AlertDefinitionsClientGetOptions) (*policy.Request, error) { + urlPath := "/{scope}/providers/Microsoft.Authorization/roleManagementAlertDefinitions/{alertDefinitionId}" + urlPath = strings.ReplaceAll(urlPath, "{scope}", scope) + urlPath = strings.ReplaceAll(urlPath, "{alertDefinitionId}", alertDefinitionID) + req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2022-08-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// getHandleResponse handles the Get response. +func (client *AlertDefinitionsClient) getHandleResponse(resp *http.Response) (AlertDefinitionsClientGetResponse, error) { + result := AlertDefinitionsClientGetResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.AlertDefinition); err != nil { + return AlertDefinitionsClientGetResponse{}, err + } + return result, nil +} + +// NewListForScopePager - Gets alert definitions for a resource scope. +// +// Generated from API version 2022-08-01-preview +// - scope - The scope of the alert definition. +// - options - AlertDefinitionsClientListForScopeOptions contains the optional parameters for the AlertDefinitionsClient.NewListForScopePager +// method. +func (client *AlertDefinitionsClient) NewListForScopePager(scope string, options *AlertDefinitionsClientListForScopeOptions) *runtime.Pager[AlertDefinitionsClientListForScopeResponse] { + return runtime.NewPager(runtime.PagingHandler[AlertDefinitionsClientListForScopeResponse]{ + More: func(page AlertDefinitionsClientListForScopeResponse) bool { + return page.NextLink != nil && len(*page.NextLink) > 0 + }, + Fetcher: func(ctx context.Context, page *AlertDefinitionsClientListForScopeResponse) (AlertDefinitionsClientListForScopeResponse, error) { + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, "AlertDefinitionsClient.NewListForScopePager") + nextLink := "" + if page != nil { + nextLink = *page.NextLink + } + resp, err := runtime.FetcherForNextLink(ctx, client.internal.Pipeline(), nextLink, func(ctx context.Context) (*policy.Request, error) { + return client.listForScopeCreateRequest(ctx, scope, options) + }, nil) + if err != nil { + return AlertDefinitionsClientListForScopeResponse{}, err + } + return client.listForScopeHandleResponse(resp) + }, + Tracer: client.internal.Tracer(), + }) +} + +// listForScopeCreateRequest creates the ListForScope request. +func (client *AlertDefinitionsClient) listForScopeCreateRequest(ctx context.Context, scope string, options *AlertDefinitionsClientListForScopeOptions) (*policy.Request, error) { + urlPath := "/{scope}/providers/Microsoft.Authorization/roleManagementAlertDefinitions" + urlPath = strings.ReplaceAll(urlPath, "{scope}", scope) + req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2022-08-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// listForScopeHandleResponse handles the ListForScope response. +func (client *AlertDefinitionsClient) listForScopeHandleResponse(resp *http.Response) (AlertDefinitionsClientListForScopeResponse, error) { + result := AlertDefinitionsClientListForScopeResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.AlertDefinitionListResult); err != nil { + return AlertDefinitionsClientListForScopeResponse{}, err + } + return result, nil +} diff --git a/vendor/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3/alertincidents_client.go b/vendor/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3/alertincidents_client.go new file mode 100644 index 00000000000..e410a91bbc9 --- /dev/null +++ b/vendor/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3/alertincidents_client.go @@ -0,0 +1,202 @@ +//go:build go1.18 +// +build go1.18 + +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package armauthorization + +import ( + "context" + "github.com/Azure/azure-sdk-for-go/sdk/azcore" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/arm" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/policy" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "net/http" + "strings" +) + +// AlertIncidentsClient contains the methods for the AlertIncidents group. +// Don't use this type directly, use NewAlertIncidentsClient() instead. +type AlertIncidentsClient struct { + internal *arm.Client +} + +// NewAlertIncidentsClient creates a new instance of AlertIncidentsClient with the specified values. +// - credential - used to authorize requests. Usually a credential from azidentity. +// - options - pass nil to accept the default values. +func NewAlertIncidentsClient(credential azcore.TokenCredential, options *arm.ClientOptions) (*AlertIncidentsClient, error) { + cl, err := arm.NewClient(moduleName, moduleVersion, credential, options) + if err != nil { + return nil, err + } + client := &AlertIncidentsClient{ + internal: cl, + } + return client, nil +} + +// Get - Get the specified alert incident. +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2022-08-01-preview +// - scope - The scope of the alert incident. The scope can be any REST resource instance. For example, use '/providers/Microsoft.Subscription/subscriptions/{subscription-id}/' +// for a subscription, +// '/providers/Microsoft.Subscription/subscriptions/{subscription-id}/resourceGroups/{resource-group-name}' for a resource +// group, and +// '/providers/Microsoft.Subscription/subscriptions/{subscription-id}/resourceGroups/{resource-group-name}/providers/{resource-provider}/{resource-type}/{resource-name}' +// for a resource. +// - alertID - The name of the alert. +// - alertIncidentID - The name of the alert incident to get. +// - options - AlertIncidentsClientGetOptions contains the optional parameters for the AlertIncidentsClient.Get method. +func (client *AlertIncidentsClient) Get(ctx context.Context, scope string, alertID string, alertIncidentID string, options *AlertIncidentsClientGetOptions) (AlertIncidentsClientGetResponse, error) { + var err error + const operationName = "AlertIncidentsClient.Get" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.getCreateRequest(ctx, scope, alertID, alertIncidentID, options) + if err != nil { + return AlertIncidentsClientGetResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return AlertIncidentsClientGetResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK) { + err = runtime.NewResponseError(httpResp) + return AlertIncidentsClientGetResponse{}, err + } + resp, err := client.getHandleResponse(httpResp) + return resp, err +} + +// getCreateRequest creates the Get request. +func (client *AlertIncidentsClient) getCreateRequest(ctx context.Context, scope string, alertID string, alertIncidentID string, options *AlertIncidentsClientGetOptions) (*policy.Request, error) { + urlPath := "/{scope}/providers/Microsoft.Authorization/roleManagementAlerts/{alertId}/alertIncidents/{alertIncidentId}" + urlPath = strings.ReplaceAll(urlPath, "{scope}", scope) + urlPath = strings.ReplaceAll(urlPath, "{alertId}", alertID) + urlPath = strings.ReplaceAll(urlPath, "{alertIncidentId}", alertIncidentID) + req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2022-08-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// getHandleResponse handles the Get response. +func (client *AlertIncidentsClient) getHandleResponse(resp *http.Response) (AlertIncidentsClientGetResponse, error) { + result := AlertIncidentsClientGetResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.AlertIncident); err != nil { + return AlertIncidentsClientGetResponse{}, err + } + return result, nil +} + +// NewListForScopePager - Gets alert incidents for a resource scope. +// +// Generated from API version 2022-08-01-preview +// - scope - The scope of the alert incident. +// - alertID - The name of the alert. +// - options - AlertIncidentsClientListForScopeOptions contains the optional parameters for the AlertIncidentsClient.NewListForScopePager +// method. +func (client *AlertIncidentsClient) NewListForScopePager(scope string, alertID string, options *AlertIncidentsClientListForScopeOptions) *runtime.Pager[AlertIncidentsClientListForScopeResponse] { + return runtime.NewPager(runtime.PagingHandler[AlertIncidentsClientListForScopeResponse]{ + More: func(page AlertIncidentsClientListForScopeResponse) bool { + return page.NextLink != nil && len(*page.NextLink) > 0 + }, + Fetcher: func(ctx context.Context, page *AlertIncidentsClientListForScopeResponse) (AlertIncidentsClientListForScopeResponse, error) { + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, "AlertIncidentsClient.NewListForScopePager") + nextLink := "" + if page != nil { + nextLink = *page.NextLink + } + resp, err := runtime.FetcherForNextLink(ctx, client.internal.Pipeline(), nextLink, func(ctx context.Context) (*policy.Request, error) { + return client.listForScopeCreateRequest(ctx, scope, alertID, options) + }, nil) + if err != nil { + return AlertIncidentsClientListForScopeResponse{}, err + } + return client.listForScopeHandleResponse(resp) + }, + Tracer: client.internal.Tracer(), + }) +} + +// listForScopeCreateRequest creates the ListForScope request. +func (client *AlertIncidentsClient) listForScopeCreateRequest(ctx context.Context, scope string, alertID string, options *AlertIncidentsClientListForScopeOptions) (*policy.Request, error) { + urlPath := "/{scope}/providers/Microsoft.Authorization/roleManagementAlerts/{alertId}/alertIncidents" + urlPath = strings.ReplaceAll(urlPath, "{scope}", scope) + urlPath = strings.ReplaceAll(urlPath, "{alertId}", alertID) + req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2022-08-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// listForScopeHandleResponse handles the ListForScope response. +func (client *AlertIncidentsClient) listForScopeHandleResponse(resp *http.Response) (AlertIncidentsClientListForScopeResponse, error) { + result := AlertIncidentsClientListForScopeResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.AlertIncidentListResult); err != nil { + return AlertIncidentsClientListForScopeResponse{}, err + } + return result, nil +} + +// Remediate - Remediate an alert incident. +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2022-08-01-preview +// - scope - The scope of the alert incident. +// - alertID - The name of the alert. +// - alertIncidentID - The name of the alert incident to remediate. +// - options - AlertIncidentsClientRemediateOptions contains the optional parameters for the AlertIncidentsClient.Remediate +// method. +func (client *AlertIncidentsClient) Remediate(ctx context.Context, scope string, alertID string, alertIncidentID string, options *AlertIncidentsClientRemediateOptions) (AlertIncidentsClientRemediateResponse, error) { + var err error + const operationName = "AlertIncidentsClient.Remediate" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.remediateCreateRequest(ctx, scope, alertID, alertIncidentID, options) + if err != nil { + return AlertIncidentsClientRemediateResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return AlertIncidentsClientRemediateResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusNoContent) { + err = runtime.NewResponseError(httpResp) + return AlertIncidentsClientRemediateResponse{}, err + } + return AlertIncidentsClientRemediateResponse{}, nil +} + +// remediateCreateRequest creates the Remediate request. +func (client *AlertIncidentsClient) remediateCreateRequest(ctx context.Context, scope string, alertID string, alertIncidentID string, options *AlertIncidentsClientRemediateOptions) (*policy.Request, error) { + urlPath := "/{scope}/providers/Microsoft.Authorization/roleManagementAlerts/{alertId}/alertIncidents/{alertIncidentId}/remediate" + urlPath = strings.ReplaceAll(urlPath, "{scope}", scope) + urlPath = strings.ReplaceAll(urlPath, "{alertId}", alertID) + urlPath = strings.ReplaceAll(urlPath, "{alertIncidentId}", alertIncidentID) + req, err := runtime.NewRequest(ctx, http.MethodPost, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2022-08-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} diff --git a/vendor/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3/alertoperation_client.go b/vendor/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3/alertoperation_client.go new file mode 100644 index 00000000000..b2db3a48aeb --- /dev/null +++ b/vendor/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3/alertoperation_client.go @@ -0,0 +1,93 @@ +//go:build go1.18 +// +build go1.18 + +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package armauthorization + +import ( + "context" + "github.com/Azure/azure-sdk-for-go/sdk/azcore" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/arm" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/policy" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "net/http" + "strings" +) + +// AlertOperationClient contains the methods for the AlertOperation group. +// Don't use this type directly, use NewAlertOperationClient() instead. +type AlertOperationClient struct { + internal *arm.Client +} + +// NewAlertOperationClient creates a new instance of AlertOperationClient with the specified values. +// - credential - used to authorize requests. Usually a credential from azidentity. +// - options - pass nil to accept the default values. +func NewAlertOperationClient(credential azcore.TokenCredential, options *arm.ClientOptions) (*AlertOperationClient, error) { + cl, err := arm.NewClient(moduleName, moduleVersion, credential, options) + if err != nil { + return nil, err + } + client := &AlertOperationClient{ + internal: cl, + } + return client, nil +} + +// Get - Get the specified alert operation. +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2022-08-01-preview +// - scope - The scope of the alert operation. +// - operationID - The id of the alert operation. +// - options - AlertOperationClientGetOptions contains the optional parameters for the AlertOperationClient.Get method. +func (client *AlertOperationClient) Get(ctx context.Context, scope string, operationID string, options *AlertOperationClientGetOptions) (AlertOperationClientGetResponse, error) { + var err error + const operationName = "AlertOperationClient.Get" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.getCreateRequest(ctx, scope, operationID, options) + if err != nil { + return AlertOperationClientGetResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return AlertOperationClientGetResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK) { + err = runtime.NewResponseError(httpResp) + return AlertOperationClientGetResponse{}, err + } + resp, err := client.getHandleResponse(httpResp) + return resp, err +} + +// getCreateRequest creates the Get request. +func (client *AlertOperationClient) getCreateRequest(ctx context.Context, scope string, operationID string, options *AlertOperationClientGetOptions) (*policy.Request, error) { + urlPath := "/{scope}/providers/Microsoft.Authorization/roleManagementAlertOperations/{operationId}" + urlPath = strings.ReplaceAll(urlPath, "{scope}", scope) + urlPath = strings.ReplaceAll(urlPath, "{operationId}", operationID) + req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2022-08-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// getHandleResponse handles the Get response. +func (client *AlertOperationClient) getHandleResponse(resp *http.Response) (AlertOperationClientGetResponse, error) { + result := AlertOperationClientGetResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.AlertOperationResult); err != nil { + return AlertOperationClientGetResponse{}, err + } + return result, nil +} diff --git a/vendor/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3/alerts_client.go b/vendor/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3/alerts_client.go new file mode 100644 index 00000000000..72c09a70039 --- /dev/null +++ b/vendor/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3/alerts_client.go @@ -0,0 +1,328 @@ +//go:build go1.18 +// +build go1.18 + +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package armauthorization + +import ( + "context" + "github.com/Azure/azure-sdk-for-go/sdk/azcore" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/arm" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/policy" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "net/http" + "strings" +) + +// AlertsClient contains the methods for the Alerts group. +// Don't use this type directly, use NewAlertsClient() instead. +type AlertsClient struct { + internal *arm.Client +} + +// NewAlertsClient creates a new instance of AlertsClient with the specified values. +// - credential - used to authorize requests. Usually a credential from azidentity. +// - options - pass nil to accept the default values. +func NewAlertsClient(credential azcore.TokenCredential, options *arm.ClientOptions) (*AlertsClient, error) { + cl, err := arm.NewClient(moduleName, moduleVersion, credential, options) + if err != nil { + return nil, err + } + client := &AlertsClient{ + internal: cl, + } + return client, nil +} + +// Get - Get the specified alert. +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2022-08-01-preview +// - scope - The scope of the alert. The scope can be any REST resource instance. For example, use '/providers/Microsoft.Subscription/subscriptions/{subscription-id}/' +// for a subscription, +// '/providers/Microsoft.Subscription/subscriptions/{subscription-id}/resourceGroups/{resource-group-name}' for a resource +// group, and +// '/providers/Microsoft.Subscription/subscriptions/{subscription-id}/resourceGroups/{resource-group-name}/providers/{resource-provider}/{resource-type}/{resource-name}' +// for a resource. +// - alertID - The name of the alert to get. +// - options - AlertsClientGetOptions contains the optional parameters for the AlertsClient.Get method. +func (client *AlertsClient) Get(ctx context.Context, scope string, alertID string, options *AlertsClientGetOptions) (AlertsClientGetResponse, error) { + var err error + const operationName = "AlertsClient.Get" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.getCreateRequest(ctx, scope, alertID, options) + if err != nil { + return AlertsClientGetResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return AlertsClientGetResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK) { + err = runtime.NewResponseError(httpResp) + return AlertsClientGetResponse{}, err + } + resp, err := client.getHandleResponse(httpResp) + return resp, err +} + +// getCreateRequest creates the Get request. +func (client *AlertsClient) getCreateRequest(ctx context.Context, scope string, alertID string, options *AlertsClientGetOptions) (*policy.Request, error) { + urlPath := "/{scope}/providers/Microsoft.Authorization/roleManagementAlerts/{alertId}" + urlPath = strings.ReplaceAll(urlPath, "{scope}", scope) + urlPath = strings.ReplaceAll(urlPath, "{alertId}", alertID) + req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2022-08-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// getHandleResponse handles the Get response. +func (client *AlertsClient) getHandleResponse(resp *http.Response) (AlertsClientGetResponse, error) { + result := AlertsClientGetResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.Alert); err != nil { + return AlertsClientGetResponse{}, err + } + return result, nil +} + +// NewListForScopePager - Gets alerts for a resource scope. +// +// Generated from API version 2022-08-01-preview +// - scope - The scope of the alert. +// - options - AlertsClientListForScopeOptions contains the optional parameters for the AlertsClient.NewListForScopePager method. +func (client *AlertsClient) NewListForScopePager(scope string, options *AlertsClientListForScopeOptions) *runtime.Pager[AlertsClientListForScopeResponse] { + return runtime.NewPager(runtime.PagingHandler[AlertsClientListForScopeResponse]{ + More: func(page AlertsClientListForScopeResponse) bool { + return page.NextLink != nil && len(*page.NextLink) > 0 + }, + Fetcher: func(ctx context.Context, page *AlertsClientListForScopeResponse) (AlertsClientListForScopeResponse, error) { + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, "AlertsClient.NewListForScopePager") + nextLink := "" + if page != nil { + nextLink = *page.NextLink + } + resp, err := runtime.FetcherForNextLink(ctx, client.internal.Pipeline(), nextLink, func(ctx context.Context) (*policy.Request, error) { + return client.listForScopeCreateRequest(ctx, scope, options) + }, nil) + if err != nil { + return AlertsClientListForScopeResponse{}, err + } + return client.listForScopeHandleResponse(resp) + }, + Tracer: client.internal.Tracer(), + }) +} + +// listForScopeCreateRequest creates the ListForScope request. +func (client *AlertsClient) listForScopeCreateRequest(ctx context.Context, scope string, options *AlertsClientListForScopeOptions) (*policy.Request, error) { + urlPath := "/{scope}/providers/Microsoft.Authorization/roleManagementAlerts" + urlPath = strings.ReplaceAll(urlPath, "{scope}", scope) + req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2022-08-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// listForScopeHandleResponse handles the ListForScope response. +func (client *AlertsClient) listForScopeHandleResponse(resp *http.Response) (AlertsClientListForScopeResponse, error) { + result := AlertsClientListForScopeResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.AlertListResult); err != nil { + return AlertsClientListForScopeResponse{}, err + } + return result, nil +} + +// BeginRefresh - Refresh an alert. +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2022-08-01-preview +// - scope - The scope of the alert. +// - alertID - The name of the alert to refresh. +// - options - AlertsClientBeginRefreshOptions contains the optional parameters for the AlertsClient.BeginRefresh method. +func (client *AlertsClient) BeginRefresh(ctx context.Context, scope string, alertID string, options *AlertsClientBeginRefreshOptions) (*runtime.Poller[AlertsClientRefreshResponse], error) { + if options == nil || options.ResumeToken == "" { + resp, err := client.refresh(ctx, scope, alertID, options) + if err != nil { + return nil, err + } + poller, err := runtime.NewPoller(resp, client.internal.Pipeline(), &runtime.NewPollerOptions[AlertsClientRefreshResponse]{ + FinalStateVia: runtime.FinalStateViaLocation, + Tracer: client.internal.Tracer(), + }) + return poller, err + } else { + return runtime.NewPollerFromResumeToken(options.ResumeToken, client.internal.Pipeline(), &runtime.NewPollerFromResumeTokenOptions[AlertsClientRefreshResponse]{ + Tracer: client.internal.Tracer(), + }) + } +} + +// Refresh - Refresh an alert. +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2022-08-01-preview +func (client *AlertsClient) refresh(ctx context.Context, scope string, alertID string, options *AlertsClientBeginRefreshOptions) (*http.Response, error) { + var err error + const operationName = "AlertsClient.BeginRefresh" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.refreshCreateRequest(ctx, scope, alertID, options) + if err != nil { + return nil, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return nil, err + } + if !runtime.HasStatusCode(httpResp, http.StatusAccepted) { + err = runtime.NewResponseError(httpResp) + return nil, err + } + return httpResp, nil +} + +// refreshCreateRequest creates the Refresh request. +func (client *AlertsClient) refreshCreateRequest(ctx context.Context, scope string, alertID string, options *AlertsClientBeginRefreshOptions) (*policy.Request, error) { + urlPath := "/{scope}/providers/Microsoft.Authorization/roleManagementAlerts/{alertId}/refresh" + urlPath = strings.ReplaceAll(urlPath, "{scope}", scope) + urlPath = strings.ReplaceAll(urlPath, "{alertId}", alertID) + req, err := runtime.NewRequest(ctx, http.MethodPost, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2022-08-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// BeginRefreshAll - Refresh all alerts for a resource scope. +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2022-08-01-preview +// - scope - The scope of the alert. +// - options - AlertsClientBeginRefreshAllOptions contains the optional parameters for the AlertsClient.BeginRefreshAll method. +func (client *AlertsClient) BeginRefreshAll(ctx context.Context, scope string, options *AlertsClientBeginRefreshAllOptions) (*runtime.Poller[AlertsClientRefreshAllResponse], error) { + if options == nil || options.ResumeToken == "" { + resp, err := client.refreshAll(ctx, scope, options) + if err != nil { + return nil, err + } + poller, err := runtime.NewPoller(resp, client.internal.Pipeline(), &runtime.NewPollerOptions[AlertsClientRefreshAllResponse]{ + FinalStateVia: runtime.FinalStateViaLocation, + Tracer: client.internal.Tracer(), + }) + return poller, err + } else { + return runtime.NewPollerFromResumeToken(options.ResumeToken, client.internal.Pipeline(), &runtime.NewPollerFromResumeTokenOptions[AlertsClientRefreshAllResponse]{ + Tracer: client.internal.Tracer(), + }) + } +} + +// RefreshAll - Refresh all alerts for a resource scope. +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2022-08-01-preview +func (client *AlertsClient) refreshAll(ctx context.Context, scope string, options *AlertsClientBeginRefreshAllOptions) (*http.Response, error) { + var err error + const operationName = "AlertsClient.BeginRefreshAll" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.refreshAllCreateRequest(ctx, scope, options) + if err != nil { + return nil, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return nil, err + } + if !runtime.HasStatusCode(httpResp, http.StatusAccepted) { + err = runtime.NewResponseError(httpResp) + return nil, err + } + return httpResp, nil +} + +// refreshAllCreateRequest creates the RefreshAll request. +func (client *AlertsClient) refreshAllCreateRequest(ctx context.Context, scope string, options *AlertsClientBeginRefreshAllOptions) (*policy.Request, error) { + urlPath := "/{scope}/providers/Microsoft.Authorization/roleManagementAlerts/refresh" + urlPath = strings.ReplaceAll(urlPath, "{scope}", scope) + req, err := runtime.NewRequest(ctx, http.MethodPost, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2022-08-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// Update - Update an alert. +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2022-08-01-preview +// - scope - The scope of the alert. +// - alertID - The name of the alert to dismiss. +// - parameters - Parameters for the alert. +// - options - AlertsClientUpdateOptions contains the optional parameters for the AlertsClient.Update method. +func (client *AlertsClient) Update(ctx context.Context, scope string, alertID string, parameters Alert, options *AlertsClientUpdateOptions) (AlertsClientUpdateResponse, error) { + var err error + const operationName = "AlertsClient.Update" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.updateCreateRequest(ctx, scope, alertID, parameters, options) + if err != nil { + return AlertsClientUpdateResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return AlertsClientUpdateResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusNoContent) { + err = runtime.NewResponseError(httpResp) + return AlertsClientUpdateResponse{}, err + } + return AlertsClientUpdateResponse{}, nil +} + +// updateCreateRequest creates the Update request. +func (client *AlertsClient) updateCreateRequest(ctx context.Context, scope string, alertID string, parameters Alert, options *AlertsClientUpdateOptions) (*policy.Request, error) { + urlPath := "/{scope}/providers/Microsoft.Authorization/roleManagementAlerts/{alertId}" + urlPath = strings.ReplaceAll(urlPath, "{scope}", scope) + urlPath = strings.ReplaceAll(urlPath, "{alertId}", alertID) + req, err := runtime.NewRequest(ctx, http.MethodPatch, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2022-08-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + if err := runtime.MarshalAsJSON(req, parameters); err != nil { + return nil, err + } + return req, nil +} diff --git a/vendor/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3/autorest.md b/vendor/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3/autorest.md new file mode 100644 index 00000000000..4ea6104696f --- /dev/null +++ b/vendor/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3/autorest.md @@ -0,0 +1,13 @@ +### AutoRest Configuration + +> see https://aka.ms/autorest + +``` yaml +azure-arm: true +require: +- https://github.com/Azure/azure-rest-api-specs/blob/310a0100f5b020c1900c527a6aa70d21992f078a/specification/authorization/resource-manager/readme.md +- https://github.com/Azure/azure-rest-api-specs/blob/310a0100f5b020c1900c527a6aa70d21992f078a/specification/authorization/resource-manager/readme.go.md +license-header: MICROSOFT_MIT_NO_VERSION +module-version: 3.0.0-beta.2 +tag: package-2022-05-01-preview +``` \ No newline at end of file diff --git a/vendor/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3/build.go b/vendor/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3/build.go new file mode 100644 index 00000000000..6d9616df823 --- /dev/null +++ b/vendor/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3/build.go @@ -0,0 +1,7 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. + +// This file enables 'go generate' to regenerate this specific SDK +//go:generate pwsh ../../../../eng/scripts/build.ps1 -skipBuild -cleanGenerated -format -tidy -generate resourcemanager/authorization/armauthorization + +package armauthorization diff --git a/vendor/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3/ci.yml b/vendor/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3/ci.yml new file mode 100644 index 00000000000..af58b0f74b2 --- /dev/null +++ b/vendor/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3/ci.yml @@ -0,0 +1,28 @@ +# NOTE: Please refer to https://aka.ms/azsdk/engsys/ci-yaml before editing this file. +trigger: + branches: + include: + - main + - feature/* + - hotfix/* + - release/* + paths: + include: + - sdk/resourcemanager/authorization/armauthorization/ + +pr: + branches: + include: + - main + - feature/* + - hotfix/* + - release/* + paths: + include: + - sdk/resourcemanager/authorization/armauthorization/ + +stages: +- template: /eng/pipelines/templates/jobs/archetype-sdk-client.yml + parameters: + IncludeRelease: true + ServiceDirectory: 'resourcemanager/authorization/armauthorization' diff --git a/vendor/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3/classicadministrators_client.go b/vendor/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3/classicadministrators_client.go new file mode 100644 index 00000000000..b10e91fa110 --- /dev/null +++ b/vendor/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3/classicadministrators_client.go @@ -0,0 +1,99 @@ +//go:build go1.18 +// +build go1.18 + +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package armauthorization + +import ( + "context" + "errors" + "github.com/Azure/azure-sdk-for-go/sdk/azcore" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/arm" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/policy" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "net/http" + "net/url" + "strings" +) + +// ClassicAdministratorsClient contains the methods for the ClassicAdministrators group. +// Don't use this type directly, use NewClassicAdministratorsClient() instead. +type ClassicAdministratorsClient struct { + internal *arm.Client + subscriptionID string +} + +// NewClassicAdministratorsClient creates a new instance of ClassicAdministratorsClient with the specified values. +// - subscriptionID - The ID of the target subscription. +// - credential - used to authorize requests. Usually a credential from azidentity. +// - options - pass nil to accept the default values. +func NewClassicAdministratorsClient(subscriptionID string, credential azcore.TokenCredential, options *arm.ClientOptions) (*ClassicAdministratorsClient, error) { + cl, err := arm.NewClient(moduleName, moduleVersion, credential, options) + if err != nil { + return nil, err + } + client := &ClassicAdministratorsClient{ + subscriptionID: subscriptionID, + internal: cl, + } + return client, nil +} + +// NewListPager - Gets service administrator, account administrator, and co-administrators for the subscription. +// +// Generated from API version 2015-07-01 +// - options - ClassicAdministratorsClientListOptions contains the optional parameters for the ClassicAdministratorsClient.NewListPager +// method. +func (client *ClassicAdministratorsClient) NewListPager(options *ClassicAdministratorsClientListOptions) *runtime.Pager[ClassicAdministratorsClientListResponse] { + return runtime.NewPager(runtime.PagingHandler[ClassicAdministratorsClientListResponse]{ + More: func(page ClassicAdministratorsClientListResponse) bool { + return page.NextLink != nil && len(*page.NextLink) > 0 + }, + Fetcher: func(ctx context.Context, page *ClassicAdministratorsClientListResponse) (ClassicAdministratorsClientListResponse, error) { + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, "ClassicAdministratorsClient.NewListPager") + nextLink := "" + if page != nil { + nextLink = *page.NextLink + } + resp, err := runtime.FetcherForNextLink(ctx, client.internal.Pipeline(), nextLink, func(ctx context.Context) (*policy.Request, error) { + return client.listCreateRequest(ctx, options) + }, nil) + if err != nil { + return ClassicAdministratorsClientListResponse{}, err + } + return client.listHandleResponse(resp) + }, + Tracer: client.internal.Tracer(), + }) +} + +// listCreateRequest creates the List request. +func (client *ClassicAdministratorsClient) listCreateRequest(ctx context.Context, options *ClassicAdministratorsClientListOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/providers/Microsoft.Authorization/classicAdministrators" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2015-07-01") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// listHandleResponse handles the List response. +func (client *ClassicAdministratorsClient) listHandleResponse(resp *http.Response) (ClassicAdministratorsClientListResponse, error) { + result := ClassicAdministratorsClientListResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.ClassicAdministratorListResult); err != nil { + return ClassicAdministratorsClientListResponse{}, err + } + return result, nil +} diff --git a/vendor/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3/client_factory.go b/vendor/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3/client_factory.go new file mode 100644 index 00000000000..a0faabda32f --- /dev/null +++ b/vendor/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3/client_factory.go @@ -0,0 +1,314 @@ +//go:build go1.18 +// +build go1.18 + +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package armauthorization + +import ( + "github.com/Azure/azure-sdk-for-go/sdk/azcore" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/arm" +) + +// ClientFactory is a client factory used to create any client in this module. +// Don't use this type directly, use NewClientFactory instead. +type ClientFactory struct { + subscriptionID string + credential azcore.TokenCredential + options *arm.ClientOptions +} + +// NewClientFactory creates a new instance of ClientFactory with the specified values. +// The parameter values will be propagated to any client created from this factory. +// - subscriptionID - The ID of the target subscription. +// - credential - used to authorize requests. Usually a credential from azidentity. +// - options - pass nil to accept the default values. +func NewClientFactory(subscriptionID string, credential azcore.TokenCredential, options *arm.ClientOptions) (*ClientFactory, error) { + _, err := arm.NewClient(moduleName, moduleVersion, credential, options) + if err != nil { + return nil, err + } + return &ClientFactory{ + subscriptionID: subscriptionID, credential: credential, + options: options.Clone(), + }, nil +} + +// NewAccessReviewDefaultSettingsClient creates a new instance of AccessReviewDefaultSettingsClient. +func (c *ClientFactory) NewAccessReviewDefaultSettingsClient() *AccessReviewDefaultSettingsClient { + subClient, _ := NewAccessReviewDefaultSettingsClient(c.subscriptionID, c.credential, c.options) + return subClient +} + +// NewAccessReviewHistoryDefinitionClient creates a new instance of AccessReviewHistoryDefinitionClient. +func (c *ClientFactory) NewAccessReviewHistoryDefinitionClient() *AccessReviewHistoryDefinitionClient { + subClient, _ := NewAccessReviewHistoryDefinitionClient(c.subscriptionID, c.credential, c.options) + return subClient +} + +// NewAccessReviewHistoryDefinitionInstanceClient creates a new instance of AccessReviewHistoryDefinitionInstanceClient. +func (c *ClientFactory) NewAccessReviewHistoryDefinitionInstanceClient() *AccessReviewHistoryDefinitionInstanceClient { + subClient, _ := NewAccessReviewHistoryDefinitionInstanceClient(c.subscriptionID, c.credential, c.options) + return subClient +} + +// NewAccessReviewHistoryDefinitionInstancesClient creates a new instance of AccessReviewHistoryDefinitionInstancesClient. +func (c *ClientFactory) NewAccessReviewHistoryDefinitionInstancesClient() *AccessReviewHistoryDefinitionInstancesClient { + subClient, _ := NewAccessReviewHistoryDefinitionInstancesClient(c.subscriptionID, c.credential, c.options) + return subClient +} + +// NewAccessReviewHistoryDefinitionsClient creates a new instance of AccessReviewHistoryDefinitionsClient. +func (c *ClientFactory) NewAccessReviewHistoryDefinitionsClient() *AccessReviewHistoryDefinitionsClient { + subClient, _ := NewAccessReviewHistoryDefinitionsClient(c.subscriptionID, c.credential, c.options) + return subClient +} + +// NewAccessReviewInstanceClient creates a new instance of AccessReviewInstanceClient. +func (c *ClientFactory) NewAccessReviewInstanceClient() *AccessReviewInstanceClient { + subClient, _ := NewAccessReviewInstanceClient(c.subscriptionID, c.credential, c.options) + return subClient +} + +// NewAccessReviewInstanceContactedReviewersClient creates a new instance of AccessReviewInstanceContactedReviewersClient. +func (c *ClientFactory) NewAccessReviewInstanceContactedReviewersClient() *AccessReviewInstanceContactedReviewersClient { + subClient, _ := NewAccessReviewInstanceContactedReviewersClient(c.subscriptionID, c.credential, c.options) + return subClient +} + +// NewAccessReviewInstanceDecisionsClient creates a new instance of AccessReviewInstanceDecisionsClient. +func (c *ClientFactory) NewAccessReviewInstanceDecisionsClient() *AccessReviewInstanceDecisionsClient { + subClient, _ := NewAccessReviewInstanceDecisionsClient(c.subscriptionID, c.credential, c.options) + return subClient +} + +// NewAccessReviewInstanceMyDecisionsClient creates a new instance of AccessReviewInstanceMyDecisionsClient. +func (c *ClientFactory) NewAccessReviewInstanceMyDecisionsClient() *AccessReviewInstanceMyDecisionsClient { + subClient, _ := NewAccessReviewInstanceMyDecisionsClient(c.credential, c.options) + return subClient +} + +// NewAccessReviewInstancesAssignedForMyApprovalClient creates a new instance of AccessReviewInstancesAssignedForMyApprovalClient. +func (c *ClientFactory) NewAccessReviewInstancesAssignedForMyApprovalClient() *AccessReviewInstancesAssignedForMyApprovalClient { + subClient, _ := NewAccessReviewInstancesAssignedForMyApprovalClient(c.credential, c.options) + return subClient +} + +// NewAccessReviewInstancesClient creates a new instance of AccessReviewInstancesClient. +func (c *ClientFactory) NewAccessReviewInstancesClient() *AccessReviewInstancesClient { + subClient, _ := NewAccessReviewInstancesClient(c.subscriptionID, c.credential, c.options) + return subClient +} + +// NewAccessReviewScheduleDefinitionsAssignedForMyApprovalClient creates a new instance of AccessReviewScheduleDefinitionsAssignedForMyApprovalClient. +func (c *ClientFactory) NewAccessReviewScheduleDefinitionsAssignedForMyApprovalClient() *AccessReviewScheduleDefinitionsAssignedForMyApprovalClient { + subClient, _ := NewAccessReviewScheduleDefinitionsAssignedForMyApprovalClient(c.credential, c.options) + return subClient +} + +// NewAccessReviewScheduleDefinitionsClient creates a new instance of AccessReviewScheduleDefinitionsClient. +func (c *ClientFactory) NewAccessReviewScheduleDefinitionsClient() *AccessReviewScheduleDefinitionsClient { + subClient, _ := NewAccessReviewScheduleDefinitionsClient(c.subscriptionID, c.credential, c.options) + return subClient +} + +// NewAlertConfigurationsClient creates a new instance of AlertConfigurationsClient. +func (c *ClientFactory) NewAlertConfigurationsClient() *AlertConfigurationsClient { + subClient, _ := NewAlertConfigurationsClient(c.credential, c.options) + return subClient +} + +// NewAlertDefinitionsClient creates a new instance of AlertDefinitionsClient. +func (c *ClientFactory) NewAlertDefinitionsClient() *AlertDefinitionsClient { + subClient, _ := NewAlertDefinitionsClient(c.credential, c.options) + return subClient +} + +// NewAlertIncidentsClient creates a new instance of AlertIncidentsClient. +func (c *ClientFactory) NewAlertIncidentsClient() *AlertIncidentsClient { + subClient, _ := NewAlertIncidentsClient(c.credential, c.options) + return subClient +} + +// NewAlertOperationClient creates a new instance of AlertOperationClient. +func (c *ClientFactory) NewAlertOperationClient() *AlertOperationClient { + subClient, _ := NewAlertOperationClient(c.credential, c.options) + return subClient +} + +// NewAlertsClient creates a new instance of AlertsClient. +func (c *ClientFactory) NewAlertsClient() *AlertsClient { + subClient, _ := NewAlertsClient(c.credential, c.options) + return subClient +} + +// NewClassicAdministratorsClient creates a new instance of ClassicAdministratorsClient. +func (c *ClientFactory) NewClassicAdministratorsClient() *ClassicAdministratorsClient { + subClient, _ := NewClassicAdministratorsClient(c.subscriptionID, c.credential, c.options) + return subClient +} + +// NewDenyAssignmentsClient creates a new instance of DenyAssignmentsClient. +func (c *ClientFactory) NewDenyAssignmentsClient() *DenyAssignmentsClient { + subClient, _ := NewDenyAssignmentsClient(c.subscriptionID, c.credential, c.options) + return subClient +} + +// NewEligibleChildResourcesClient creates a new instance of EligibleChildResourcesClient. +func (c *ClientFactory) NewEligibleChildResourcesClient() *EligibleChildResourcesClient { + subClient, _ := NewEligibleChildResourcesClient(c.credential, c.options) + return subClient +} + +// NewGlobalAdministratorClient creates a new instance of GlobalAdministratorClient. +func (c *ClientFactory) NewGlobalAdministratorClient() *GlobalAdministratorClient { + subClient, _ := NewGlobalAdministratorClient(c.credential, c.options) + return subClient +} + +// NewOperationsClient creates a new instance of OperationsClient. +func (c *ClientFactory) NewOperationsClient() *OperationsClient { + subClient, _ := NewOperationsClient(c.credential, c.options) + return subClient +} + +// NewPermissionsClient creates a new instance of PermissionsClient. +func (c *ClientFactory) NewPermissionsClient() *PermissionsClient { + subClient, _ := NewPermissionsClient(c.subscriptionID, c.credential, c.options) + return subClient +} + +// NewProviderOperationsMetadataClient creates a new instance of ProviderOperationsMetadataClient. +func (c *ClientFactory) NewProviderOperationsMetadataClient() *ProviderOperationsMetadataClient { + subClient, _ := NewProviderOperationsMetadataClient(c.credential, c.options) + return subClient +} + +// NewRoleAssignmentScheduleInstancesClient creates a new instance of RoleAssignmentScheduleInstancesClient. +func (c *ClientFactory) NewRoleAssignmentScheduleInstancesClient() *RoleAssignmentScheduleInstancesClient { + subClient, _ := NewRoleAssignmentScheduleInstancesClient(c.credential, c.options) + return subClient +} + +// NewRoleAssignmentScheduleRequestsClient creates a new instance of RoleAssignmentScheduleRequestsClient. +func (c *ClientFactory) NewRoleAssignmentScheduleRequestsClient() *RoleAssignmentScheduleRequestsClient { + subClient, _ := NewRoleAssignmentScheduleRequestsClient(c.credential, c.options) + return subClient +} + +// NewRoleAssignmentSchedulesClient creates a new instance of RoleAssignmentSchedulesClient. +func (c *ClientFactory) NewRoleAssignmentSchedulesClient() *RoleAssignmentSchedulesClient { + subClient, _ := NewRoleAssignmentSchedulesClient(c.credential, c.options) + return subClient +} + +// NewRoleAssignmentsClient creates a new instance of RoleAssignmentsClient. +func (c *ClientFactory) NewRoleAssignmentsClient() *RoleAssignmentsClient { + subClient, _ := NewRoleAssignmentsClient(c.subscriptionID, c.credential, c.options) + return subClient +} + +// NewRoleDefinitionsClient creates a new instance of RoleDefinitionsClient. +func (c *ClientFactory) NewRoleDefinitionsClient() *RoleDefinitionsClient { + subClient, _ := NewRoleDefinitionsClient(c.credential, c.options) + return subClient +} + +// NewRoleEligibilityScheduleInstancesClient creates a new instance of RoleEligibilityScheduleInstancesClient. +func (c *ClientFactory) NewRoleEligibilityScheduleInstancesClient() *RoleEligibilityScheduleInstancesClient { + subClient, _ := NewRoleEligibilityScheduleInstancesClient(c.credential, c.options) + return subClient +} + +// NewRoleEligibilityScheduleRequestsClient creates a new instance of RoleEligibilityScheduleRequestsClient. +func (c *ClientFactory) NewRoleEligibilityScheduleRequestsClient() *RoleEligibilityScheduleRequestsClient { + subClient, _ := NewRoleEligibilityScheduleRequestsClient(c.credential, c.options) + return subClient +} + +// NewRoleEligibilitySchedulesClient creates a new instance of RoleEligibilitySchedulesClient. +func (c *ClientFactory) NewRoleEligibilitySchedulesClient() *RoleEligibilitySchedulesClient { + subClient, _ := NewRoleEligibilitySchedulesClient(c.credential, c.options) + return subClient +} + +// NewRoleManagementPoliciesClient creates a new instance of RoleManagementPoliciesClient. +func (c *ClientFactory) NewRoleManagementPoliciesClient() *RoleManagementPoliciesClient { + subClient, _ := NewRoleManagementPoliciesClient(c.credential, c.options) + return subClient +} + +// NewRoleManagementPolicyAssignmentsClient creates a new instance of RoleManagementPolicyAssignmentsClient. +func (c *ClientFactory) NewRoleManagementPolicyAssignmentsClient() *RoleManagementPolicyAssignmentsClient { + subClient, _ := NewRoleManagementPolicyAssignmentsClient(c.credential, c.options) + return subClient +} + +// NewScopeAccessReviewDefaultSettingsClient creates a new instance of ScopeAccessReviewDefaultSettingsClient. +func (c *ClientFactory) NewScopeAccessReviewDefaultSettingsClient() *ScopeAccessReviewDefaultSettingsClient { + subClient, _ := NewScopeAccessReviewDefaultSettingsClient(c.credential, c.options) + return subClient +} + +// NewScopeAccessReviewHistoryDefinitionClient creates a new instance of ScopeAccessReviewHistoryDefinitionClient. +func (c *ClientFactory) NewScopeAccessReviewHistoryDefinitionClient() *ScopeAccessReviewHistoryDefinitionClient { + subClient, _ := NewScopeAccessReviewHistoryDefinitionClient(c.credential, c.options) + return subClient +} + +// NewScopeAccessReviewHistoryDefinitionInstanceClient creates a new instance of ScopeAccessReviewHistoryDefinitionInstanceClient. +func (c *ClientFactory) NewScopeAccessReviewHistoryDefinitionInstanceClient() *ScopeAccessReviewHistoryDefinitionInstanceClient { + subClient, _ := NewScopeAccessReviewHistoryDefinitionInstanceClient(c.credential, c.options) + return subClient +} + +// NewScopeAccessReviewHistoryDefinitionInstancesClient creates a new instance of ScopeAccessReviewHistoryDefinitionInstancesClient. +func (c *ClientFactory) NewScopeAccessReviewHistoryDefinitionInstancesClient() *ScopeAccessReviewHistoryDefinitionInstancesClient { + subClient, _ := NewScopeAccessReviewHistoryDefinitionInstancesClient(c.credential, c.options) + return subClient +} + +// NewScopeAccessReviewHistoryDefinitionsClient creates a new instance of ScopeAccessReviewHistoryDefinitionsClient. +func (c *ClientFactory) NewScopeAccessReviewHistoryDefinitionsClient() *ScopeAccessReviewHistoryDefinitionsClient { + subClient, _ := NewScopeAccessReviewHistoryDefinitionsClient(c.credential, c.options) + return subClient +} + +// NewScopeAccessReviewInstanceClient creates a new instance of ScopeAccessReviewInstanceClient. +func (c *ClientFactory) NewScopeAccessReviewInstanceClient() *ScopeAccessReviewInstanceClient { + subClient, _ := NewScopeAccessReviewInstanceClient(c.credential, c.options) + return subClient +} + +// NewScopeAccessReviewInstanceContactedReviewersClient creates a new instance of ScopeAccessReviewInstanceContactedReviewersClient. +func (c *ClientFactory) NewScopeAccessReviewInstanceContactedReviewersClient() *ScopeAccessReviewInstanceContactedReviewersClient { + subClient, _ := NewScopeAccessReviewInstanceContactedReviewersClient(c.credential, c.options) + return subClient +} + +// NewScopeAccessReviewInstanceDecisionsClient creates a new instance of ScopeAccessReviewInstanceDecisionsClient. +func (c *ClientFactory) NewScopeAccessReviewInstanceDecisionsClient() *ScopeAccessReviewInstanceDecisionsClient { + subClient, _ := NewScopeAccessReviewInstanceDecisionsClient(c.credential, c.options) + return subClient +} + +// NewScopeAccessReviewInstancesClient creates a new instance of ScopeAccessReviewInstancesClient. +func (c *ClientFactory) NewScopeAccessReviewInstancesClient() *ScopeAccessReviewInstancesClient { + subClient, _ := NewScopeAccessReviewInstancesClient(c.credential, c.options) + return subClient +} + +// NewScopeAccessReviewScheduleDefinitionsClient creates a new instance of ScopeAccessReviewScheduleDefinitionsClient. +func (c *ClientFactory) NewScopeAccessReviewScheduleDefinitionsClient() *ScopeAccessReviewScheduleDefinitionsClient { + subClient, _ := NewScopeAccessReviewScheduleDefinitionsClient(c.credential, c.options) + return subClient +} + +// NewTenantLevelAccessReviewInstanceContactedReviewersClient creates a new instance of TenantLevelAccessReviewInstanceContactedReviewersClient. +func (c *ClientFactory) NewTenantLevelAccessReviewInstanceContactedReviewersClient() *TenantLevelAccessReviewInstanceContactedReviewersClient { + subClient, _ := NewTenantLevelAccessReviewInstanceContactedReviewersClient(c.credential, c.options) + return subClient +} diff --git a/vendor/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3/constants.go b/vendor/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3/constants.go new file mode 100644 index 00000000000..68b4bfaeaa3 --- /dev/null +++ b/vendor/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3/constants.go @@ -0,0 +1,708 @@ +//go:build go1.18 +// +build go1.18 + +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package armauthorization + +const ( + moduleName = "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization" + moduleVersion = "v3.0.0-beta.2" +) + +// AccessRecommendationType - The feature- generated recommendation shown to the reviewer. +type AccessRecommendationType string + +const ( + AccessRecommendationTypeApprove AccessRecommendationType = "Approve" + AccessRecommendationTypeDeny AccessRecommendationType = "Deny" + AccessRecommendationTypeNoInfoAvailable AccessRecommendationType = "NoInfoAvailable" +) + +// PossibleAccessRecommendationTypeValues returns the possible values for the AccessRecommendationType const type. +func PossibleAccessRecommendationTypeValues() []AccessRecommendationType { + return []AccessRecommendationType{ + AccessRecommendationTypeApprove, + AccessRecommendationTypeDeny, + AccessRecommendationTypeNoInfoAvailable, + } +} + +// AccessReviewActorIdentityType - The identity type : user/servicePrincipal +type AccessReviewActorIdentityType string + +const ( + AccessReviewActorIdentityTypeServicePrincipal AccessReviewActorIdentityType = "servicePrincipal" + AccessReviewActorIdentityTypeUser AccessReviewActorIdentityType = "user" +) + +// PossibleAccessReviewActorIdentityTypeValues returns the possible values for the AccessReviewActorIdentityType const type. +func PossibleAccessReviewActorIdentityTypeValues() []AccessReviewActorIdentityType { + return []AccessReviewActorIdentityType{ + AccessReviewActorIdentityTypeServicePrincipal, + AccessReviewActorIdentityTypeUser, + } +} + +// AccessReviewApplyResult - The outcome of applying the decision. +type AccessReviewApplyResult string + +const ( + AccessReviewApplyResultAppliedSuccessfully AccessReviewApplyResult = "AppliedSuccessfully" + AccessReviewApplyResultAppliedSuccessfullyButObjectNotFound AccessReviewApplyResult = "AppliedSuccessfullyButObjectNotFound" + AccessReviewApplyResultAppliedWithUnknownFailure AccessReviewApplyResult = "AppliedWithUnknownFailure" + AccessReviewApplyResultApplyNotSupported AccessReviewApplyResult = "ApplyNotSupported" + AccessReviewApplyResultApplying AccessReviewApplyResult = "Applying" + AccessReviewApplyResultNew AccessReviewApplyResult = "New" +) + +// PossibleAccessReviewApplyResultValues returns the possible values for the AccessReviewApplyResult const type. +func PossibleAccessReviewApplyResultValues() []AccessReviewApplyResult { + return []AccessReviewApplyResult{ + AccessReviewApplyResultAppliedSuccessfully, + AccessReviewApplyResultAppliedSuccessfullyButObjectNotFound, + AccessReviewApplyResultAppliedWithUnknownFailure, + AccessReviewApplyResultApplyNotSupported, + AccessReviewApplyResultApplying, + AccessReviewApplyResultNew, + } +} + +// AccessReviewDecisionInsightType - The type of insight +type AccessReviewDecisionInsightType string + +const ( + AccessReviewDecisionInsightTypeUserSignInInsight AccessReviewDecisionInsightType = "userSignInInsight" +) + +// PossibleAccessReviewDecisionInsightTypeValues returns the possible values for the AccessReviewDecisionInsightType const type. +func PossibleAccessReviewDecisionInsightTypeValues() []AccessReviewDecisionInsightType { + return []AccessReviewDecisionInsightType{ + AccessReviewDecisionInsightTypeUserSignInInsight, + } +} + +type AccessReviewDecisionPrincipalResourceMembershipType string + +const ( + AccessReviewDecisionPrincipalResourceMembershipTypeDirect AccessReviewDecisionPrincipalResourceMembershipType = "direct" + AccessReviewDecisionPrincipalResourceMembershipTypeIndirect AccessReviewDecisionPrincipalResourceMembershipType = "indirect" +) + +// PossibleAccessReviewDecisionPrincipalResourceMembershipTypeValues returns the possible values for the AccessReviewDecisionPrincipalResourceMembershipType const type. +func PossibleAccessReviewDecisionPrincipalResourceMembershipTypeValues() []AccessReviewDecisionPrincipalResourceMembershipType { + return []AccessReviewDecisionPrincipalResourceMembershipType{ + AccessReviewDecisionPrincipalResourceMembershipTypeDirect, + AccessReviewDecisionPrincipalResourceMembershipTypeIndirect, + } +} + +// AccessReviewHistoryDefinitionStatus - This read-only field specifies the of the requested review history data. This is +// either requested, in-progress, done or error. +type AccessReviewHistoryDefinitionStatus string + +const ( + AccessReviewHistoryDefinitionStatusDone AccessReviewHistoryDefinitionStatus = "Done" + AccessReviewHistoryDefinitionStatusError AccessReviewHistoryDefinitionStatus = "Error" + AccessReviewHistoryDefinitionStatusInProgress AccessReviewHistoryDefinitionStatus = "InProgress" + AccessReviewHistoryDefinitionStatusRequested AccessReviewHistoryDefinitionStatus = "Requested" +) + +// PossibleAccessReviewHistoryDefinitionStatusValues returns the possible values for the AccessReviewHistoryDefinitionStatus const type. +func PossibleAccessReviewHistoryDefinitionStatusValues() []AccessReviewHistoryDefinitionStatus { + return []AccessReviewHistoryDefinitionStatus{ + AccessReviewHistoryDefinitionStatusDone, + AccessReviewHistoryDefinitionStatusError, + AccessReviewHistoryDefinitionStatusInProgress, + AccessReviewHistoryDefinitionStatusRequested, + } +} + +// AccessReviewInstanceReviewersType - This field specifies the type of reviewers for a review. Usually for a review, reviewers +// are explicitly assigned. However, in some cases, the reviewers may not be assigned and instead be chosen +// dynamically. For example managers review or self review. +type AccessReviewInstanceReviewersType string + +const ( + AccessReviewInstanceReviewersTypeAssigned AccessReviewInstanceReviewersType = "Assigned" + AccessReviewInstanceReviewersTypeManagers AccessReviewInstanceReviewersType = "Managers" + AccessReviewInstanceReviewersTypeSelf AccessReviewInstanceReviewersType = "Self" +) + +// PossibleAccessReviewInstanceReviewersTypeValues returns the possible values for the AccessReviewInstanceReviewersType const type. +func PossibleAccessReviewInstanceReviewersTypeValues() []AccessReviewInstanceReviewersType { + return []AccessReviewInstanceReviewersType{ + AccessReviewInstanceReviewersTypeAssigned, + AccessReviewInstanceReviewersTypeManagers, + AccessReviewInstanceReviewersTypeSelf, + } +} + +// AccessReviewInstanceStatus - This read-only field specifies the status of an access review instance. +type AccessReviewInstanceStatus string + +const ( + AccessReviewInstanceStatusApplied AccessReviewInstanceStatus = "Applied" + AccessReviewInstanceStatusApplying AccessReviewInstanceStatus = "Applying" + AccessReviewInstanceStatusAutoReviewed AccessReviewInstanceStatus = "AutoReviewed" + AccessReviewInstanceStatusAutoReviewing AccessReviewInstanceStatus = "AutoReviewing" + AccessReviewInstanceStatusCompleted AccessReviewInstanceStatus = "Completed" + AccessReviewInstanceStatusCompleting AccessReviewInstanceStatus = "Completing" + AccessReviewInstanceStatusInProgress AccessReviewInstanceStatus = "InProgress" + AccessReviewInstanceStatusInitializing AccessReviewInstanceStatus = "Initializing" + AccessReviewInstanceStatusNotStarted AccessReviewInstanceStatus = "NotStarted" + AccessReviewInstanceStatusScheduled AccessReviewInstanceStatus = "Scheduled" + AccessReviewInstanceStatusStarting AccessReviewInstanceStatus = "Starting" +) + +// PossibleAccessReviewInstanceStatusValues returns the possible values for the AccessReviewInstanceStatus const type. +func PossibleAccessReviewInstanceStatusValues() []AccessReviewInstanceStatus { + return []AccessReviewInstanceStatus{ + AccessReviewInstanceStatusApplied, + AccessReviewInstanceStatusApplying, + AccessReviewInstanceStatusAutoReviewed, + AccessReviewInstanceStatusAutoReviewing, + AccessReviewInstanceStatusCompleted, + AccessReviewInstanceStatusCompleting, + AccessReviewInstanceStatusInProgress, + AccessReviewInstanceStatusInitializing, + AccessReviewInstanceStatusNotStarted, + AccessReviewInstanceStatusScheduled, + AccessReviewInstanceStatusStarting, + } +} + +// AccessReviewRecurrencePatternType - The recurrence type : weekly, monthly, etc. +type AccessReviewRecurrencePatternType string + +const ( + AccessReviewRecurrencePatternTypeAbsoluteMonthly AccessReviewRecurrencePatternType = "absoluteMonthly" + AccessReviewRecurrencePatternTypeWeekly AccessReviewRecurrencePatternType = "weekly" +) + +// PossibleAccessReviewRecurrencePatternTypeValues returns the possible values for the AccessReviewRecurrencePatternType const type. +func PossibleAccessReviewRecurrencePatternTypeValues() []AccessReviewRecurrencePatternType { + return []AccessReviewRecurrencePatternType{ + AccessReviewRecurrencePatternTypeAbsoluteMonthly, + AccessReviewRecurrencePatternTypeWeekly, + } +} + +// AccessReviewRecurrenceRangeType - The recurrence range type. The possible values are: endDate, noEnd, numbered. +type AccessReviewRecurrenceRangeType string + +const ( + AccessReviewRecurrenceRangeTypeEndDate AccessReviewRecurrenceRangeType = "endDate" + AccessReviewRecurrenceRangeTypeNoEnd AccessReviewRecurrenceRangeType = "noEnd" + AccessReviewRecurrenceRangeTypeNumbered AccessReviewRecurrenceRangeType = "numbered" +) + +// PossibleAccessReviewRecurrenceRangeTypeValues returns the possible values for the AccessReviewRecurrenceRangeType const type. +func PossibleAccessReviewRecurrenceRangeTypeValues() []AccessReviewRecurrenceRangeType { + return []AccessReviewRecurrenceRangeType{ + AccessReviewRecurrenceRangeTypeEndDate, + AccessReviewRecurrenceRangeTypeNoEnd, + AccessReviewRecurrenceRangeTypeNumbered, + } +} + +// AccessReviewResult - Represents a reviewer's decision for a given review +type AccessReviewResult string + +const ( + AccessReviewResultApprove AccessReviewResult = "Approve" + AccessReviewResultDeny AccessReviewResult = "Deny" + AccessReviewResultDontKnow AccessReviewResult = "DontKnow" + AccessReviewResultNotNotified AccessReviewResult = "NotNotified" + AccessReviewResultNotReviewed AccessReviewResult = "NotReviewed" +) + +// PossibleAccessReviewResultValues returns the possible values for the AccessReviewResult const type. +func PossibleAccessReviewResultValues() []AccessReviewResult { + return []AccessReviewResult{ + AccessReviewResultApprove, + AccessReviewResultDeny, + AccessReviewResultDontKnow, + AccessReviewResultNotNotified, + AccessReviewResultNotReviewed, + } +} + +// AccessReviewReviewerType - The identity type : user/servicePrincipal +type AccessReviewReviewerType string + +const ( + AccessReviewReviewerTypeServicePrincipal AccessReviewReviewerType = "servicePrincipal" + AccessReviewReviewerTypeUser AccessReviewReviewerType = "user" +) + +// PossibleAccessReviewReviewerTypeValues returns the possible values for the AccessReviewReviewerType const type. +func PossibleAccessReviewReviewerTypeValues() []AccessReviewReviewerType { + return []AccessReviewReviewerType{ + AccessReviewReviewerTypeServicePrincipal, + AccessReviewReviewerTypeUser, + } +} + +// AccessReviewScheduleDefinitionReviewersType - This field specifies the type of reviewers for a review. Usually for a review, +// reviewers are explicitly assigned. However, in some cases, the reviewers may not be assigned and instead be chosen +// dynamically. For example managers review or self review. +type AccessReviewScheduleDefinitionReviewersType string + +const ( + AccessReviewScheduleDefinitionReviewersTypeAssigned AccessReviewScheduleDefinitionReviewersType = "Assigned" + AccessReviewScheduleDefinitionReviewersTypeManagers AccessReviewScheduleDefinitionReviewersType = "Managers" + AccessReviewScheduleDefinitionReviewersTypeSelf AccessReviewScheduleDefinitionReviewersType = "Self" +) + +// PossibleAccessReviewScheduleDefinitionReviewersTypeValues returns the possible values for the AccessReviewScheduleDefinitionReviewersType const type. +func PossibleAccessReviewScheduleDefinitionReviewersTypeValues() []AccessReviewScheduleDefinitionReviewersType { + return []AccessReviewScheduleDefinitionReviewersType{ + AccessReviewScheduleDefinitionReviewersTypeAssigned, + AccessReviewScheduleDefinitionReviewersTypeManagers, + AccessReviewScheduleDefinitionReviewersTypeSelf, + } +} + +// AccessReviewScheduleDefinitionStatus - This read-only field specifies the status of an accessReview. +type AccessReviewScheduleDefinitionStatus string + +const ( + AccessReviewScheduleDefinitionStatusApplied AccessReviewScheduleDefinitionStatus = "Applied" + AccessReviewScheduleDefinitionStatusApplying AccessReviewScheduleDefinitionStatus = "Applying" + AccessReviewScheduleDefinitionStatusAutoReviewed AccessReviewScheduleDefinitionStatus = "AutoReviewed" + AccessReviewScheduleDefinitionStatusAutoReviewing AccessReviewScheduleDefinitionStatus = "AutoReviewing" + AccessReviewScheduleDefinitionStatusCompleted AccessReviewScheduleDefinitionStatus = "Completed" + AccessReviewScheduleDefinitionStatusCompleting AccessReviewScheduleDefinitionStatus = "Completing" + AccessReviewScheduleDefinitionStatusInProgress AccessReviewScheduleDefinitionStatus = "InProgress" + AccessReviewScheduleDefinitionStatusInitializing AccessReviewScheduleDefinitionStatus = "Initializing" + AccessReviewScheduleDefinitionStatusNotStarted AccessReviewScheduleDefinitionStatus = "NotStarted" + AccessReviewScheduleDefinitionStatusScheduled AccessReviewScheduleDefinitionStatus = "Scheduled" + AccessReviewScheduleDefinitionStatusStarting AccessReviewScheduleDefinitionStatus = "Starting" +) + +// PossibleAccessReviewScheduleDefinitionStatusValues returns the possible values for the AccessReviewScheduleDefinitionStatus const type. +func PossibleAccessReviewScheduleDefinitionStatusValues() []AccessReviewScheduleDefinitionStatus { + return []AccessReviewScheduleDefinitionStatus{ + AccessReviewScheduleDefinitionStatusApplied, + AccessReviewScheduleDefinitionStatusApplying, + AccessReviewScheduleDefinitionStatusAutoReviewed, + AccessReviewScheduleDefinitionStatusAutoReviewing, + AccessReviewScheduleDefinitionStatusCompleted, + AccessReviewScheduleDefinitionStatusCompleting, + AccessReviewScheduleDefinitionStatusInProgress, + AccessReviewScheduleDefinitionStatusInitializing, + AccessReviewScheduleDefinitionStatusNotStarted, + AccessReviewScheduleDefinitionStatusScheduled, + AccessReviewScheduleDefinitionStatusStarting, + } +} + +// AccessReviewScopeAssignmentState - The role assignment state eligible/active to review +type AccessReviewScopeAssignmentState string + +const ( + AccessReviewScopeAssignmentStateActive AccessReviewScopeAssignmentState = "active" + AccessReviewScopeAssignmentStateEligible AccessReviewScopeAssignmentState = "eligible" +) + +// PossibleAccessReviewScopeAssignmentStateValues returns the possible values for the AccessReviewScopeAssignmentState const type. +func PossibleAccessReviewScopeAssignmentStateValues() []AccessReviewScopeAssignmentState { + return []AccessReviewScopeAssignmentState{ + AccessReviewScopeAssignmentStateActive, + AccessReviewScopeAssignmentStateEligible, + } +} + +// AccessReviewScopePrincipalType - The identity type user/servicePrincipal to review +type AccessReviewScopePrincipalType string + +const ( + AccessReviewScopePrincipalTypeGuestUser AccessReviewScopePrincipalType = "guestUser" + AccessReviewScopePrincipalTypeRedeemedGuestUser AccessReviewScopePrincipalType = "redeemedGuestUser" + AccessReviewScopePrincipalTypeServicePrincipal AccessReviewScopePrincipalType = "servicePrincipal" + AccessReviewScopePrincipalTypeUser AccessReviewScopePrincipalType = "user" + AccessReviewScopePrincipalTypeUserGroup AccessReviewScopePrincipalType = "user,group" +) + +// PossibleAccessReviewScopePrincipalTypeValues returns the possible values for the AccessReviewScopePrincipalType const type. +func PossibleAccessReviewScopePrincipalTypeValues() []AccessReviewScopePrincipalType { + return []AccessReviewScopePrincipalType{ + AccessReviewScopePrincipalTypeGuestUser, + AccessReviewScopePrincipalTypeRedeemedGuestUser, + AccessReviewScopePrincipalTypeServicePrincipal, + AccessReviewScopePrincipalTypeUser, + AccessReviewScopePrincipalTypeUserGroup, + } +} + +// ApprovalMode - The type of rule +type ApprovalMode string + +const ( + ApprovalModeNoApproval ApprovalMode = "NoApproval" + ApprovalModeParallel ApprovalMode = "Parallel" + ApprovalModeSerial ApprovalMode = "Serial" + ApprovalModeSingleStage ApprovalMode = "SingleStage" +) + +// PossibleApprovalModeValues returns the possible values for the ApprovalMode const type. +func PossibleApprovalModeValues() []ApprovalMode { + return []ApprovalMode{ + ApprovalModeNoApproval, + ApprovalModeParallel, + ApprovalModeSerial, + ApprovalModeSingleStage, + } +} + +// AssignmentType - Assignment type of the role assignment schedule +type AssignmentType string + +const ( + AssignmentTypeActivated AssignmentType = "Activated" + AssignmentTypeAssigned AssignmentType = "Assigned" +) + +// PossibleAssignmentTypeValues returns the possible values for the AssignmentType const type. +func PossibleAssignmentTypeValues() []AssignmentType { + return []AssignmentType{ + AssignmentTypeActivated, + AssignmentTypeAssigned, + } +} + +// DecisionResourceType - The type of resource +type DecisionResourceType string + +const ( + DecisionResourceTypeAzureRole DecisionResourceType = "azureRole" +) + +// PossibleDecisionResourceTypeValues returns the possible values for the DecisionResourceType const type. +func PossibleDecisionResourceTypeValues() []DecisionResourceType { + return []DecisionResourceType{ + DecisionResourceTypeAzureRole, + } +} + +// DecisionTargetType - The type of decision target : User/ServicePrincipal +type DecisionTargetType string + +const ( + DecisionTargetTypeServicePrincipal DecisionTargetType = "servicePrincipal" + DecisionTargetTypeUser DecisionTargetType = "user" +) + +// PossibleDecisionTargetTypeValues returns the possible values for the DecisionTargetType const type. +func PossibleDecisionTargetTypeValues() []DecisionTargetType { + return []DecisionTargetType{ + DecisionTargetTypeServicePrincipal, + DecisionTargetTypeUser, + } +} + +// DefaultDecisionType - This specifies the behavior for the autoReview feature when an access review completes. +type DefaultDecisionType string + +const ( + DefaultDecisionTypeApprove DefaultDecisionType = "Approve" + DefaultDecisionTypeDeny DefaultDecisionType = "Deny" + DefaultDecisionTypeRecommendation DefaultDecisionType = "Recommendation" +) + +// PossibleDefaultDecisionTypeValues returns the possible values for the DefaultDecisionType const type. +func PossibleDefaultDecisionTypeValues() []DefaultDecisionType { + return []DefaultDecisionType{ + DefaultDecisionTypeApprove, + DefaultDecisionTypeDeny, + DefaultDecisionTypeRecommendation, + } +} + +// EnablementRules - The type of enablement rule +type EnablementRules string + +const ( + EnablementRulesJustification EnablementRules = "Justification" + EnablementRulesMultiFactorAuthentication EnablementRules = "MultiFactorAuthentication" + EnablementRulesTicketing EnablementRules = "Ticketing" +) + +// PossibleEnablementRulesValues returns the possible values for the EnablementRules const type. +func PossibleEnablementRulesValues() []EnablementRules { + return []EnablementRules{ + EnablementRulesJustification, + EnablementRulesMultiFactorAuthentication, + EnablementRulesTicketing, + } +} + +// MemberType - Membership type of the role assignment schedule +type MemberType string + +const ( + MemberTypeDirect MemberType = "Direct" + MemberTypeGroup MemberType = "Group" + MemberTypeInherited MemberType = "Inherited" +) + +// PossibleMemberTypeValues returns the possible values for the MemberType const type. +func PossibleMemberTypeValues() []MemberType { + return []MemberType{ + MemberTypeDirect, + MemberTypeGroup, + MemberTypeInherited, + } +} + +// NotificationDeliveryMechanism - The type of notification. +type NotificationDeliveryMechanism string + +const ( + NotificationDeliveryMechanismEmail NotificationDeliveryMechanism = "Email" +) + +// PossibleNotificationDeliveryMechanismValues returns the possible values for the NotificationDeliveryMechanism const type. +func PossibleNotificationDeliveryMechanismValues() []NotificationDeliveryMechanism { + return []NotificationDeliveryMechanism{ + NotificationDeliveryMechanismEmail, + } +} + +// NotificationLevel - The notification level. +type NotificationLevel string + +const ( + NotificationLevelAll NotificationLevel = "All" + NotificationLevelCritical NotificationLevel = "Critical" + NotificationLevelNone NotificationLevel = "None" +) + +// PossibleNotificationLevelValues returns the possible values for the NotificationLevel const type. +func PossibleNotificationLevelValues() []NotificationLevel { + return []NotificationLevel{ + NotificationLevelAll, + NotificationLevelCritical, + NotificationLevelNone, + } +} + +// PrincipalType - The principal type of the assigned principal ID. +type PrincipalType string + +const ( + PrincipalTypeDevice PrincipalType = "Device" + PrincipalTypeForeignGroup PrincipalType = "ForeignGroup" + PrincipalTypeGroup PrincipalType = "Group" + PrincipalTypeServicePrincipal PrincipalType = "ServicePrincipal" + PrincipalTypeUser PrincipalType = "User" +) + +// PossiblePrincipalTypeValues returns the possible values for the PrincipalType const type. +func PossiblePrincipalTypeValues() []PrincipalType { + return []PrincipalType{ + PrincipalTypeDevice, + PrincipalTypeForeignGroup, + PrincipalTypeGroup, + PrincipalTypeServicePrincipal, + PrincipalTypeUser, + } +} + +// RecipientType - The recipient type. +type RecipientType string + +const ( + RecipientTypeAdmin RecipientType = "Admin" + RecipientTypeApprover RecipientType = "Approver" + RecipientTypeRequestor RecipientType = "Requestor" +) + +// PossibleRecipientTypeValues returns the possible values for the RecipientType const type. +func PossibleRecipientTypeValues() []RecipientType { + return []RecipientType{ + RecipientTypeAdmin, + RecipientTypeApprover, + RecipientTypeRequestor, + } +} + +// RecordAllDecisionsResult - The decision to make. Approvers can take action of Approve/Deny +type RecordAllDecisionsResult string + +const ( + RecordAllDecisionsResultApprove RecordAllDecisionsResult = "Approve" + RecordAllDecisionsResultDeny RecordAllDecisionsResult = "Deny" +) + +// PossibleRecordAllDecisionsResultValues returns the possible values for the RecordAllDecisionsResult const type. +func PossibleRecordAllDecisionsResultValues() []RecordAllDecisionsResult { + return []RecordAllDecisionsResult{ + RecordAllDecisionsResultApprove, + RecordAllDecisionsResultDeny, + } +} + +// RequestType - The type of the role assignment schedule request. Eg: SelfActivate, AdminAssign etc +type RequestType string + +const ( + RequestTypeAdminAssign RequestType = "AdminAssign" + RequestTypeAdminExtend RequestType = "AdminExtend" + RequestTypeAdminRemove RequestType = "AdminRemove" + RequestTypeAdminRenew RequestType = "AdminRenew" + RequestTypeAdminUpdate RequestType = "AdminUpdate" + RequestTypeSelfActivate RequestType = "SelfActivate" + RequestTypeSelfDeactivate RequestType = "SelfDeactivate" + RequestTypeSelfExtend RequestType = "SelfExtend" + RequestTypeSelfRenew RequestType = "SelfRenew" +) + +// PossibleRequestTypeValues returns the possible values for the RequestType const type. +func PossibleRequestTypeValues() []RequestType { + return []RequestType{ + RequestTypeAdminAssign, + RequestTypeAdminExtend, + RequestTypeAdminRemove, + RequestTypeAdminRenew, + RequestTypeAdminUpdate, + RequestTypeSelfActivate, + RequestTypeSelfDeactivate, + RequestTypeSelfExtend, + RequestTypeSelfRenew, + } +} + +// RoleManagementPolicyRuleType - The type of rule +type RoleManagementPolicyRuleType string + +const ( + RoleManagementPolicyRuleTypeRoleManagementPolicyApprovalRule RoleManagementPolicyRuleType = "RoleManagementPolicyApprovalRule" + RoleManagementPolicyRuleTypeRoleManagementPolicyAuthenticationContextRule RoleManagementPolicyRuleType = "RoleManagementPolicyAuthenticationContextRule" + RoleManagementPolicyRuleTypeRoleManagementPolicyEnablementRule RoleManagementPolicyRuleType = "RoleManagementPolicyEnablementRule" + RoleManagementPolicyRuleTypeRoleManagementPolicyExpirationRule RoleManagementPolicyRuleType = "RoleManagementPolicyExpirationRule" + RoleManagementPolicyRuleTypeRoleManagementPolicyNotificationRule RoleManagementPolicyRuleType = "RoleManagementPolicyNotificationRule" +) + +// PossibleRoleManagementPolicyRuleTypeValues returns the possible values for the RoleManagementPolicyRuleType const type. +func PossibleRoleManagementPolicyRuleTypeValues() []RoleManagementPolicyRuleType { + return []RoleManagementPolicyRuleType{ + RoleManagementPolicyRuleTypeRoleManagementPolicyApprovalRule, + RoleManagementPolicyRuleTypeRoleManagementPolicyAuthenticationContextRule, + RoleManagementPolicyRuleTypeRoleManagementPolicyEnablementRule, + RoleManagementPolicyRuleTypeRoleManagementPolicyExpirationRule, + RoleManagementPolicyRuleTypeRoleManagementPolicyNotificationRule, + } +} + +// SeverityLevel - Severity level of the alert. +type SeverityLevel string + +const ( + SeverityLevelHigh SeverityLevel = "High" + SeverityLevelLow SeverityLevel = "Low" + SeverityLevelMedium SeverityLevel = "Medium" +) + +// PossibleSeverityLevelValues returns the possible values for the SeverityLevel const type. +func PossibleSeverityLevelValues() []SeverityLevel { + return []SeverityLevel{ + SeverityLevelHigh, + SeverityLevelLow, + SeverityLevelMedium, + } +} + +// Status - The status of the role assignment schedule. +type Status string + +const ( + StatusAccepted Status = "Accepted" + StatusAdminApproved Status = "AdminApproved" + StatusAdminDenied Status = "AdminDenied" + StatusCanceled Status = "Canceled" + StatusDenied Status = "Denied" + StatusFailed Status = "Failed" + StatusFailedAsResourceIsLocked Status = "FailedAsResourceIsLocked" + StatusGranted Status = "Granted" + StatusInvalid Status = "Invalid" + StatusPendingAdminDecision Status = "PendingAdminDecision" + StatusPendingApproval Status = "PendingApproval" + StatusPendingApprovalProvisioning Status = "PendingApprovalProvisioning" + StatusPendingEvaluation Status = "PendingEvaluation" + StatusPendingExternalProvisioning Status = "PendingExternalProvisioning" + StatusPendingProvisioning Status = "PendingProvisioning" + StatusPendingRevocation Status = "PendingRevocation" + StatusPendingScheduleCreation Status = "PendingScheduleCreation" + StatusProvisioned Status = "Provisioned" + StatusProvisioningStarted Status = "ProvisioningStarted" + StatusRevoked Status = "Revoked" + StatusScheduleCreated Status = "ScheduleCreated" + StatusTimedOut Status = "TimedOut" +) + +// PossibleStatusValues returns the possible values for the Status const type. +func PossibleStatusValues() []Status { + return []Status{ + StatusAccepted, + StatusAdminApproved, + StatusAdminDenied, + StatusCanceled, + StatusDenied, + StatusFailed, + StatusFailedAsResourceIsLocked, + StatusGranted, + StatusInvalid, + StatusPendingAdminDecision, + StatusPendingApproval, + StatusPendingApprovalProvisioning, + StatusPendingEvaluation, + StatusPendingExternalProvisioning, + StatusPendingProvisioning, + StatusPendingRevocation, + StatusPendingScheduleCreation, + StatusProvisioned, + StatusProvisioningStarted, + StatusRevoked, + StatusScheduleCreated, + StatusTimedOut, + } +} + +// Type - Type of the role assignment schedule expiration +type Type string + +const ( + TypeAfterDateTime Type = "AfterDateTime" + TypeAfterDuration Type = "AfterDuration" + TypeNoExpiration Type = "NoExpiration" +) + +// PossibleTypeValues returns the possible values for the Type const type. +func PossibleTypeValues() []Type { + return []Type{ + TypeAfterDateTime, + TypeAfterDuration, + TypeNoExpiration, + } +} + +// UserType - The type of user. +type UserType string + +const ( + UserTypeGroup UserType = "Group" + UserTypeUser UserType = "User" +) + +// PossibleUserTypeValues returns the possible values for the UserType const type. +func PossibleUserTypeValues() []UserType { + return []UserType{ + UserTypeGroup, + UserTypeUser, + } +} diff --git a/vendor/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3/denyassignments_client.go b/vendor/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3/denyassignments_client.go new file mode 100644 index 00000000000..16e58650f47 --- /dev/null +++ b/vendor/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3/denyassignments_client.go @@ -0,0 +1,406 @@ +//go:build go1.18 +// +build go1.18 + +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package armauthorization + +import ( + "context" + "errors" + "github.com/Azure/azure-sdk-for-go/sdk/azcore" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/arm" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/policy" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "net/http" + "net/url" + "strings" +) + +// DenyAssignmentsClient contains the methods for the DenyAssignments group. +// Don't use this type directly, use NewDenyAssignmentsClient() instead. +type DenyAssignmentsClient struct { + internal *arm.Client + subscriptionID string +} + +// NewDenyAssignmentsClient creates a new instance of DenyAssignmentsClient with the specified values. +// - subscriptionID - The ID of the target subscription. +// - credential - used to authorize requests. Usually a credential from azidentity. +// - options - pass nil to accept the default values. +func NewDenyAssignmentsClient(subscriptionID string, credential azcore.TokenCredential, options *arm.ClientOptions) (*DenyAssignmentsClient, error) { + cl, err := arm.NewClient(moduleName, moduleVersion, credential, options) + if err != nil { + return nil, err + } + client := &DenyAssignmentsClient{ + subscriptionID: subscriptionID, + internal: cl, + } + return client, nil +} + +// Get - Get the specified deny assignment. +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2022-04-01 +// - scope - The scope of the deny assignment. +// - denyAssignmentID - The ID of the deny assignment to get. +// - options - DenyAssignmentsClientGetOptions contains the optional parameters for the DenyAssignmentsClient.Get method. +func (client *DenyAssignmentsClient) Get(ctx context.Context, scope string, denyAssignmentID string, options *DenyAssignmentsClientGetOptions) (DenyAssignmentsClientGetResponse, error) { + var err error + const operationName = "DenyAssignmentsClient.Get" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.getCreateRequest(ctx, scope, denyAssignmentID, options) + if err != nil { + return DenyAssignmentsClientGetResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return DenyAssignmentsClientGetResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK) { + err = runtime.NewResponseError(httpResp) + return DenyAssignmentsClientGetResponse{}, err + } + resp, err := client.getHandleResponse(httpResp) + return resp, err +} + +// getCreateRequest creates the Get request. +func (client *DenyAssignmentsClient) getCreateRequest(ctx context.Context, scope string, denyAssignmentID string, options *DenyAssignmentsClientGetOptions) (*policy.Request, error) { + urlPath := "/{scope}/providers/Microsoft.Authorization/denyAssignments/{denyAssignmentId}" + urlPath = strings.ReplaceAll(urlPath, "{scope}", scope) + if denyAssignmentID == "" { + return nil, errors.New("parameter denyAssignmentID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{denyAssignmentId}", url.PathEscape(denyAssignmentID)) + req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2022-04-01") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// getHandleResponse handles the Get response. +func (client *DenyAssignmentsClient) getHandleResponse(resp *http.Response) (DenyAssignmentsClientGetResponse, error) { + result := DenyAssignmentsClientGetResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.DenyAssignment); err != nil { + return DenyAssignmentsClientGetResponse{}, err + } + return result, nil +} + +// GetByID - Gets a deny assignment by ID. +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2022-04-01 +// - denyAssignmentID - The fully qualified deny assignment ID. For example, use the format, /subscriptions/{guid}/providers/Microsoft.Authorization/denyAssignments/{denyAssignmentId} +// for subscription level deny assignments, +// or /providers/Microsoft.Authorization/denyAssignments/{denyAssignmentId} for tenant level deny assignments. +// - options - DenyAssignmentsClientGetByIDOptions contains the optional parameters for the DenyAssignmentsClient.GetByID method. +func (client *DenyAssignmentsClient) GetByID(ctx context.Context, denyAssignmentID string, options *DenyAssignmentsClientGetByIDOptions) (DenyAssignmentsClientGetByIDResponse, error) { + var err error + const operationName = "DenyAssignmentsClient.GetByID" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.getByIDCreateRequest(ctx, denyAssignmentID, options) + if err != nil { + return DenyAssignmentsClientGetByIDResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return DenyAssignmentsClientGetByIDResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK) { + err = runtime.NewResponseError(httpResp) + return DenyAssignmentsClientGetByIDResponse{}, err + } + resp, err := client.getByIDHandleResponse(httpResp) + return resp, err +} + +// getByIDCreateRequest creates the GetByID request. +func (client *DenyAssignmentsClient) getByIDCreateRequest(ctx context.Context, denyAssignmentID string, options *DenyAssignmentsClientGetByIDOptions) (*policy.Request, error) { + urlPath := "/{denyAssignmentId}" + urlPath = strings.ReplaceAll(urlPath, "{denyAssignmentId}", denyAssignmentID) + req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2022-04-01") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// getByIDHandleResponse handles the GetByID response. +func (client *DenyAssignmentsClient) getByIDHandleResponse(resp *http.Response) (DenyAssignmentsClientGetByIDResponse, error) { + result := DenyAssignmentsClientGetByIDResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.DenyAssignment); err != nil { + return DenyAssignmentsClientGetByIDResponse{}, err + } + return result, nil +} + +// NewListPager - Gets all deny assignments for the subscription. +// +// Generated from API version 2022-04-01 +// - options - DenyAssignmentsClientListOptions contains the optional parameters for the DenyAssignmentsClient.NewListPager +// method. +func (client *DenyAssignmentsClient) NewListPager(options *DenyAssignmentsClientListOptions) *runtime.Pager[DenyAssignmentsClientListResponse] { + return runtime.NewPager(runtime.PagingHandler[DenyAssignmentsClientListResponse]{ + More: func(page DenyAssignmentsClientListResponse) bool { + return page.NextLink != nil && len(*page.NextLink) > 0 + }, + Fetcher: func(ctx context.Context, page *DenyAssignmentsClientListResponse) (DenyAssignmentsClientListResponse, error) { + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, "DenyAssignmentsClient.NewListPager") + nextLink := "" + if page != nil { + nextLink = *page.NextLink + } + resp, err := runtime.FetcherForNextLink(ctx, client.internal.Pipeline(), nextLink, func(ctx context.Context) (*policy.Request, error) { + return client.listCreateRequest(ctx, options) + }, nil) + if err != nil { + return DenyAssignmentsClientListResponse{}, err + } + return client.listHandleResponse(resp) + }, + Tracer: client.internal.Tracer(), + }) +} + +// listCreateRequest creates the List request. +func (client *DenyAssignmentsClient) listCreateRequest(ctx context.Context, options *DenyAssignmentsClientListOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/providers/Microsoft.Authorization/denyAssignments" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2022-04-01") + if options != nil && options.Filter != nil { + reqQP.Set("$filter", *options.Filter) + } + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// listHandleResponse handles the List response. +func (client *DenyAssignmentsClient) listHandleResponse(resp *http.Response) (DenyAssignmentsClientListResponse, error) { + result := DenyAssignmentsClientListResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.DenyAssignmentListResult); err != nil { + return DenyAssignmentsClientListResponse{}, err + } + return result, nil +} + +// NewListForResourcePager - Gets deny assignments for a resource. +// +// Generated from API version 2022-04-01 +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - resourceProviderNamespace - The namespace of the resource provider. +// - parentResourcePath - The parent resource identity. +// - resourceType - The resource type of the resource. +// - resourceName - The name of the resource to get deny assignments for. +// - options - DenyAssignmentsClientListForResourceOptions contains the optional parameters for the DenyAssignmentsClient.NewListForResourcePager +// method. +func (client *DenyAssignmentsClient) NewListForResourcePager(resourceGroupName string, resourceProviderNamespace string, parentResourcePath string, resourceType string, resourceName string, options *DenyAssignmentsClientListForResourceOptions) *runtime.Pager[DenyAssignmentsClientListForResourceResponse] { + return runtime.NewPager(runtime.PagingHandler[DenyAssignmentsClientListForResourceResponse]{ + More: func(page DenyAssignmentsClientListForResourceResponse) bool { + return page.NextLink != nil && len(*page.NextLink) > 0 + }, + Fetcher: func(ctx context.Context, page *DenyAssignmentsClientListForResourceResponse) (DenyAssignmentsClientListForResourceResponse, error) { + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, "DenyAssignmentsClient.NewListForResourcePager") + nextLink := "" + if page != nil { + nextLink = *page.NextLink + } + resp, err := runtime.FetcherForNextLink(ctx, client.internal.Pipeline(), nextLink, func(ctx context.Context) (*policy.Request, error) { + return client.listForResourceCreateRequest(ctx, resourceGroupName, resourceProviderNamespace, parentResourcePath, resourceType, resourceName, options) + }, nil) + if err != nil { + return DenyAssignmentsClientListForResourceResponse{}, err + } + return client.listForResourceHandleResponse(resp) + }, + Tracer: client.internal.Tracer(), + }) +} + +// listForResourceCreateRequest creates the ListForResource request. +func (client *DenyAssignmentsClient) listForResourceCreateRequest(ctx context.Context, resourceGroupName string, resourceProviderNamespace string, parentResourcePath string, resourceType string, resourceName string, options *DenyAssignmentsClientListForResourceOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourcegroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{parentResourcePath}/{resourceType}/{resourceName}/providers/Microsoft.Authorization/denyAssignments" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + urlPath = strings.ReplaceAll(urlPath, "{resourceProviderNamespace}", resourceProviderNamespace) + urlPath = strings.ReplaceAll(urlPath, "{parentResourcePath}", parentResourcePath) + urlPath = strings.ReplaceAll(urlPath, "{resourceType}", resourceType) + if resourceName == "" { + return nil, errors.New("parameter resourceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceName}", url.PathEscape(resourceName)) + req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2022-04-01") + if options != nil && options.Filter != nil { + reqQP.Set("$filter", *options.Filter) + } + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// listForResourceHandleResponse handles the ListForResource response. +func (client *DenyAssignmentsClient) listForResourceHandleResponse(resp *http.Response) (DenyAssignmentsClientListForResourceResponse, error) { + result := DenyAssignmentsClientListForResourceResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.DenyAssignmentListResult); err != nil { + return DenyAssignmentsClientListForResourceResponse{}, err + } + return result, nil +} + +// NewListForResourceGroupPager - Gets deny assignments for a resource group. +// +// Generated from API version 2022-04-01 +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - options - DenyAssignmentsClientListForResourceGroupOptions contains the optional parameters for the DenyAssignmentsClient.NewListForResourceGroupPager +// method. +func (client *DenyAssignmentsClient) NewListForResourceGroupPager(resourceGroupName string, options *DenyAssignmentsClientListForResourceGroupOptions) *runtime.Pager[DenyAssignmentsClientListForResourceGroupResponse] { + return runtime.NewPager(runtime.PagingHandler[DenyAssignmentsClientListForResourceGroupResponse]{ + More: func(page DenyAssignmentsClientListForResourceGroupResponse) bool { + return page.NextLink != nil && len(*page.NextLink) > 0 + }, + Fetcher: func(ctx context.Context, page *DenyAssignmentsClientListForResourceGroupResponse) (DenyAssignmentsClientListForResourceGroupResponse, error) { + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, "DenyAssignmentsClient.NewListForResourceGroupPager") + nextLink := "" + if page != nil { + nextLink = *page.NextLink + } + resp, err := runtime.FetcherForNextLink(ctx, client.internal.Pipeline(), nextLink, func(ctx context.Context) (*policy.Request, error) { + return client.listForResourceGroupCreateRequest(ctx, resourceGroupName, options) + }, nil) + if err != nil { + return DenyAssignmentsClientListForResourceGroupResponse{}, err + } + return client.listForResourceGroupHandleResponse(resp) + }, + Tracer: client.internal.Tracer(), + }) +} + +// listForResourceGroupCreateRequest creates the ListForResourceGroup request. +func (client *DenyAssignmentsClient) listForResourceGroupCreateRequest(ctx context.Context, resourceGroupName string, options *DenyAssignmentsClientListForResourceGroupOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Authorization/denyAssignments" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2022-04-01") + if options != nil && options.Filter != nil { + reqQP.Set("$filter", *options.Filter) + } + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// listForResourceGroupHandleResponse handles the ListForResourceGroup response. +func (client *DenyAssignmentsClient) listForResourceGroupHandleResponse(resp *http.Response) (DenyAssignmentsClientListForResourceGroupResponse, error) { + result := DenyAssignmentsClientListForResourceGroupResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.DenyAssignmentListResult); err != nil { + return DenyAssignmentsClientListForResourceGroupResponse{}, err + } + return result, nil +} + +// NewListForScopePager - Gets deny assignments for a scope. +// +// Generated from API version 2022-04-01 +// - scope - The scope of the deny assignments. +// - options - DenyAssignmentsClientListForScopeOptions contains the optional parameters for the DenyAssignmentsClient.NewListForScopePager +// method. +func (client *DenyAssignmentsClient) NewListForScopePager(scope string, options *DenyAssignmentsClientListForScopeOptions) *runtime.Pager[DenyAssignmentsClientListForScopeResponse] { + return runtime.NewPager(runtime.PagingHandler[DenyAssignmentsClientListForScopeResponse]{ + More: func(page DenyAssignmentsClientListForScopeResponse) bool { + return page.NextLink != nil && len(*page.NextLink) > 0 + }, + Fetcher: func(ctx context.Context, page *DenyAssignmentsClientListForScopeResponse) (DenyAssignmentsClientListForScopeResponse, error) { + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, "DenyAssignmentsClient.NewListForScopePager") + nextLink := "" + if page != nil { + nextLink = *page.NextLink + } + resp, err := runtime.FetcherForNextLink(ctx, client.internal.Pipeline(), nextLink, func(ctx context.Context) (*policy.Request, error) { + return client.listForScopeCreateRequest(ctx, scope, options) + }, nil) + if err != nil { + return DenyAssignmentsClientListForScopeResponse{}, err + } + return client.listForScopeHandleResponse(resp) + }, + Tracer: client.internal.Tracer(), + }) +} + +// listForScopeCreateRequest creates the ListForScope request. +func (client *DenyAssignmentsClient) listForScopeCreateRequest(ctx context.Context, scope string, options *DenyAssignmentsClientListForScopeOptions) (*policy.Request, error) { + urlPath := "/{scope}/providers/Microsoft.Authorization/denyAssignments" + urlPath = strings.ReplaceAll(urlPath, "{scope}", scope) + req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2022-04-01") + if options != nil && options.Filter != nil { + reqQP.Set("$filter", *options.Filter) + } + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// listForScopeHandleResponse handles the ListForScope response. +func (client *DenyAssignmentsClient) listForScopeHandleResponse(resp *http.Response) (DenyAssignmentsClientListForScopeResponse, error) { + result := DenyAssignmentsClientListForScopeResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.DenyAssignmentListResult); err != nil { + return DenyAssignmentsClientListForScopeResponse{}, err + } + return result, nil +} diff --git a/vendor/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3/eligiblechildresources_client.go b/vendor/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3/eligiblechildresources_client.go new file mode 100644 index 00000000000..6ae7ac7d44f --- /dev/null +++ b/vendor/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3/eligiblechildresources_client.go @@ -0,0 +1,95 @@ +//go:build go1.18 +// +build go1.18 + +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package armauthorization + +import ( + "context" + "github.com/Azure/azure-sdk-for-go/sdk/azcore" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/arm" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/policy" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "net/http" + "strings" +) + +// EligibleChildResourcesClient contains the methods for the EligibleChildResources group. +// Don't use this type directly, use NewEligibleChildResourcesClient() instead. +type EligibleChildResourcesClient struct { + internal *arm.Client +} + +// NewEligibleChildResourcesClient creates a new instance of EligibleChildResourcesClient with the specified values. +// - credential - used to authorize requests. Usually a credential from azidentity. +// - options - pass nil to accept the default values. +func NewEligibleChildResourcesClient(credential azcore.TokenCredential, options *arm.ClientOptions) (*EligibleChildResourcesClient, error) { + cl, err := arm.NewClient(moduleName, moduleVersion, credential, options) + if err != nil { + return nil, err + } + client := &EligibleChildResourcesClient{ + internal: cl, + } + return client, nil +} + +// NewGetPager - Get the child resources of a resource on which user has eligible access +// +// Generated from API version 2020-10-01-preview +// - scope - The scope of the role management policy. +// - options - EligibleChildResourcesClientGetOptions contains the optional parameters for the EligibleChildResourcesClient.NewGetPager +// method. +func (client *EligibleChildResourcesClient) NewGetPager(scope string, options *EligibleChildResourcesClientGetOptions) *runtime.Pager[EligibleChildResourcesClientGetResponse] { + return runtime.NewPager(runtime.PagingHandler[EligibleChildResourcesClientGetResponse]{ + More: func(page EligibleChildResourcesClientGetResponse) bool { + return page.NextLink != nil && len(*page.NextLink) > 0 + }, + Fetcher: func(ctx context.Context, page *EligibleChildResourcesClientGetResponse) (EligibleChildResourcesClientGetResponse, error) { + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, "EligibleChildResourcesClient.NewGetPager") + nextLink := "" + if page != nil { + nextLink = *page.NextLink + } + resp, err := runtime.FetcherForNextLink(ctx, client.internal.Pipeline(), nextLink, func(ctx context.Context) (*policy.Request, error) { + return client.getCreateRequest(ctx, scope, options) + }, nil) + if err != nil { + return EligibleChildResourcesClientGetResponse{}, err + } + return client.getHandleResponse(resp) + }, + Tracer: client.internal.Tracer(), + }) +} + +// getCreateRequest creates the Get request. +func (client *EligibleChildResourcesClient) getCreateRequest(ctx context.Context, scope string, options *EligibleChildResourcesClientGetOptions) (*policy.Request, error) { + urlPath := "/{scope}/providers/Microsoft.Authorization/eligibleChildResources" + urlPath = strings.ReplaceAll(urlPath, "{scope}", scope) + req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + if options != nil && options.Filter != nil { + reqQP.Set("$filter", *options.Filter) + } + reqQP.Set("api-version", "2020-10-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// getHandleResponse handles the Get response. +func (client *EligibleChildResourcesClient) getHandleResponse(resp *http.Response) (EligibleChildResourcesClientGetResponse, error) { + result := EligibleChildResourcesClientGetResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.EligibleChildResourcesListResult); err != nil { + return EligibleChildResourcesClientGetResponse{}, err + } + return result, nil +} diff --git a/vendor/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3/globaladministrator_client.go b/vendor/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3/globaladministrator_client.go new file mode 100644 index 00000000000..7cc75f42fa1 --- /dev/null +++ b/vendor/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3/globaladministrator_client.go @@ -0,0 +1,79 @@ +//go:build go1.18 +// +build go1.18 + +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package armauthorization + +import ( + "context" + "github.com/Azure/azure-sdk-for-go/sdk/azcore" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/arm" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/policy" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "net/http" +) + +// GlobalAdministratorClient contains the methods for the GlobalAdministrator group. +// Don't use this type directly, use NewGlobalAdministratorClient() instead. +type GlobalAdministratorClient struct { + internal *arm.Client +} + +// NewGlobalAdministratorClient creates a new instance of GlobalAdministratorClient with the specified values. +// - credential - used to authorize requests. Usually a credential from azidentity. +// - options - pass nil to accept the default values. +func NewGlobalAdministratorClient(credential azcore.TokenCredential, options *arm.ClientOptions) (*GlobalAdministratorClient, error) { + cl, err := arm.NewClient(moduleName, moduleVersion, credential, options) + if err != nil { + return nil, err + } + client := &GlobalAdministratorClient{ + internal: cl, + } + return client, nil +} + +// ElevateAccess - Elevates access for a Global Administrator. +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2015-07-01 +// - options - GlobalAdministratorClientElevateAccessOptions contains the optional parameters for the GlobalAdministratorClient.ElevateAccess +// method. +func (client *GlobalAdministratorClient) ElevateAccess(ctx context.Context, options *GlobalAdministratorClientElevateAccessOptions) (GlobalAdministratorClientElevateAccessResponse, error) { + var err error + const operationName = "GlobalAdministratorClient.ElevateAccess" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.elevateAccessCreateRequest(ctx, options) + if err != nil { + return GlobalAdministratorClientElevateAccessResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return GlobalAdministratorClientElevateAccessResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK) { + err = runtime.NewResponseError(httpResp) + return GlobalAdministratorClientElevateAccessResponse{}, err + } + return GlobalAdministratorClientElevateAccessResponse{}, nil +} + +// elevateAccessCreateRequest creates the ElevateAccess request. +func (client *GlobalAdministratorClient) elevateAccessCreateRequest(ctx context.Context, options *GlobalAdministratorClientElevateAccessOptions) (*policy.Request, error) { + urlPath := "/providers/Microsoft.Authorization/elevateAccess" + req, err := runtime.NewRequest(ctx, http.MethodPost, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2015-07-01") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} diff --git a/vendor/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3/interfaces.go b/vendor/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3/interfaces.go new file mode 100644 index 00000000000..2cc2f67a28f --- /dev/null +++ b/vendor/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3/interfaces.go @@ -0,0 +1,57 @@ +//go:build go1.18 +// +build go1.18 + +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package armauthorization + +// AccessReviewDecisionIdentityClassification provides polymorphic access to related types. +// Call the interface's GetAccessReviewDecisionIdentity() method to access the common type. +// Use a type switch to determine the concrete type. The possible types are: +// - *AccessReviewDecisionIdentity, *AccessReviewDecisionServicePrincipalIdentity, *AccessReviewDecisionUserIdentity +type AccessReviewDecisionIdentityClassification interface { + // GetAccessReviewDecisionIdentity returns the AccessReviewDecisionIdentity content of the underlying type. + GetAccessReviewDecisionIdentity() *AccessReviewDecisionIdentity +} + +// AccessReviewDecisionInsightPropertiesClassification provides polymorphic access to related types. +// Call the interface's GetAccessReviewDecisionInsightProperties() method to access the common type. +// Use a type switch to determine the concrete type. The possible types are: +// - *AccessReviewDecisionInsightProperties, *AccessReviewDecisionUserSignInInsightProperties +type AccessReviewDecisionInsightPropertiesClassification interface { + // GetAccessReviewDecisionInsightProperties returns the AccessReviewDecisionInsightProperties content of the underlying type. + GetAccessReviewDecisionInsightProperties() *AccessReviewDecisionInsightProperties +} + +// AlertConfigurationPropertiesClassification provides polymorphic access to related types. +// Call the interface's GetAlertConfigurationProperties() method to access the common type. +// Use a type switch to determine the concrete type. The possible types are: +// - *AlertConfigurationProperties, *AzureRolesAssignedOutsidePimAlertConfigurationProperties, *DuplicateRoleCreatedAlertConfigurationProperties, +// - *TooManyOwnersAssignedToResourceAlertConfigurationProperties, *TooManyPermanentOwnersAssignedToResourceAlertConfigurationProperties +type AlertConfigurationPropertiesClassification interface { + // GetAlertConfigurationProperties returns the AlertConfigurationProperties content of the underlying type. + GetAlertConfigurationProperties() *AlertConfigurationProperties +} + +// AlertIncidentPropertiesClassification provides polymorphic access to related types. +// Call the interface's GetAlertIncidentProperties() method to access the common type. +// Use a type switch to determine the concrete type. The possible types are: +// - *AlertIncidentProperties, *AzureRolesAssignedOutsidePimAlertIncidentProperties, *DuplicateRoleCreatedAlertIncidentProperties, +// - *TooManyOwnersAssignedToResourceAlertIncidentProperties, *TooManyPermanentOwnersAssignedToResourceAlertIncidentProperties +type AlertIncidentPropertiesClassification interface { + // GetAlertIncidentProperties returns the AlertIncidentProperties content of the underlying type. + GetAlertIncidentProperties() *AlertIncidentProperties +} + +// RoleManagementPolicyRuleClassification provides polymorphic access to related types. +// Call the interface's GetRoleManagementPolicyRule() method to access the common type. +// Use a type switch to determine the concrete type. The possible types are: +// - *RoleManagementPolicyApprovalRule, *RoleManagementPolicyAuthenticationContextRule, *RoleManagementPolicyEnablementRule, +// - *RoleManagementPolicyExpirationRule, *RoleManagementPolicyNotificationRule, *RoleManagementPolicyRule +type RoleManagementPolicyRuleClassification interface { + // GetRoleManagementPolicyRule returns the RoleManagementPolicyRule content of the underlying type. + GetRoleManagementPolicyRule() *RoleManagementPolicyRule +} diff --git a/vendor/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3/models.go b/vendor/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3/models.go new file mode 100644 index 00000000000..032a7893ccc --- /dev/null +++ b/vendor/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3/models.go @@ -0,0 +1,2637 @@ +//go:build go1.18 +// +build go1.18 + +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package armauthorization + +import "time" + +// AccessReviewActorIdentity - Details of the actor identity +type AccessReviewActorIdentity struct { + // READ-ONLY; The identity id + PrincipalID *string + + // READ-ONLY; The identity display name + PrincipalName *string + + // READ-ONLY; The identity type : user/servicePrincipal + PrincipalType *AccessReviewActorIdentityType + + // READ-ONLY; The user principal name(if valid) + UserPrincipalName *string +} + +// AccessReviewContactedReviewer - Access Review Contacted Reviewer. +type AccessReviewContactedReviewer struct { + // Access Review Contacted Reviewer properties. + Properties *AccessReviewContactedReviewerProperties + + // READ-ONLY; The access review reviewer id. + ID *string + + // READ-ONLY; The access review reviewer id. + Name *string + + // READ-ONLY; The resource type. + Type *string +} + +// AccessReviewContactedReviewerListResult - List of access review contacted reviewers. +type AccessReviewContactedReviewerListResult struct { + // The URL to use for getting the next set of results. + NextLink *string + + // Access Review Contacted Reviewer. + Value []*AccessReviewContactedReviewer +} + +// AccessReviewContactedReviewerProperties - Properties of access review contacted reviewer. +type AccessReviewContactedReviewerProperties struct { + // READ-ONLY; Date Time when the reviewer was contacted. + CreatedDateTime *time.Time + + // READ-ONLY; The display name of the reviewer + UserDisplayName *string + + // READ-ONLY; The user principal name of the reviewer + UserPrincipalName *string +} + +// AccessReviewDecision - Access Review. +type AccessReviewDecision struct { + // Access Review Decision properties. + Properties *AccessReviewDecisionProperties + + // READ-ONLY; The access review decision id. + ID *string + + // READ-ONLY; The access review decision name. + Name *string + + // READ-ONLY; The resource type. + Type *string +} + +// AccessReviewDecisionIdentity - Target of the decision. +type AccessReviewDecisionIdentity struct { + // REQUIRED; The type of decision target : User/ServicePrincipal + Type *DecisionTargetType + + // READ-ONLY; The display name of the user whose access was reviewed. + DisplayName *string + + // READ-ONLY; The id of principal whose access was reviewed. + ID *string +} + +// GetAccessReviewDecisionIdentity implements the AccessReviewDecisionIdentityClassification interface for type AccessReviewDecisionIdentity. +func (a *AccessReviewDecisionIdentity) GetAccessReviewDecisionIdentity() *AccessReviewDecisionIdentity { + return a +} + +// AccessReviewDecisionInsight - Access Review Decision Insight. +type AccessReviewDecisionInsight struct { + // Access Review Decision Insight properties. + Properties AccessReviewDecisionInsightPropertiesClassification + + // READ-ONLY; The access review insight id. + ID *string + + // READ-ONLY; The access review insight name. + Name *string + + // READ-ONLY; The resource type. + Type *string +} + +// AccessReviewDecisionInsightProperties - Details of the Insight. +type AccessReviewDecisionInsightProperties struct { + // REQUIRED; The type of insight + Type *AccessReviewDecisionInsightType + + // READ-ONLY; Date Time when the insight was created. + InsightCreatedDateTime any +} + +// GetAccessReviewDecisionInsightProperties implements the AccessReviewDecisionInsightPropertiesClassification interface for +// type AccessReviewDecisionInsightProperties. +func (a *AccessReviewDecisionInsightProperties) GetAccessReviewDecisionInsightProperties() *AccessReviewDecisionInsightProperties { + return a +} + +// AccessReviewDecisionListResult - List of access review decisions. +type AccessReviewDecisionListResult struct { + // The URL to use for getting the next set of results. + NextLink *string + + // Access Review Decision list. + Value []*AccessReviewDecision +} + +// AccessReviewDecisionPrincipalResourceMembership - Target of the decision. +type AccessReviewDecisionPrincipalResourceMembership struct { + // Every decision item in an access review represents a principal's membership to a resource. This property represents details + // of the membership. Examples of this detail might be whether the principal + // has direct access or indirect access + MembershipTypes []*AccessReviewDecisionPrincipalResourceMembershipType +} + +// AccessReviewDecisionProperties - Approval Step. +type AccessReviewDecisionProperties struct { + // The decision on the approval step. This value is initially set to NotReviewed. Approvers can take action of Approve/Deny + Decision *AccessReviewResult + + // This is the collection of insights for this decision item. + Insights []*AccessReviewDecisionInsight + + // Justification provided by approvers for their action + Justification *string + + // READ-ONLY; Details of the approver. + AppliedBy *AccessReviewActorIdentity + + // READ-ONLY; The date and time when the review decision was applied. + AppliedDateTime *time.Time + + // READ-ONLY; The outcome of applying the decision. + ApplyResult *AccessReviewApplyResult + + // READ-ONLY; Principal associated with the decision record. Can be AccessReviewDecisionUserIdentity or AccessReviewDecisionServicePrincipalIdentity + Principal AccessReviewDecisionIdentityClassification + + // READ-ONLY; Details of the membership type. + PrincipalResourceMembership *AccessReviewDecisionPrincipalResourceMembership + + // READ-ONLY; The feature- generated recommendation shown to the reviewer. + Recommendation *AccessRecommendationType + + // READ-ONLY; Resource associated with this decision record. + Resource *AccessReviewDecisionResource + + // READ-ONLY; Details of the approver. + ReviewedBy *AccessReviewActorIdentity + + // READ-ONLY; Date Time when a decision was taken. + ReviewedDateTime *time.Time +} + +// AccessReviewDecisionResource - Target of the decision. +type AccessReviewDecisionResource struct { + // REQUIRED; The type of resource + Type *DecisionResourceType + + // READ-ONLY; The display name of resource associated with a decision record. + DisplayName *string + + // READ-ONLY; The id of resource associated with a decision record. + ID *string +} + +// AccessReviewDecisionServicePrincipalIdentity - Service Principal Decision Target +type AccessReviewDecisionServicePrincipalIdentity struct { + // REQUIRED; The type of decision target : User/ServicePrincipal + Type *DecisionTargetType + + // READ-ONLY; The appId for the service principal entity being reviewed + AppID *string + + // READ-ONLY; The display name of the user whose access was reviewed. + DisplayName *string + + // READ-ONLY; The id of principal whose access was reviewed. + ID *string +} + +// GetAccessReviewDecisionIdentity implements the AccessReviewDecisionIdentityClassification interface for type AccessReviewDecisionServicePrincipalIdentity. +func (a *AccessReviewDecisionServicePrincipalIdentity) GetAccessReviewDecisionIdentity() *AccessReviewDecisionIdentity { + return &AccessReviewDecisionIdentity{ + DisplayName: a.DisplayName, + ID: a.ID, + Type: a.Type, + } +} + +// AccessReviewDecisionUserIdentity - User Decision Target +type AccessReviewDecisionUserIdentity struct { + // REQUIRED; The type of decision target : User/ServicePrincipal + Type *DecisionTargetType + + // READ-ONLY; The display name of the user whose access was reviewed. + DisplayName *string + + // READ-ONLY; The id of principal whose access was reviewed. + ID *string + + // READ-ONLY; The user principal name of the user whose access was reviewed. + UserPrincipalName *string +} + +// GetAccessReviewDecisionIdentity implements the AccessReviewDecisionIdentityClassification interface for type AccessReviewDecisionUserIdentity. +func (a *AccessReviewDecisionUserIdentity) GetAccessReviewDecisionIdentity() *AccessReviewDecisionIdentity { + return &AccessReviewDecisionIdentity{ + DisplayName: a.DisplayName, + ID: a.ID, + Type: a.Type, + } +} + +// AccessReviewDecisionUserSignInInsightProperties - User Decision Target +type AccessReviewDecisionUserSignInInsightProperties struct { + // REQUIRED; The type of insight + Type *AccessReviewDecisionInsightType + + // READ-ONLY; Date Time when the insight was created. + InsightCreatedDateTime any + + // READ-ONLY; Date Time when the user signed into the tenant. + LastSignInDateTime any +} + +// GetAccessReviewDecisionInsightProperties implements the AccessReviewDecisionInsightPropertiesClassification interface for +// type AccessReviewDecisionUserSignInInsightProperties. +func (a *AccessReviewDecisionUserSignInInsightProperties) GetAccessReviewDecisionInsightProperties() *AccessReviewDecisionInsightProperties { + return &AccessReviewDecisionInsightProperties{ + InsightCreatedDateTime: a.InsightCreatedDateTime, + Type: a.Type, + } +} + +// AccessReviewDefaultSettings - Access Review Default Settings. +type AccessReviewDefaultSettings struct { + // Access Review properties. + Properties *AccessReviewScheduleSettings + + // READ-ONLY; The access review default settings id. This is only going to be default + ID *string + + // READ-ONLY; The access review default settings name. This is always going to be Access Review Default Settings + Name *string + + // READ-ONLY; The resource type. + Type *string +} + +// AccessReviewHistoryDefinition - Access Review History Definition. +type AccessReviewHistoryDefinition struct { + // Access Review History Definition properties. + Properties *AccessReviewHistoryDefinitionProperties + + // READ-ONLY; The access review history definition id. + ID *string + + // READ-ONLY; The access review history definition unique id. + Name *string + + // READ-ONLY; The resource type. + Type *string +} + +// AccessReviewHistoryDefinitionInstanceListResult - List of Access Review History Instances. +type AccessReviewHistoryDefinitionInstanceListResult struct { + // The URL to use for getting the next set of results. + NextLink *string + + // Access Review History Definition's Instance list. + Value []*AccessReviewHistoryInstance +} + +// AccessReviewHistoryDefinitionListResult - List of Access Review History Definitions. +type AccessReviewHistoryDefinitionListResult struct { + // The URL to use for getting the next set of results. + NextLink *string + + // Access Review History Definition list. + Value []*AccessReviewHistoryDefinition +} + +// AccessReviewHistoryDefinitionProperties - Access Review History Instances. +type AccessReviewHistoryDefinitionProperties struct { + // Collection of review decisions which the history data should be filtered on. For example if Approve and Deny are supplied + // the data will only contain review results in which the decision maker approved + // or denied a review request. + Decisions []*AccessReviewResult + + // The display name for the history definition. + DisplayName *string + + // Set of access review history instances for this history definition. + Instances []*AccessReviewHistoryInstance + + // A collection of scopes used when selecting review history data + Scopes []*AccessReviewScope + + // Recurrence settings for recurring history reports, skip for one-time reports. + Settings *AccessReviewHistoryScheduleSettings + + // READ-ONLY; The user or other identity who created this history definition. + CreatedBy *AccessReviewActorIdentity + + // READ-ONLY; Date time when history definition was created + CreatedDateTime *time.Time + + // READ-ONLY; Date time used when selecting review data, all reviews included in data end on or before this date. For use + // only with one-time/non-recurring reports. + ReviewHistoryPeriodEndDateTime *time.Time + + // READ-ONLY; Date time used when selecting review data, all reviews included in data start on or after this date. For use + // only with one-time/non-recurring reports. + ReviewHistoryPeriodStartDateTime *time.Time + + // READ-ONLY; This read-only field specifies the of the requested review history data. This is either requested, in-progress, + // done or error. + Status *AccessReviewHistoryDefinitionStatus +} + +// AccessReviewHistoryInstance - Access Review History Definition Instance. +type AccessReviewHistoryInstance struct { + // Access Review History Definition Instance properties. + Properties *AccessReviewHistoryInstanceProperties + + // READ-ONLY; The access review history definition instance id. + ID *string + + // READ-ONLY; The access review history definition instance unique id. + Name *string + + // READ-ONLY; The resource type. + Type *string +} + +// AccessReviewHistoryInstanceProperties - Access Review History Definition Instance properties. +type AccessReviewHistoryInstanceProperties struct { + // The display name for the parent history definition. + DisplayName *string + + // Date time when history data report expires and the associated data is deleted. + Expiration *time.Time + + // Date time when the history data report is scheduled to be generated. + FulfilledDateTime *time.Time + + // Date time used when selecting review data, all reviews included in data end on or before this date. For use only with one-time/non-recurring + // reports. + ReviewHistoryPeriodEndDateTime *time.Time + + // Date time used when selecting review data, all reviews included in data start on or after this date. For use only with + // one-time/non-recurring reports. + ReviewHistoryPeriodStartDateTime *time.Time + + // Date time when the history data report is scheduled to be generated. + RunDateTime *time.Time + + // READ-ONLY; Uri which can be used to retrieve review history data. To generate this Uri, generateDownloadUri() must be called + // for a specific accessReviewHistoryDefinitionInstance. The link expires after a 24 hour + // period. Callers can see the expiration date time by looking at the 'se' parameter in the generated uri. + DownloadURI *string + + // READ-ONLY; Status of the requested review history instance data. This is either requested, in-progress, done or error. + // The state transitions are as follows - Requested -> InProgress -> Done -> Expired + Status *AccessReviewHistoryDefinitionStatus +} + +// AccessReviewHistoryScheduleSettings - Recurrence settings of an Access Review History Definition. +type AccessReviewHistoryScheduleSettings struct { + // Access Review History Definition recurrence settings. + Pattern *AccessReviewRecurrencePattern + + // Access Review History Definition recurrence settings. + Range *AccessReviewRecurrenceRange +} + +// AccessReviewInstance - Access Review Instance. +type AccessReviewInstance struct { + // Access Review properties. + Properties *AccessReviewInstanceProperties + + // READ-ONLY; The access review instance id. + ID *string + + // READ-ONLY; The access review instance name. + Name *string + + // READ-ONLY; The resource type. + Type *string +} + +// AccessReviewInstanceListResult - List of Access Review Instances. +type AccessReviewInstanceListResult struct { + // The URL to use for getting the next set of results. + NextLink *string + + // Access Review Instance list. + Value []*AccessReviewInstance +} + +// AccessReviewInstanceProperties - Access Review Instance properties. +type AccessReviewInstanceProperties struct { + // This is the collection of backup reviewers. + BackupReviewers []*AccessReviewReviewer + + // The DateTime when the review instance is scheduled to end. + EndDateTime *time.Time + + // This is the collection of reviewers. + Reviewers []*AccessReviewReviewer + + // The DateTime when the review instance is scheduled to be start. + StartDateTime *time.Time + + // READ-ONLY; This field specifies the type of reviewers for a review. Usually for a review, reviewers are explicitly assigned. + // However, in some cases, the reviewers may not be assigned and instead be chosen + // dynamically. For example managers review or self review. + ReviewersType *AccessReviewInstanceReviewersType + + // READ-ONLY; This read-only field specifies the status of an access review instance. + Status *AccessReviewInstanceStatus +} + +// AccessReviewRecurrencePattern - Recurrence Pattern of an Access Review Schedule Definition. +type AccessReviewRecurrencePattern struct { + // The interval for recurrence. For a quarterly review, the interval is 3 for type : absoluteMonthly. + Interval *int32 + + // The recurrence type : weekly, monthly, etc. + Type *AccessReviewRecurrencePatternType +} + +// AccessReviewRecurrenceRange - Recurrence Range of an Access Review Schedule Definition. +type AccessReviewRecurrenceRange struct { + // The DateTime when the review is scheduled to end. Required if type is endDate + EndDate *time.Time + + // The number of times to repeat the access review. Required and must be positive if type is numbered. + NumberOfOccurrences *int32 + + // The DateTime when the review is scheduled to be start. This could be a date in the future. Required on create. + StartDate *time.Time + + // The recurrence range type. The possible values are: endDate, noEnd, numbered. + Type *AccessReviewRecurrenceRangeType +} + +// AccessReviewRecurrenceSettings - Recurrence Settings of an Access Review Schedule Definition. +type AccessReviewRecurrenceSettings struct { + // Access Review schedule definition recurrence pattern. + Pattern *AccessReviewRecurrencePattern + + // Access Review schedule definition recurrence range. + Range *AccessReviewRecurrenceRange +} + +// AccessReviewReviewer - Descriptor for what needs to be reviewed +type AccessReviewReviewer struct { + // The id of the reviewer(user/servicePrincipal) + PrincipalID *string + + // READ-ONLY; The identity type : user/servicePrincipal + PrincipalType *AccessReviewReviewerType +} + +// AccessReviewScheduleDefinition - Access Review Schedule Definition. +type AccessReviewScheduleDefinition struct { + // Access Review properties. + Properties *AccessReviewScheduleDefinitionProperties + + // READ-ONLY; The access review schedule definition id. + ID *string + + // READ-ONLY; The access review schedule definition unique id. + Name *string + + // READ-ONLY; The resource type. + Type *string +} + +// AccessReviewScheduleDefinitionListResult - List of Access Review Schedule Definitions. +type AccessReviewScheduleDefinitionListResult struct { + // The URL to use for getting the next set of results. + NextLink *string + + // Access Review Schedule Definition list. + Value []*AccessReviewScheduleDefinition +} + +// AccessReviewScheduleDefinitionProperties - Access Review. +type AccessReviewScheduleDefinitionProperties struct { + // This is the collection of backup reviewers. + BackupReviewers []*AccessReviewReviewer + + // The description provided by the access review creator and visible to admins. + DescriptionForAdmins *string + + // The description provided by the access review creator to be shown to reviewers. + DescriptionForReviewers *string + + // The display name for the schedule definition. + DisplayName *string + + // This is the collection of instances returned when one does an expand on it. + Instances []*AccessReviewInstance + + // This is the collection of reviewers. + Reviewers []*AccessReviewReviewer + + // Access Review Settings. + Settings *AccessReviewScheduleSettings + + // READ-ONLY; The user or other identity who created this review. + CreatedBy *AccessReviewActorIdentity + + // READ-ONLY; This field specifies the type of reviewers for a review. Usually for a review, reviewers are explicitly assigned. + // However, in some cases, the reviewers may not be assigned and instead be chosen + // dynamically. For example managers review or self review. + ReviewersType *AccessReviewScheduleDefinitionReviewersType + + // READ-ONLY; This is used to define what to include in scope of the review. The scope definition includes the resourceId + // and roleDefinitionId. + Scope *AccessReviewScope + + // READ-ONLY; This read-only field specifies the status of an accessReview. + Status *AccessReviewScheduleDefinitionStatus +} + +// AccessReviewScheduleSettings - Settings of an Access Review. +type AccessReviewScheduleSettings struct { + // Flag to indicate whether auto-apply capability, to automatically change the target object access resource, is enabled. + // If not enabled, a user must, after the review completes, apply the access review. + AutoApplyDecisionsEnabled *bool + + // This specifies the behavior for the autoReview feature when an access review completes. + DefaultDecision *DefaultDecisionType + + // Flag to indicate whether reviewers are required to provide a justification when reviewing access. + DefaultDecisionEnabled *bool + + // The duration in days for an instance. + InstanceDurationInDays *int32 + + // Flag to indicate whether the reviewer is required to pass justification when recording a decision. + JustificationRequiredOnApproval *bool + + // Flag to indicate whether sending mails to reviewers and the review creator is enabled. + MailNotificationsEnabled *bool + + // Recommendations for access reviews are calculated by looking back at 30 days of data(w.r.t the start date of the review) + // by default. However, in some scenarios, customers want to change how far back + // to look at and want to configure 60 days, 90 days, etc. instead. This setting allows customers to configure this duration. + // The value should be in ISO 8601 format + // (http://en.wikipedia.org/wiki/ISO_8601#Durations).This code can be used to convert TimeSpan to a valid interval string: + // XmlConvert.ToString(new TimeSpan(hours, minutes, seconds)) + RecommendationLookBackDuration *string + + // Flag to indicate whether showing recommendations to reviewers is enabled. + RecommendationsEnabled *bool + + // Access Review Settings. + Recurrence *AccessReviewRecurrenceSettings + + // Flag to indicate whether sending reminder emails to reviewers are enabled. + ReminderNotificationsEnabled *bool +} + +// AccessReviewScope - Descriptor for what needs to be reviewed +type AccessReviewScope struct { + // This is used to indicate the resource id(s) to exclude + ExcludeResourceID *string + + // This is used to indicate the role definition id(s) to exclude + ExcludeRoleDefinitionID *string + + // Flag to indicate whether to expand nested memberships or not. + ExpandNestedMemberships *bool + + // Duration users are inactive for. The value should be in ISO 8601 format (http://en.wikipedia.org/wiki/ISO_8601#Durations).This + // code can be used to convert TimeSpan to a valid interval string: + // XmlConvert.ToString(new TimeSpan(hours, minutes, seconds)) + InactiveDuration *string + + // Flag to indicate whether to expand nested memberships or not. + IncludeAccessBelowResource *bool + + // Flag to indicate whether to expand nested memberships or not. + IncludeInheritedAccess *bool + + // READ-ONLY; The role assignment state eligible/active to review + AssignmentState *AccessReviewScopeAssignmentState + + // READ-ONLY; The identity type user/servicePrincipal to review + PrincipalType *AccessReviewScopePrincipalType + + // READ-ONLY; ResourceId in which this review is getting created + ResourceID *string + + // READ-ONLY; This is used to indicate the role being reviewed + RoleDefinitionID *string +} + +// Alert - The alert. +type Alert struct { + // Alert properties. + Properties *AlertProperties + + // READ-ONLY; The alert ID. + ID *string + + // READ-ONLY; The alert name. + Name *string + + // READ-ONLY; The alert type. + Type *string +} + +// AlertConfiguration - Alert configuration. +type AlertConfiguration struct { + // Alert configuration properties. + Properties AlertConfigurationPropertiesClassification + + // READ-ONLY; The alert configuration ID. + ID *string + + // READ-ONLY; The alert configuration name. + Name *string + + // READ-ONLY; The alert configuration type. + Type *string +} + +// AlertConfigurationListResult - Alert configuration list operation result. +type AlertConfigurationListResult struct { + // The URL to use for getting the next set of results. + NextLink *string + + // Alert configuration list + Value []*AlertConfiguration +} + +// AlertConfigurationProperties - Alert configuration properties. +type AlertConfigurationProperties struct { + // REQUIRED; The alert configuration type. + AlertConfigurationType *string + + // True if the alert is enabled, false will disable the scanning for the specific alert. + IsEnabled *bool + + // READ-ONLY; The alert definition. + AlertDefinition *AlertDefinition + + // READ-ONLY; The alert definition ID. + AlertDefinitionID *string + + // READ-ONLY; The alert scope. + Scope *string +} + +// GetAlertConfigurationProperties implements the AlertConfigurationPropertiesClassification interface for type AlertConfigurationProperties. +func (a *AlertConfigurationProperties) GetAlertConfigurationProperties() *AlertConfigurationProperties { + return a +} + +// AlertDefinition - Alert definition +type AlertDefinition struct { + // Alert definition properties. + Properties *AlertDefinitionProperties + + // READ-ONLY; The alert definition ID. + ID *string + + // READ-ONLY; The alert definition name. + Name *string + + // READ-ONLY; The alert definition type. + Type *string +} + +// AlertDefinitionListResult - Alert definition list operation result. +type AlertDefinitionListResult struct { + // The URL to use for getting the next set of results. + NextLink *string + + // Alert definition list + Value []*AlertDefinition +} + +// AlertDefinitionProperties - Alert definition properties. +type AlertDefinitionProperties struct { + // READ-ONLY; The alert description. + Description *string + + // READ-ONLY; The alert display name. + DisplayName *string + + // READ-ONLY; The ways to prevent the alert. + HowToPrevent *string + + // READ-ONLY; True if the alert configuration can be configured; false, otherwise. + IsConfigurable *bool + + // READ-ONLY; True if the alert can be remediated; false, otherwise. + IsRemediatable *bool + + // READ-ONLY; The methods to mitigate the alert. + MitigationSteps *string + + // READ-ONLY; The alert scope. + Scope *string + + // READ-ONLY; Security impact of the alert. + SecurityImpact *string + + // READ-ONLY; Severity level of the alert. + SeverityLevel *SeverityLevel +} + +// AlertIncident - Alert incident +type AlertIncident struct { + // Alert incident properties. + Properties AlertIncidentPropertiesClassification + + // READ-ONLY; The alert incident ID. + ID *string + + // READ-ONLY; The alert incident name. + Name *string + + // READ-ONLY; The alert incident type. + Type *string +} + +// AlertIncidentListResult - Alert incident list operation result. +type AlertIncidentListResult struct { + // The URL to use for getting the next set of results. + NextLink *string + + // Alert incident list + Value []*AlertIncident +} + +// AlertIncidentProperties - Alert incident properties +type AlertIncidentProperties struct { + // REQUIRED; The alert incident type. + AlertIncidentType *string +} + +// GetAlertIncidentProperties implements the AlertIncidentPropertiesClassification interface for type AlertIncidentProperties. +func (a *AlertIncidentProperties) GetAlertIncidentProperties() *AlertIncidentProperties { return a } + +// AlertListResult - Alert list operation result. +type AlertListResult struct { + // The URL to use for getting the next set of results. + NextLink *string + + // Alert list + Value []*Alert +} + +// AlertOperationResult - Alert operation result +type AlertOperationResult struct { + // READ-ONLY; The created date of the alert operation. + CreatedDateTime *time.Time + + // READ-ONLY; The id of the alert operation. + ID *string + + // READ-ONLY; The last action date of the alert operation. + LastActionDateTime *time.Time + + // READ-ONLY; The location of the alert associated with the operation. + ResourceLocation *string + + // READ-ONLY; The status of the alert operation. + Status *string + + // READ-ONLY; The status detail of the alert operation. + StatusDetail *string +} + +// AlertProperties - Alert properties. +type AlertProperties struct { + // False by default; true if the alert is active. + IsActive *bool + + // READ-ONLY; The alert configuration. + AlertConfiguration *AlertConfiguration + + // READ-ONLY; The alert definition. + AlertDefinition *AlertDefinition + + // READ-ONLY; The alert incidents. + AlertIncidents []*AlertIncident + + // READ-ONLY; The number of generated incidents of the alert. + IncidentCount *int32 + + // READ-ONLY; The date time when the alert configuration was updated or new incidents were generated. + LastModifiedDateTime *time.Time + + // READ-ONLY; The date time when the alert was last scanned. + LastScannedDateTime *time.Time + + // READ-ONLY; The alert scope. + Scope *string +} + +// ApprovalSettings - The approval settings. +type ApprovalSettings struct { + // The type of rule + ApprovalMode *ApprovalMode + + // The approval stages of the request. + ApprovalStages []*ApprovalStage + + // Determines whether approval is required or not. + IsApprovalRequired *bool + + // Determines whether approval is required for assignment extension. + IsApprovalRequiredForExtension *bool + + // Determine whether requestor justification is required. + IsRequestorJustificationRequired *bool +} + +// ApprovalStage - The approval stage. +type ApprovalStage struct { + // The time in days when approval request would be timed out + ApprovalStageTimeOutInDays *int32 + + // The escalation approver of the request. + EscalationApprovers []*UserSet + + // The time in minutes when the approval request would be escalated if the primary approver does not approve + EscalationTimeInMinutes *int32 + + // Determines whether approver need to provide justification for his decision. + IsApproverJustificationRequired *bool + + // The value determine whether escalation feature is enabled. + IsEscalationEnabled *bool + + // The primary approver of the request. + PrimaryApprovers []*UserSet +} + +// AzureRolesAssignedOutsidePimAlertConfigurationProperties - The Azure roles assigned outside PIM alert configuration properties. +type AzureRolesAssignedOutsidePimAlertConfigurationProperties struct { + // REQUIRED; The alert configuration type. + AlertConfigurationType *string + + // True if the alert is enabled, false will disable the scanning for the specific alert. + IsEnabled *bool + + // READ-ONLY; The alert definition. + AlertDefinition *AlertDefinition + + // READ-ONLY; The alert definition ID. + AlertDefinitionID *string + + // READ-ONLY; The alert scope. + Scope *string +} + +// GetAlertConfigurationProperties implements the AlertConfigurationPropertiesClassification interface for type AzureRolesAssignedOutsidePimAlertConfigurationProperties. +func (a *AzureRolesAssignedOutsidePimAlertConfigurationProperties) GetAlertConfigurationProperties() *AlertConfigurationProperties { + return &AlertConfigurationProperties{ + AlertConfigurationType: a.AlertConfigurationType, + AlertDefinition: a.AlertDefinition, + AlertDefinitionID: a.AlertDefinitionID, + IsEnabled: a.IsEnabled, + Scope: a.Scope, + } +} + +// AzureRolesAssignedOutsidePimAlertIncidentProperties - Azure roles assigned outside PIM alert incident properties. +type AzureRolesAssignedOutsidePimAlertIncidentProperties struct { + // REQUIRED; The alert incident type. + AlertIncidentType *string + + // READ-ONLY; The assignee display name. + AssigneeDisplayName *string + + // READ-ONLY; The assignee ID. + AssigneeID *string + + // READ-ONLY; The assignee user principal name. + AssigneeUserPrincipalName *string + + // READ-ONLY; The date the assignment was activated. + AssignmentActivatedDate *time.Time + + // READ-ONLY; The requestor display name. + RequestorDisplayName *string + + // READ-ONLY; The requestor ID. + RequestorID *string + + // READ-ONLY; The requestor user principal name. + RequestorUserPrincipalName *string + + // READ-ONLY; The role definition ID. + RoleDefinitionID *string + + // READ-ONLY; The role display name. + RoleDisplayName *string + + // READ-ONLY; The role template ID. + RoleTemplateID *string +} + +// GetAlertIncidentProperties implements the AlertIncidentPropertiesClassification interface for type AzureRolesAssignedOutsidePimAlertIncidentProperties. +func (a *AzureRolesAssignedOutsidePimAlertIncidentProperties) GetAlertIncidentProperties() *AlertIncidentProperties { + return &AlertIncidentProperties{ + AlertIncidentType: a.AlertIncidentType, + } +} + +// ClassicAdministrator - Classic Administrators +type ClassicAdministrator struct { + // The ID of the administrator. + ID *string + + // The name of the administrator. + Name *string + + // Properties for the classic administrator. + Properties *ClassicAdministratorProperties + + // The type of the administrator. + Type *string +} + +// ClassicAdministratorListResult - ClassicAdministrator list result information. +type ClassicAdministratorListResult struct { + // The URL to use for getting the next set of results. + NextLink *string + + // An array of administrators. + Value []*ClassicAdministrator +} + +// ClassicAdministratorProperties - Classic Administrator properties. +type ClassicAdministratorProperties struct { + // The email address of the administrator. + EmailAddress *string + + // The role of the administrator. + Role *string +} + +// DenyAssignment - Deny Assignment +type DenyAssignment struct { + // Deny assignment properties. + Properties *DenyAssignmentProperties + + // READ-ONLY; The deny assignment ID. + ID *string + + // READ-ONLY; The deny assignment name. + Name *string + + // READ-ONLY; The deny assignment type. + Type *string +} + +// DenyAssignmentFilter - Deny Assignments filter +type DenyAssignmentFilter struct { + // Return deny assignment with specified name. + DenyAssignmentName *string + + // Return all deny assignments where the specified principal is listed either in the principals list or exclude principals + // list of deny assignments. + GdprExportPrincipalID *string + + // Return all deny assignments where the specified principal is listed in the principals list of deny assignments. + PrincipalID *string +} + +// DenyAssignmentListResult - Deny assignment list operation result. +type DenyAssignmentListResult struct { + // The URL to use for getting the next set of results. + NextLink *string + + // Deny assignment list. + Value []*DenyAssignment +} + +// DenyAssignmentPermission - Deny assignment permissions. +type DenyAssignmentPermission struct { + // Actions to which the deny assignment does not grant access. + Actions []*string + + // The conditions on the Deny assignment permission. This limits the resources it applies to. + Condition *string + + // Version of the condition. + ConditionVersion *string + + // Data actions to which the deny assignment does not grant access. + DataActions []*string + + // Actions to exclude from that the deny assignment does not grant access. + NotActions []*string + + // Data actions to exclude from that the deny assignment does not grant access. + NotDataActions []*string +} + +// DenyAssignmentProperties - Deny assignment properties. +type DenyAssignmentProperties struct { + // The conditions on the deny assignment. This limits the resources it can be assigned to. e.g.: @Resource[Microsoft.Storage/storageAccounts/blobServices/containers:ContainerName] + // StringEqualsIgnoreCase + // 'foostoragecontainer' + Condition *string + + // Version of the condition. + ConditionVersion *string + + // The display name of the deny assignment. + DenyAssignmentName *string + + // The description of the deny assignment. + Description *string + + // Determines if the deny assignment applies to child scopes. Default value is false. + DoNotApplyToChildScopes *bool + + // Array of principals to which the deny assignment does not apply. + ExcludePrincipals []*Principal + + // Specifies whether this deny assignment was created by Azure and cannot be edited or deleted. + IsSystemProtected *bool + + // An array of permissions that are denied by the deny assignment. + Permissions []*DenyAssignmentPermission + + // Array of principals to which the deny assignment applies. + Principals []*Principal + + // The deny assignment scope. + Scope *string + + // READ-ONLY; Id of the user who created the assignment + CreatedBy *string + + // READ-ONLY; Time it was created + CreatedOn *time.Time + + // READ-ONLY; Id of the user who updated the assignment + UpdatedBy *string + + // READ-ONLY; Time it was updated + UpdatedOn *time.Time +} + +// DuplicateRoleCreatedAlertConfigurationProperties - The duplicate role created alert configuration. +type DuplicateRoleCreatedAlertConfigurationProperties struct { + // REQUIRED; The alert configuration type. + AlertConfigurationType *string + + // True if the alert is enabled, false will disable the scanning for the specific alert. + IsEnabled *bool + + // READ-ONLY; The alert definition. + AlertDefinition *AlertDefinition + + // READ-ONLY; The alert definition ID. + AlertDefinitionID *string + + // READ-ONLY; The alert scope. + Scope *string +} + +// GetAlertConfigurationProperties implements the AlertConfigurationPropertiesClassification interface for type DuplicateRoleCreatedAlertConfigurationProperties. +func (d *DuplicateRoleCreatedAlertConfigurationProperties) GetAlertConfigurationProperties() *AlertConfigurationProperties { + return &AlertConfigurationProperties{ + AlertConfigurationType: d.AlertConfigurationType, + AlertDefinition: d.AlertDefinition, + AlertDefinitionID: d.AlertDefinitionID, + IsEnabled: d.IsEnabled, + Scope: d.Scope, + } +} + +// DuplicateRoleCreatedAlertIncidentProperties - Duplicate role created alert incident properties. +type DuplicateRoleCreatedAlertIncidentProperties struct { + // REQUIRED; The alert incident type. + AlertIncidentType *string + + // READ-ONLY; The duplicate roles. + DuplicateRoles *string + + // READ-ONLY; The reason for the incident. + Reason *string + + // READ-ONLY; The role name. + RoleName *string +} + +// GetAlertIncidentProperties implements the AlertIncidentPropertiesClassification interface for type DuplicateRoleCreatedAlertIncidentProperties. +func (d *DuplicateRoleCreatedAlertIncidentProperties) GetAlertIncidentProperties() *AlertIncidentProperties { + return &AlertIncidentProperties{ + AlertIncidentType: d.AlertIncidentType, + } +} + +// EligibleChildResource - Eligible child resource +type EligibleChildResource struct { + // READ-ONLY; The resource scope Id. + ID *string + + // READ-ONLY; The resource name. + Name *string + + // READ-ONLY; The resource type. + Type *string +} + +// EligibleChildResourcesListResult - Eligible child resources list operation result. +type EligibleChildResourcesListResult struct { + // The URL to use for getting the next set of results. + NextLink *string + + // Eligible child resource list. + Value []*EligibleChildResource +} + +// ErrorAdditionalInfo - The resource management error additional info. +type ErrorAdditionalInfo struct { + // READ-ONLY; The additional info. + Info any + + // READ-ONLY; The additional info type. + Type *string +} + +// ErrorDefinition - Error description and code explaining why an operation failed. +type ErrorDefinition struct { + // Error of the list gateway status. + Error *ErrorDefinitionProperties +} + +// ErrorDefinitionProperties - Error description and code explaining why an operation failed. +type ErrorDefinitionProperties struct { + // Error code of list gateway. + Code *string + + // READ-ONLY; Description of the error. + Message *string +} + +// ErrorDetail - The error detail. +type ErrorDetail struct { + // READ-ONLY; The error additional info. + AdditionalInfo []*ErrorAdditionalInfo + + // READ-ONLY; The error code. + Code *string + + // READ-ONLY; The error details. + Details []*ErrorDetail + + // READ-ONLY; The error message. + Message *string + + // READ-ONLY; The error target. + Target *string +} + +// ErrorResponse - Common error response for all Azure Resource Manager APIs to return error details for failed operations. +// (This also follows the OData error response format.). +type ErrorResponse struct { + // The error object. + Error *ErrorDetail +} + +type ExpandedProperties struct { + // Details of the principal + Principal *ExpandedPropertiesPrincipal + + // Details of role definition + RoleDefinition *ExpandedPropertiesRoleDefinition + + // Details of the resource scope + Scope *ExpandedPropertiesScope +} + +// ExpandedPropertiesPrincipal - Details of the principal +type ExpandedPropertiesPrincipal struct { + // Display name of the principal + DisplayName *string + + // Email id of the principal + Email *string + + // Id of the principal + ID *string + + // Type of the principal + Type *string +} + +// ExpandedPropertiesRoleDefinition - Details of role definition +type ExpandedPropertiesRoleDefinition struct { + // Display name of the role definition + DisplayName *string + + // Id of the role definition + ID *string + + // Type of the role definition + Type *string +} + +// ExpandedPropertiesScope - Details of the resource scope +type ExpandedPropertiesScope struct { + // Display name of the resource + DisplayName *string + + // Scope id of the resource + ID *string + + // Type of the resource + Type *string +} + +// Operation - The definition of a Microsoft.Authorization operation. +type Operation struct { + // Display of the operation + Display *OperationDisplay + + // Indicates whether the operation is a data action + IsDataAction *bool + + // Name of the operation + Name *string + + // Origin of the operation + Origin *string +} + +// OperationDisplay - The display information for a Microsoft.Authorization operation. +type OperationDisplay struct { + // READ-ONLY; The description for the operation. + Description *string + + // READ-ONLY; The operation that users can perform. + Operation *string + + // READ-ONLY; The resource provider name: Microsoft.Authorization. + Provider *string + + // READ-ONLY; The resource on which the operation is performed. + Resource *string +} + +// OperationListResult - The result of a request to list Microsoft.Authorization operations. +type OperationListResult struct { + // The URI that can be used to request the next set of paged results. + NextLink *string + + // The collection value. + Value []*Operation +} + +// Permission - Role definition permissions. +type Permission struct { + // Allowed actions. + Actions []*string + + // Allowed Data actions. + DataActions []*string + + // Denied actions. + NotActions []*string + + // Denied Data actions. + NotDataActions []*string + + // READ-ONLY; The conditions on the role definition. This limits the resources it can be assigned to. e.g.: @Resource[Microsoft.Storage/storageAccounts/blobServices/containers:ContainerName] + // StringEqualsIgnoreCase + // 'foostoragecontainer' + Condition *string + + // READ-ONLY; Version of the condition. Currently the only accepted value is '2.0' + ConditionVersion *string +} + +// PermissionGetResult - Permissions information. +type PermissionGetResult struct { + // The URL to use for getting the next set of results. + NextLink *string + + // An array of permissions. + Value []*Permission +} + +type PolicyAssignmentProperties struct { + // Details of the policy + Policy *PolicyAssignmentPropertiesPolicy + + // Details of role definition + RoleDefinition *PolicyAssignmentPropertiesRoleDefinition + + // Details of the resource scope + Scope *PolicyAssignmentPropertiesScope +} + +// PolicyAssignmentPropertiesPolicy - Details of the policy +type PolicyAssignmentPropertiesPolicy struct { + // Id of the policy + ID *string + + // The last modified date time. + LastModifiedDateTime *time.Time + + // READ-ONLY; The name of the entity last modified it + LastModifiedBy *Principal +} + +// PolicyAssignmentPropertiesRoleDefinition - Details of role definition +type PolicyAssignmentPropertiesRoleDefinition struct { + // Display name of the role definition + DisplayName *string + + // Id of the role definition + ID *string + + // Type of the role definition + Type *string +} + +// PolicyAssignmentPropertiesScope - Details of the resource scope +type PolicyAssignmentPropertiesScope struct { + // Display name of the resource + DisplayName *string + + // Scope id of the resource + ID *string + + // Type of the resource + Type *string +} + +type PolicyProperties struct { + // READ-ONLY; Details of the resource scope + Scope *PolicyPropertiesScope +} + +// PolicyPropertiesScope - Details of the resource scope +type PolicyPropertiesScope struct { + // Display name of the resource + DisplayName *string + + // Scope id of the resource + ID *string + + // Type of the resource + Type *string +} + +// Principal - The name of the entity last modified it +type Principal struct { + // The name of the principal made changes + DisplayName *string + + // Email of principal + Email *string + + // The id of the principal made changes + ID *string + + // Type of principal such as user , group etc + Type *string +} + +// ProviderOperation - Operation +type ProviderOperation struct { + // The operation description. + Description *string + + // The operation display name. + DisplayName *string + + // The dataAction flag to specify the operation type. + IsDataAction *bool + + // The operation name. + Name *string + + // The operation origin. + Origin *string + + // The operation properties. + Properties any +} + +// ProviderOperationsMetadata - Provider Operations metadata +type ProviderOperationsMetadata struct { + // The provider display name. + DisplayName *string + + // The provider id. + ID *string + + // The provider name. + Name *string + + // The provider operations. + Operations []*ProviderOperation + + // The provider resource types + ResourceTypes []*ResourceType + + // The provider type. + Type *string +} + +// ProviderOperationsMetadataListResult - Provider operations metadata list +type ProviderOperationsMetadataListResult struct { + // The URL to use for getting the next set of results. + NextLink *string + + // The list of providers. + Value []*ProviderOperationsMetadata +} + +// RecordAllDecisionsProperties - Record All Decisions payload. +type RecordAllDecisionsProperties struct { + // The decision to make. Approvers can take action of Approve/Deny + Decision *RecordAllDecisionsResult + + // Justification provided by approvers for their action + Justification *string + + // READ-ONLY; The id of principal which needs to be approved/denied. + PrincipalID *string + + // READ-ONLY; The id of resource which needs to be approved/denied. + ResourceID *string +} + +// ResourceType - Resource Type +type ResourceType struct { + // The resource type display name. + DisplayName *string + + // The resource type name. + Name *string + + // The resource type operations. + Operations []*ProviderOperation +} + +// RoleAssignment - Role Assignments +type RoleAssignment struct { + // Role assignment properties. + Properties *RoleAssignmentProperties + + // READ-ONLY; The role assignment ID. + ID *string + + // READ-ONLY; The role assignment name. + Name *string + + // READ-ONLY; The role assignment type. + Type *string +} + +// RoleAssignmentCreateParameters - Role assignment create parameters. +type RoleAssignmentCreateParameters struct { + // REQUIRED; Role assignment properties. + Properties *RoleAssignmentProperties +} + +// RoleAssignmentFilter - Role Assignments filter +type RoleAssignmentFilter struct { + // Returns role assignment of the specific principal. + PrincipalID *string +} + +// RoleAssignmentListResult - Role assignment list operation result. +type RoleAssignmentListResult struct { + // Role assignment list. + Value []*RoleAssignment + + // READ-ONLY; The skipToken to use for getting the next set of results. + NextLink *string +} + +// RoleAssignmentProperties - Role assignment properties. +type RoleAssignmentProperties struct { + // REQUIRED; The principal ID. + PrincipalID *string + + // REQUIRED; The role definition ID. + RoleDefinitionID *string + + // The conditions on the role assignment. This limits the resources it can be assigned to. e.g.: @Resource[Microsoft.Storage/storageAccounts/blobServices/containers:ContainerName] + // StringEqualsIgnoreCase + // 'foostoragecontainer' + Condition *string + + // Version of the condition. Currently the only accepted value is '2.0' + ConditionVersion *string + + // Id of the delegated managed identity resource + DelegatedManagedIdentityResourceID *string + + // Description of role assignment + Description *string + + // The principal type of the assigned principal ID. + PrincipalType *PrincipalType + + // READ-ONLY; Id of the user who created the assignment + CreatedBy *string + + // READ-ONLY; Time it was created + CreatedOn *time.Time + + // READ-ONLY; The role assignment scope. + Scope *string + + // READ-ONLY; Id of the user who updated the assignment + UpdatedBy *string + + // READ-ONLY; Time it was updated + UpdatedOn *time.Time +} + +// RoleAssignmentSchedule - Role Assignment schedule +type RoleAssignmentSchedule struct { + // Role assignment schedule properties. + Properties *RoleAssignmentScheduleProperties + + // READ-ONLY; The role assignment schedule Id. + ID *string + + // READ-ONLY; The role assignment schedule name. + Name *string + + // READ-ONLY; The role assignment schedule type. + Type *string +} + +// RoleAssignmentScheduleFilter - Role assignment schedule filter +type RoleAssignmentScheduleFilter struct { + // Returns role assignment schedule of the specific principal. + PrincipalID *string + + // Returns role assignment schedule of the specific role definition. + RoleDefinitionID *string + + // Returns role assignment schedule instances of the specific status. + Status *string +} + +// RoleAssignmentScheduleInstance - Information about current or upcoming role assignment schedule instance +type RoleAssignmentScheduleInstance struct { + // Role assignment schedule instance properties. + Properties *RoleAssignmentScheduleInstanceProperties + + // READ-ONLY; The role assignment schedule instance ID. + ID *string + + // READ-ONLY; The role assignment schedule instance name. + Name *string + + // READ-ONLY; The role assignment schedule instance type. + Type *string +} + +// RoleAssignmentScheduleInstanceFilter - Role assignment schedule instance filter +type RoleAssignmentScheduleInstanceFilter struct { + // Returns role assignment schedule instances of the specific principal. + PrincipalID *string + + // Returns role assignment schedule instances belonging to a specific role assignment schedule. + RoleAssignmentScheduleID *string + + // Returns role assignment schedule instances of the specific role definition. + RoleDefinitionID *string + + // Returns role assignment schedule instances of the specific status. + Status *string +} + +// RoleAssignmentScheduleInstanceListResult - Role assignment schedule instance list operation result. +type RoleAssignmentScheduleInstanceListResult struct { + // The URL to use for getting the next set of results. + NextLink *string + + // Role assignment schedule instance list. + Value []*RoleAssignmentScheduleInstance +} + +// RoleAssignmentScheduleInstanceProperties - Role assignment schedule properties with scope. +type RoleAssignmentScheduleInstanceProperties struct { + // Assignment type of the role assignment schedule + AssignmentType *AssignmentType + + // The conditions on the role assignment. This limits the resources it can be assigned to. e.g.: @Resource[Microsoft.Storage/storageAccounts/blobServices/containers:ContainerName] + // StringEqualsIgnoreCase + // 'foostoragecontainer' + Condition *string + + // Version of the condition. Currently accepted value is '2.0' + ConditionVersion *string + + // DateTime when role assignment schedule was created + CreatedOn *time.Time + + // The endDateTime of the role assignment schedule instance + EndDateTime *time.Time + + // Additional properties of principal, scope and role definition + ExpandedProperties *ExpandedProperties + + // roleEligibilityScheduleId used to activate + LinkedRoleEligibilityScheduleID *string + + // roleEligibilityScheduleInstanceId linked to this roleAssignmentScheduleInstance + LinkedRoleEligibilityScheduleInstanceID *string + + // Membership type of the role assignment schedule + MemberType *MemberType + + // Role Assignment Id in external system + OriginRoleAssignmentID *string + + // The principal ID. + PrincipalID *string + + // The principal type of the assigned principal ID. + PrincipalType *PrincipalType + + // Id of the master role assignment schedule + RoleAssignmentScheduleID *string + + // The role definition ID. + RoleDefinitionID *string + + // The role assignment schedule scope. + Scope *string + + // The startDateTime of the role assignment schedule instance + StartDateTime *time.Time + + // The status of the role assignment schedule instance. + Status *Status +} + +// RoleAssignmentScheduleListResult - Role assignment schedule list operation result. +type RoleAssignmentScheduleListResult struct { + // The URL to use for getting the next set of results. + NextLink *string + + // Role assignment schedule list. + Value []*RoleAssignmentSchedule +} + +// RoleAssignmentScheduleProperties - Role assignment schedule properties with scope. +type RoleAssignmentScheduleProperties struct { + // Assignment type of the role assignment schedule + AssignmentType *AssignmentType + + // The conditions on the role assignment. This limits the resources it can be assigned to. e.g.: @Resource[Microsoft.Storage/storageAccounts/blobServices/containers:ContainerName] + // StringEqualsIgnoreCase + // 'foostoragecontainer' + Condition *string + + // Version of the condition. Currently accepted value is '2.0' + ConditionVersion *string + + // DateTime when role assignment schedule was created + CreatedOn *time.Time + + // End DateTime when role assignment schedule + EndDateTime *time.Time + + // Additional properties of principal, scope and role definition + ExpandedProperties *ExpandedProperties + + // The id of roleEligibilitySchedule used to activated this roleAssignmentSchedule + LinkedRoleEligibilityScheduleID *string + + // Membership type of the role assignment schedule + MemberType *MemberType + + // The principal ID. + PrincipalID *string + + // The principal type of the assigned principal ID. + PrincipalType *PrincipalType + + // The id of roleAssignmentScheduleRequest used to create this roleAssignmentSchedule + RoleAssignmentScheduleRequestID *string + + // The role definition ID. + RoleDefinitionID *string + + // The role assignment schedule scope. + Scope *string + + // Start DateTime when role assignment schedule + StartDateTime *time.Time + + // The status of the role assignment schedule. + Status *Status + + // DateTime when role assignment schedule was modified + UpdatedOn *time.Time +} + +// RoleAssignmentScheduleRequest - Role Assignment schedule request +type RoleAssignmentScheduleRequest struct { + // Role assignment schedule request properties. + Properties *RoleAssignmentScheduleRequestProperties + + // READ-ONLY; The role assignment schedule request ID. + ID *string + + // READ-ONLY; The role assignment schedule request name. + Name *string + + // READ-ONLY; The role assignment schedule request type. + Type *string +} + +// RoleAssignmentScheduleRequestFilter - Role assignment schedule request filter +type RoleAssignmentScheduleRequestFilter struct { + // Returns role assignment requests of the specific principal. + PrincipalID *string + + // Returns role assignment requests created by specific principal. + RequestorID *string + + // Returns role assignment requests of the specific role definition. + RoleDefinitionID *string + + // Returns role assignment requests of specific status. + Status *string +} + +// RoleAssignmentScheduleRequestListResult - Role assignment schedule request list operation result. +type RoleAssignmentScheduleRequestListResult struct { + // The URL to use for getting the next set of results. + NextLink *string + + // Role assignment schedule request list. + Value []*RoleAssignmentScheduleRequest +} + +// RoleAssignmentScheduleRequestProperties - Role assignment schedule request properties with scope. +type RoleAssignmentScheduleRequestProperties struct { + // REQUIRED; The principal ID. + PrincipalID *string + + // REQUIRED; The type of the role assignment schedule request. Eg: SelfActivate, AdminAssign etc + RequestType *RequestType + + // REQUIRED; The role definition ID. + RoleDefinitionID *string + + // The conditions on the role assignment. This limits the resources it can be assigned to. e.g.: @Resource[Microsoft.Storage/storageAccounts/blobServices/containers:ContainerName] + // StringEqualsIgnoreCase + // 'foostoragecontainer' + Condition *string + + // Version of the condition. Currently accepted value is '2.0' + ConditionVersion *string + + // Justification for the role assignment + Justification *string + + // The linked role eligibility schedule id - to activate an eligibility. + LinkedRoleEligibilityScheduleID *string + + // Schedule info of the role assignment schedule + ScheduleInfo *RoleAssignmentScheduleRequestPropertiesScheduleInfo + + // The resultant role assignment schedule id or the role assignment schedule id being updated + TargetRoleAssignmentScheduleID *string + + // The role assignment schedule instance id being updated + TargetRoleAssignmentScheduleInstanceID *string + + // Ticket Info of the role assignment + TicketInfo *RoleAssignmentScheduleRequestPropertiesTicketInfo + + // READ-ONLY; The approvalId of the role assignment schedule request. + ApprovalID *string + + // READ-ONLY; DateTime when role assignment schedule request was created + CreatedOn *time.Time + + // READ-ONLY; Additional properties of principal, scope and role definition + ExpandedProperties *ExpandedProperties + + // READ-ONLY; The principal type of the assigned principal ID. + PrincipalType *PrincipalType + + // READ-ONLY; Id of the user who created this request + RequestorID *string + + // READ-ONLY; The role assignment schedule request scope. + Scope *string + + // READ-ONLY; The status of the role assignment schedule request. + Status *Status +} + +// RoleAssignmentScheduleRequestPropertiesScheduleInfo - Schedule info of the role assignment schedule +type RoleAssignmentScheduleRequestPropertiesScheduleInfo struct { + // Expiration of the role assignment schedule + Expiration *RoleAssignmentScheduleRequestPropertiesScheduleInfoExpiration + + // Start DateTime of the role assignment schedule. + StartDateTime *time.Time +} + +// RoleAssignmentScheduleRequestPropertiesScheduleInfoExpiration - Expiration of the role assignment schedule +type RoleAssignmentScheduleRequestPropertiesScheduleInfoExpiration struct { + // Duration of the role assignment schedule in TimeSpan. + Duration *string + + // End DateTime of the role assignment schedule. + EndDateTime *time.Time + + // Type of the role assignment schedule expiration + Type *Type +} + +// RoleAssignmentScheduleRequestPropertiesTicketInfo - Ticket Info of the role assignment +type RoleAssignmentScheduleRequestPropertiesTicketInfo struct { + // Ticket number for the role assignment + TicketNumber *string + + // Ticket system name for the role assignment + TicketSystem *string +} + +// RoleDefinition - Role definition. +type RoleDefinition struct { + // Role definition properties. + Properties *RoleDefinitionProperties + + // READ-ONLY; The role definition ID. + ID *string + + // READ-ONLY; The role definition name. + Name *string + + // READ-ONLY; The role definition type. + Type *string +} + +// RoleDefinitionFilter - Role Definitions filter +type RoleDefinitionFilter struct { + // Returns role definition with the specific name. + RoleName *string + + // Returns role definition with the specific type. + Type *string +} + +// RoleDefinitionListResult - Role definition list operation result. +type RoleDefinitionListResult struct { + // The URL to use for getting the next set of results. + NextLink *string + + // Role definition list. + Value []*RoleDefinition +} + +// RoleDefinitionProperties - Role definition properties. +type RoleDefinitionProperties struct { + // Role definition assignable scopes. + AssignableScopes []*string + + // The role definition description. + Description *string + + // Role definition permissions. + Permissions []*Permission + + // The role name. + RoleName *string + + // The role type. + RoleType *string + + // READ-ONLY; Id of the user who created the assignment + CreatedBy *string + + // READ-ONLY; Time it was created + CreatedOn *time.Time + + // READ-ONLY; Id of the user who updated the assignment + UpdatedBy *string + + // READ-ONLY; Time it was updated + UpdatedOn *time.Time +} + +// RoleEligibilitySchedule - Role eligibility schedule +type RoleEligibilitySchedule struct { + // role eligibility schedule properties. + Properties *RoleEligibilityScheduleProperties + + // READ-ONLY; The role eligibility schedule Id. + ID *string + + // READ-ONLY; The role eligibility schedule name. + Name *string + + // READ-ONLY; The role eligibility schedule type. + Type *string +} + +// RoleEligibilityScheduleFilter - Role eligibility schedule filter +type RoleEligibilityScheduleFilter struct { + // Returns role eligibility schedule of the specific principal. + PrincipalID *string + + // Returns role eligibility schedule of the specific role definition. + RoleDefinitionID *string + + // Returns role eligibility schedule of the specific status. + Status *string +} + +// RoleEligibilityScheduleInstance - Information about current or upcoming role eligibility schedule instance +type RoleEligibilityScheduleInstance struct { + // Role eligibility schedule instance properties. + Properties *RoleEligibilityScheduleInstanceProperties + + // READ-ONLY; The role eligibility schedule instance ID. + ID *string + + // READ-ONLY; The role eligibility schedule instance name. + Name *string + + // READ-ONLY; The role eligibility schedule instance type. + Type *string +} + +// RoleEligibilityScheduleInstanceFilter - Role eligibility schedule instance filter +type RoleEligibilityScheduleInstanceFilter struct { + // Returns role eligibility schedule instances of the specific principal. + PrincipalID *string + + // Returns role eligibility schedule instances of the specific role definition. + RoleDefinitionID *string + + // Returns role eligibility schedule instances belonging to a specific role eligibility schedule. + RoleEligibilityScheduleID *string + + // Returns role eligibility schedule instances of the specific status. + Status *string +} + +// RoleEligibilityScheduleInstanceListResult - Role eligibility schedule instance list operation result. +type RoleEligibilityScheduleInstanceListResult struct { + // The URL to use for getting the next set of results. + NextLink *string + + // Role eligibility schedule instance list. + Value []*RoleEligibilityScheduleInstance +} + +// RoleEligibilityScheduleInstanceProperties - Role eligibility schedule properties with scope. +type RoleEligibilityScheduleInstanceProperties struct { + // The conditions on the role assignment. This limits the resources it can be assigned to. e.g.: @Resource[Microsoft.Storage/storageAccounts/blobServices/containers:ContainerName] + // StringEqualsIgnoreCase + // 'foostoragecontainer' + Condition *string + + // Version of the condition. Currently accepted value is '2.0' + ConditionVersion *string + + // DateTime when role eligibility schedule was created + CreatedOn *time.Time + + // The endDateTime of the role eligibility schedule instance + EndDateTime *time.Time + + // Additional properties of principal, scope and role definition + ExpandedProperties *ExpandedProperties + + // Membership type of the role eligibility schedule + MemberType *MemberType + + // The principal ID. + PrincipalID *string + + // The principal type of the assigned principal ID. + PrincipalType *PrincipalType + + // The role definition ID. + RoleDefinitionID *string + + // Id of the master role eligibility schedule + RoleEligibilityScheduleID *string + + // The role eligibility schedule scope. + Scope *string + + // The startDateTime of the role eligibility schedule instance + StartDateTime *time.Time + + // The status of the role eligibility schedule instance + Status *Status +} + +// RoleEligibilityScheduleListResult - role eligibility schedule list operation result. +type RoleEligibilityScheduleListResult struct { + // The URL to use for getting the next set of results. + NextLink *string + + // role eligibility schedule list. + Value []*RoleEligibilitySchedule +} + +// RoleEligibilityScheduleProperties - Role eligibility schedule properties with scope. +type RoleEligibilityScheduleProperties struct { + // The conditions on the role assignment. This limits the resources it can be assigned to. e.g.: @Resource[Microsoft.Storage/storageAccounts/blobServices/containers:ContainerName] + // StringEqualsIgnoreCase + // 'foostoragecontainer' + Condition *string + + // Version of the condition. Currently accepted value is '2.0' + ConditionVersion *string + + // DateTime when role eligibility schedule was created + CreatedOn *time.Time + + // End DateTime when role eligibility schedule + EndDateTime *time.Time + + // Additional properties of principal, scope and role definition + ExpandedProperties *ExpandedProperties + + // Membership type of the role eligibility schedule + MemberType *MemberType + + // The principal ID. + PrincipalID *string + + // The principal type of the assigned principal ID. + PrincipalType *PrincipalType + + // The role definition ID. + RoleDefinitionID *string + + // The id of roleEligibilityScheduleRequest used to create this roleAssignmentSchedule + RoleEligibilityScheduleRequestID *string + + // The role eligibility schedule scope. + Scope *string + + // Start DateTime when role eligibility schedule + StartDateTime *time.Time + + // The status of the role eligibility schedule. + Status *Status + + // DateTime when role eligibility schedule was modified + UpdatedOn *time.Time +} + +// RoleEligibilityScheduleRequest - Role Eligibility schedule request +type RoleEligibilityScheduleRequest struct { + // Role eligibility schedule request properties. + Properties *RoleEligibilityScheduleRequestProperties + + // READ-ONLY; The role eligibility schedule request ID. + ID *string + + // READ-ONLY; The role eligibility schedule request name. + Name *string + + // READ-ONLY; The role eligibility schedule request type. + Type *string +} + +// RoleEligibilityScheduleRequestFilter - Role eligibility schedule request filter +type RoleEligibilityScheduleRequestFilter struct { + // Returns role eligibility requests of the specific principal. + PrincipalID *string + + // Returns role eligibility requests created by specific principal. + RequestorID *string + + // Returns role eligibility requests of the specific role definition. + RoleDefinitionID *string + + // Returns role eligibility requests of specific status. + Status *string +} + +// RoleEligibilityScheduleRequestListResult - Role eligibility schedule request list operation result. +type RoleEligibilityScheduleRequestListResult struct { + // The URL to use for getting the next set of results. + NextLink *string + + // Role eligibility schedule request list. + Value []*RoleEligibilityScheduleRequest +} + +// RoleEligibilityScheduleRequestProperties - Role eligibility schedule request properties with scope. +type RoleEligibilityScheduleRequestProperties struct { + // REQUIRED; The principal ID. + PrincipalID *string + + // REQUIRED; The type of the role assignment schedule request. Eg: SelfActivate, AdminAssign etc + RequestType *RequestType + + // REQUIRED; The role definition ID. + RoleDefinitionID *string + + // The conditions on the role assignment. This limits the resources it can be assigned to. e.g.: @Resource[Microsoft.Storage/storageAccounts/blobServices/containers:ContainerName] + // StringEqualsIgnoreCase + // 'foostoragecontainer' + Condition *string + + // Version of the condition. Currently accepted value is '2.0' + ConditionVersion *string + + // Justification for the role eligibility + Justification *string + + // Schedule info of the role eligibility schedule + ScheduleInfo *RoleEligibilityScheduleRequestPropertiesScheduleInfo + + // The resultant role eligibility schedule id or the role eligibility schedule id being updated + TargetRoleEligibilityScheduleID *string + + // The role eligibility schedule instance id being updated + TargetRoleEligibilityScheduleInstanceID *string + + // Ticket Info of the role eligibility + TicketInfo *RoleEligibilityScheduleRequestPropertiesTicketInfo + + // READ-ONLY; The approvalId of the role eligibility schedule request. + ApprovalID *string + + // READ-ONLY; DateTime when role eligibility schedule request was created + CreatedOn *time.Time + + // READ-ONLY; Additional properties of principal, scope and role definition + ExpandedProperties *ExpandedProperties + + // READ-ONLY; The principal type of the assigned principal ID. + PrincipalType *PrincipalType + + // READ-ONLY; Id of the user who created this request + RequestorID *string + + // READ-ONLY; The role eligibility schedule request scope. + Scope *string + + // READ-ONLY; The status of the role eligibility schedule request. + Status *Status +} + +// RoleEligibilityScheduleRequestPropertiesScheduleInfo - Schedule info of the role eligibility schedule +type RoleEligibilityScheduleRequestPropertiesScheduleInfo struct { + // Expiration of the role eligibility schedule + Expiration *RoleEligibilityScheduleRequestPropertiesScheduleInfoExpiration + + // Start DateTime of the role eligibility schedule. + StartDateTime *time.Time +} + +// RoleEligibilityScheduleRequestPropertiesScheduleInfoExpiration - Expiration of the role eligibility schedule +type RoleEligibilityScheduleRequestPropertiesScheduleInfoExpiration struct { + // Duration of the role eligibility schedule in TimeSpan. + Duration *string + + // End DateTime of the role eligibility schedule. + EndDateTime *time.Time + + // Type of the role eligibility schedule expiration + Type *Type +} + +// RoleEligibilityScheduleRequestPropertiesTicketInfo - Ticket Info of the role eligibility +type RoleEligibilityScheduleRequestPropertiesTicketInfo struct { + // Ticket number for the role eligibility + TicketNumber *string + + // Ticket system name for the role eligibility + TicketSystem *string +} + +// RoleManagementPolicy - Role management policy +type RoleManagementPolicy struct { + // Role management policy properties. + Properties *RoleManagementPolicyProperties + + // READ-ONLY; The role management policy Id. + ID *string + + // READ-ONLY; The role management policy name. + Name *string + + // READ-ONLY; The role management policy type. + Type *string +} + +// RoleManagementPolicyApprovalRule - The role management policy approval rule. +type RoleManagementPolicyApprovalRule struct { + // REQUIRED; The type of rule + RuleType *RoleManagementPolicyRuleType + + // The id of the rule. + ID *string + + // The approval setting + Setting *ApprovalSettings + + // The target of the current rule. + Target *RoleManagementPolicyRuleTarget +} + +// GetRoleManagementPolicyRule implements the RoleManagementPolicyRuleClassification interface for type RoleManagementPolicyApprovalRule. +func (r *RoleManagementPolicyApprovalRule) GetRoleManagementPolicyRule() *RoleManagementPolicyRule { + return &RoleManagementPolicyRule{ + ID: r.ID, + RuleType: r.RuleType, + Target: r.Target, + } +} + +// RoleManagementPolicyAssignment - Role management policy +type RoleManagementPolicyAssignment struct { + // Role management policy properties. + Properties *RoleManagementPolicyAssignmentProperties + + // READ-ONLY; The role management policy Id. + ID *string + + // READ-ONLY; The role management policy name. + Name *string + + // READ-ONLY; The role management policy type. + Type *string +} + +// RoleManagementPolicyAssignmentListResult - Role management policy assignment list operation result. +type RoleManagementPolicyAssignmentListResult struct { + // The URL to use for getting the next set of results. + NextLink *string + + // Role management policy assignment list. + Value []*RoleManagementPolicyAssignment +} + +// RoleManagementPolicyAssignmentProperties - Role management policy assignment properties with scope. +type RoleManagementPolicyAssignmentProperties struct { + // The policy id role management policy assignment. + PolicyID *string + + // The role definition of management policy assignment. + RoleDefinitionID *string + + // The role management policy scope. + Scope *string + + // READ-ONLY; Additional properties of scope, role definition and policy + PolicyAssignmentProperties *PolicyAssignmentProperties +} + +// RoleManagementPolicyAuthenticationContextRule - The role management policy authentication context rule. +type RoleManagementPolicyAuthenticationContextRule struct { + // REQUIRED; The type of rule + RuleType *RoleManagementPolicyRuleType + + // The claim value. + ClaimValue *string + + // The id of the rule. + ID *string + + // The value indicating if rule is enabled. + IsEnabled *bool + + // The target of the current rule. + Target *RoleManagementPolicyRuleTarget +} + +// GetRoleManagementPolicyRule implements the RoleManagementPolicyRuleClassification interface for type RoleManagementPolicyAuthenticationContextRule. +func (r *RoleManagementPolicyAuthenticationContextRule) GetRoleManagementPolicyRule() *RoleManagementPolicyRule { + return &RoleManagementPolicyRule{ + ID: r.ID, + RuleType: r.RuleType, + Target: r.Target, + } +} + +// RoleManagementPolicyEnablementRule - The role management policy enablement rule. +type RoleManagementPolicyEnablementRule struct { + // REQUIRED; The type of rule + RuleType *RoleManagementPolicyRuleType + + // The list of enabled rules. + EnabledRules []*EnablementRules + + // The id of the rule. + ID *string + + // The target of the current rule. + Target *RoleManagementPolicyRuleTarget +} + +// GetRoleManagementPolicyRule implements the RoleManagementPolicyRuleClassification interface for type RoleManagementPolicyEnablementRule. +func (r *RoleManagementPolicyEnablementRule) GetRoleManagementPolicyRule() *RoleManagementPolicyRule { + return &RoleManagementPolicyRule{ + ID: r.ID, + RuleType: r.RuleType, + Target: r.Target, + } +} + +// RoleManagementPolicyExpirationRule - The role management policy expiration rule. +type RoleManagementPolicyExpirationRule struct { + // REQUIRED; The type of rule + RuleType *RoleManagementPolicyRuleType + + // The id of the rule. + ID *string + + // The value indicating whether expiration is required. + IsExpirationRequired *bool + + // The maximum duration of expiration in timespan. + MaximumDuration *string + + // The target of the current rule. + Target *RoleManagementPolicyRuleTarget +} + +// GetRoleManagementPolicyRule implements the RoleManagementPolicyRuleClassification interface for type RoleManagementPolicyExpirationRule. +func (r *RoleManagementPolicyExpirationRule) GetRoleManagementPolicyRule() *RoleManagementPolicyRule { + return &RoleManagementPolicyRule{ + ID: r.ID, + RuleType: r.RuleType, + Target: r.Target, + } +} + +// RoleManagementPolicyListResult - Role management policy list operation result. +type RoleManagementPolicyListResult struct { + // The URL to use for getting the next set of results. + NextLink *string + + // Role management policy list. + Value []*RoleManagementPolicy +} + +// RoleManagementPolicyNotificationRule - The role management policy notification rule. +type RoleManagementPolicyNotificationRule struct { + // REQUIRED; The type of rule + RuleType *RoleManagementPolicyRuleType + + // The id of the rule. + ID *string + + // Determines if the notification will be sent to the recipient type specified in the policy rule. + IsDefaultRecipientsEnabled *bool + + // The notification level. + NotificationLevel *NotificationLevel + + // The list of notification recipients. + NotificationRecipients []*string + + // The type of notification. + NotificationType *NotificationDeliveryMechanism + + // The recipient type. + RecipientType *RecipientType + + // The target of the current rule. + Target *RoleManagementPolicyRuleTarget +} + +// GetRoleManagementPolicyRule implements the RoleManagementPolicyRuleClassification interface for type RoleManagementPolicyNotificationRule. +func (r *RoleManagementPolicyNotificationRule) GetRoleManagementPolicyRule() *RoleManagementPolicyRule { + return &RoleManagementPolicyRule{ + ID: r.ID, + RuleType: r.RuleType, + Target: r.Target, + } +} + +// RoleManagementPolicyProperties - Role management policy properties with scope. +type RoleManagementPolicyProperties struct { + // The role management policy description. + Description *string + + // The role management policy display name. + DisplayName *string + + // The role management policy is default policy. + IsOrganizationDefault *bool + + // The rule applied to the policy. + Rules []RoleManagementPolicyRuleClassification + + // The role management policy scope. + Scope *string + + // READ-ONLY; The readonly computed rule applied to the policy. + EffectiveRules []RoleManagementPolicyRuleClassification + + // READ-ONLY; The name of the entity last modified it + LastModifiedBy *Principal + + // READ-ONLY; The last modified date time. + LastModifiedDateTime *time.Time + + // READ-ONLY; Additional properties of scope + PolicyProperties *PolicyProperties +} + +// RoleManagementPolicyRule - The role management policy rule. +type RoleManagementPolicyRule struct { + // REQUIRED; The type of rule + RuleType *RoleManagementPolicyRuleType + + // The id of the rule. + ID *string + + // The target of the current rule. + Target *RoleManagementPolicyRuleTarget +} + +// GetRoleManagementPolicyRule implements the RoleManagementPolicyRuleClassification interface for type RoleManagementPolicyRule. +func (r *RoleManagementPolicyRule) GetRoleManagementPolicyRule() *RoleManagementPolicyRule { return r } + +// RoleManagementPolicyRuleTarget - The role management policy rule target. +type RoleManagementPolicyRuleTarget struct { + // The caller of the setting. + Caller *string + + // The list of enforced settings. + EnforcedSettings []*string + + // The list of inheritable settings. + InheritableSettings []*string + + // The assignment level to which rule is applied. + Level *string + + // The type of operation. + Operations []*string + + // The list of target objects. + TargetObjects []*string +} + +// TooManyOwnersAssignedToResourceAlertConfigurationProperties - Too many owners assigned to resource alert configuration +// properties. +type TooManyOwnersAssignedToResourceAlertConfigurationProperties struct { + // REQUIRED; The alert configuration type. + AlertConfigurationType *string + + // True if the alert is enabled, false will disable the scanning for the specific alert. + IsEnabled *bool + + // The threshold number of owners. + ThresholdNumberOfOwners *int32 + + // The threshold percentage of owners out of all role members. + ThresholdPercentageOfOwnersOutOfAllRoleMembers *int32 + + // READ-ONLY; The alert definition. + AlertDefinition *AlertDefinition + + // READ-ONLY; The alert definition ID. + AlertDefinitionID *string + + // READ-ONLY; The alert scope. + Scope *string +} + +// GetAlertConfigurationProperties implements the AlertConfigurationPropertiesClassification interface for type TooManyOwnersAssignedToResourceAlertConfigurationProperties. +func (t *TooManyOwnersAssignedToResourceAlertConfigurationProperties) GetAlertConfigurationProperties() *AlertConfigurationProperties { + return &AlertConfigurationProperties{ + AlertConfigurationType: t.AlertConfigurationType, + AlertDefinition: t.AlertDefinition, + AlertDefinitionID: t.AlertDefinitionID, + IsEnabled: t.IsEnabled, + Scope: t.Scope, + } +} + +// TooManyOwnersAssignedToResourceAlertIncidentProperties - Too many owners assigned to resource alert incident properties. +type TooManyOwnersAssignedToResourceAlertIncidentProperties struct { + // REQUIRED; The alert incident type. + AlertIncidentType *string + + // READ-ONLY; The assignee name. + AssigneeName *string + + // READ-ONLY; The assignee type. + AssigneeType *string +} + +// GetAlertIncidentProperties implements the AlertIncidentPropertiesClassification interface for type TooManyOwnersAssignedToResourceAlertIncidentProperties. +func (t *TooManyOwnersAssignedToResourceAlertIncidentProperties) GetAlertIncidentProperties() *AlertIncidentProperties { + return &AlertIncidentProperties{ + AlertIncidentType: t.AlertIncidentType, + } +} + +// TooManyPermanentOwnersAssignedToResourceAlertConfigurationProperties - Too many permanent owners assigned to resource alert +// configuration properties. +type TooManyPermanentOwnersAssignedToResourceAlertConfigurationProperties struct { + // REQUIRED; The alert configuration type. + AlertConfigurationType *string + + // True if the alert is enabled, false will disable the scanning for the specific alert. + IsEnabled *bool + + // The threshold number of permanent owners. + ThresholdNumberOfPermanentOwners *int32 + + // The threshold percentage of permanent owners out of all owners. + ThresholdPercentageOfPermanentOwnersOutOfAllOwners *int32 + + // READ-ONLY; The alert definition. + AlertDefinition *AlertDefinition + + // READ-ONLY; The alert definition ID. + AlertDefinitionID *string + + // READ-ONLY; The alert scope. + Scope *string +} + +// GetAlertConfigurationProperties implements the AlertConfigurationPropertiesClassification interface for type TooManyPermanentOwnersAssignedToResourceAlertConfigurationProperties. +func (t *TooManyPermanentOwnersAssignedToResourceAlertConfigurationProperties) GetAlertConfigurationProperties() *AlertConfigurationProperties { + return &AlertConfigurationProperties{ + AlertConfigurationType: t.AlertConfigurationType, + AlertDefinition: t.AlertDefinition, + AlertDefinitionID: t.AlertDefinitionID, + IsEnabled: t.IsEnabled, + Scope: t.Scope, + } +} + +// TooManyPermanentOwnersAssignedToResourceAlertIncidentProperties - Too many permanent owners assigned to resource alert +// incident properties. +type TooManyPermanentOwnersAssignedToResourceAlertIncidentProperties struct { + // REQUIRED; The alert incident type. + AlertIncidentType *string + + // READ-ONLY; The assignee name. + AssigneeName *string + + // READ-ONLY; The assignee type. + AssigneeType *string +} + +// GetAlertIncidentProperties implements the AlertIncidentPropertiesClassification interface for type TooManyPermanentOwnersAssignedToResourceAlertIncidentProperties. +func (t *TooManyPermanentOwnersAssignedToResourceAlertIncidentProperties) GetAlertIncidentProperties() *AlertIncidentProperties { + return &AlertIncidentProperties{ + AlertIncidentType: t.AlertIncidentType, + } +} + +// UserSet - The detail of a user. +type UserSet struct { + // The description of the user. + Description *string + + // The object id of the user. + ID *string + + // The value indicating whether the user is a backup fallback approver + IsBackup *bool + + // The type of user. + UserType *UserType +} + +// ValidationResponse - Validation response +type ValidationResponse struct { + // Failed validation result details + ErrorInfo *ValidationResponseErrorInfo + + // READ-ONLY; Whether or not validation succeeded + IsValid *bool +} + +// ValidationResponseErrorInfo - Failed validation result details +type ValidationResponseErrorInfo struct { + // READ-ONLY; Error code indicating why validation failed + Code *string + + // READ-ONLY; Message indicating why validation failed + Message *string +} diff --git a/vendor/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3/models_serde.go b/vendor/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3/models_serde.go new file mode 100644 index 00000000000..2dabcd6dc21 --- /dev/null +++ b/vendor/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3/models_serde.go @@ -0,0 +1,6097 @@ +//go:build go1.18 +// +build go1.18 + +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package armauthorization + +import ( + "encoding/json" + "fmt" + "github.com/Azure/azure-sdk-for-go/sdk/azcore" + "reflect" +) + +// MarshalJSON implements the json.Marshaller interface for type AccessReviewActorIdentity. +func (a AccessReviewActorIdentity) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "principalId", a.PrincipalID) + populate(objectMap, "principalName", a.PrincipalName) + populate(objectMap, "principalType", a.PrincipalType) + populate(objectMap, "userPrincipalName", a.UserPrincipalName) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type AccessReviewActorIdentity. +func (a *AccessReviewActorIdentity) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", a, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "principalId": + err = unpopulate(val, "PrincipalID", &a.PrincipalID) + delete(rawMsg, key) + case "principalName": + err = unpopulate(val, "PrincipalName", &a.PrincipalName) + delete(rawMsg, key) + case "principalType": + err = unpopulate(val, "PrincipalType", &a.PrincipalType) + delete(rawMsg, key) + case "userPrincipalName": + err = unpopulate(val, "UserPrincipalName", &a.UserPrincipalName) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", a, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type AccessReviewContactedReviewer. +func (a AccessReviewContactedReviewer) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "id", a.ID) + populate(objectMap, "name", a.Name) + populate(objectMap, "properties", a.Properties) + populate(objectMap, "type", a.Type) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type AccessReviewContactedReviewer. +func (a *AccessReviewContactedReviewer) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", a, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "id": + err = unpopulate(val, "ID", &a.ID) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &a.Name) + delete(rawMsg, key) + case "properties": + err = unpopulate(val, "Properties", &a.Properties) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &a.Type) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", a, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type AccessReviewContactedReviewerListResult. +func (a AccessReviewContactedReviewerListResult) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "nextLink", a.NextLink) + populate(objectMap, "value", a.Value) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type AccessReviewContactedReviewerListResult. +func (a *AccessReviewContactedReviewerListResult) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", a, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "nextLink": + err = unpopulate(val, "NextLink", &a.NextLink) + delete(rawMsg, key) + case "value": + err = unpopulate(val, "Value", &a.Value) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", a, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type AccessReviewContactedReviewerProperties. +func (a AccessReviewContactedReviewerProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populateDateTimeRFC3339(objectMap, "createdDateTime", a.CreatedDateTime) + populate(objectMap, "userDisplayName", a.UserDisplayName) + populate(objectMap, "userPrincipalName", a.UserPrincipalName) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type AccessReviewContactedReviewerProperties. +func (a *AccessReviewContactedReviewerProperties) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", a, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "createdDateTime": + err = unpopulateDateTimeRFC3339(val, "CreatedDateTime", &a.CreatedDateTime) + delete(rawMsg, key) + case "userDisplayName": + err = unpopulate(val, "UserDisplayName", &a.UserDisplayName) + delete(rawMsg, key) + case "userPrincipalName": + err = unpopulate(val, "UserPrincipalName", &a.UserPrincipalName) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", a, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type AccessReviewDecision. +func (a AccessReviewDecision) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "id", a.ID) + populate(objectMap, "name", a.Name) + populate(objectMap, "properties", a.Properties) + populate(objectMap, "type", a.Type) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type AccessReviewDecision. +func (a *AccessReviewDecision) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", a, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "id": + err = unpopulate(val, "ID", &a.ID) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &a.Name) + delete(rawMsg, key) + case "properties": + err = unpopulate(val, "Properties", &a.Properties) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &a.Type) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", a, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type AccessReviewDecisionIdentity. +func (a AccessReviewDecisionIdentity) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "displayName", a.DisplayName) + populate(objectMap, "id", a.ID) + objectMap["type"] = a.Type + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type AccessReviewDecisionIdentity. +func (a *AccessReviewDecisionIdentity) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", a, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "displayName": + err = unpopulate(val, "DisplayName", &a.DisplayName) + delete(rawMsg, key) + case "id": + err = unpopulate(val, "ID", &a.ID) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &a.Type) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", a, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type AccessReviewDecisionInsight. +func (a AccessReviewDecisionInsight) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "id", a.ID) + populate(objectMap, "name", a.Name) + populate(objectMap, "properties", a.Properties) + populate(objectMap, "type", a.Type) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type AccessReviewDecisionInsight. +func (a *AccessReviewDecisionInsight) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", a, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "id": + err = unpopulate(val, "ID", &a.ID) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &a.Name) + delete(rawMsg, key) + case "properties": + a.Properties, err = unmarshalAccessReviewDecisionInsightPropertiesClassification(val) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &a.Type) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", a, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type AccessReviewDecisionInsightProperties. +func (a AccessReviewDecisionInsightProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populateAny(objectMap, "insightCreatedDateTime", a.InsightCreatedDateTime) + objectMap["type"] = a.Type + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type AccessReviewDecisionInsightProperties. +func (a *AccessReviewDecisionInsightProperties) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", a, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "insightCreatedDateTime": + err = unpopulate(val, "InsightCreatedDateTime", &a.InsightCreatedDateTime) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &a.Type) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", a, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type AccessReviewDecisionListResult. +func (a AccessReviewDecisionListResult) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "nextLink", a.NextLink) + populate(objectMap, "value", a.Value) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type AccessReviewDecisionListResult. +func (a *AccessReviewDecisionListResult) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", a, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "nextLink": + err = unpopulate(val, "NextLink", &a.NextLink) + delete(rawMsg, key) + case "value": + err = unpopulate(val, "Value", &a.Value) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", a, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type AccessReviewDecisionPrincipalResourceMembership. +func (a AccessReviewDecisionPrincipalResourceMembership) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "membershipTypes", a.MembershipTypes) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type AccessReviewDecisionPrincipalResourceMembership. +func (a *AccessReviewDecisionPrincipalResourceMembership) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", a, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "membershipTypes": + err = unpopulate(val, "MembershipTypes", &a.MembershipTypes) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", a, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type AccessReviewDecisionProperties. +func (a AccessReviewDecisionProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "appliedBy", a.AppliedBy) + populateDateTimeRFC3339(objectMap, "appliedDateTime", a.AppliedDateTime) + populate(objectMap, "applyResult", a.ApplyResult) + populate(objectMap, "decision", a.Decision) + populate(objectMap, "insights", a.Insights) + populate(objectMap, "justification", a.Justification) + populate(objectMap, "principal", a.Principal) + populate(objectMap, "principalResourceMembership", a.PrincipalResourceMembership) + populate(objectMap, "recommendation", a.Recommendation) + populate(objectMap, "resource", a.Resource) + populate(objectMap, "reviewedBy", a.ReviewedBy) + populateDateTimeRFC3339(objectMap, "reviewedDateTime", a.ReviewedDateTime) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type AccessReviewDecisionProperties. +func (a *AccessReviewDecisionProperties) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", a, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "appliedBy": + err = unpopulate(val, "AppliedBy", &a.AppliedBy) + delete(rawMsg, key) + case "appliedDateTime": + err = unpopulateDateTimeRFC3339(val, "AppliedDateTime", &a.AppliedDateTime) + delete(rawMsg, key) + case "applyResult": + err = unpopulate(val, "ApplyResult", &a.ApplyResult) + delete(rawMsg, key) + case "decision": + err = unpopulate(val, "Decision", &a.Decision) + delete(rawMsg, key) + case "insights": + err = unpopulate(val, "Insights", &a.Insights) + delete(rawMsg, key) + case "justification": + err = unpopulate(val, "Justification", &a.Justification) + delete(rawMsg, key) + case "principal": + a.Principal, err = unmarshalAccessReviewDecisionIdentityClassification(val) + delete(rawMsg, key) + case "principalResourceMembership": + err = unpopulate(val, "PrincipalResourceMembership", &a.PrincipalResourceMembership) + delete(rawMsg, key) + case "recommendation": + err = unpopulate(val, "Recommendation", &a.Recommendation) + delete(rawMsg, key) + case "resource": + err = unpopulate(val, "Resource", &a.Resource) + delete(rawMsg, key) + case "reviewedBy": + err = unpopulate(val, "ReviewedBy", &a.ReviewedBy) + delete(rawMsg, key) + case "reviewedDateTime": + err = unpopulateDateTimeRFC3339(val, "ReviewedDateTime", &a.ReviewedDateTime) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", a, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type AccessReviewDecisionResource. +func (a AccessReviewDecisionResource) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "displayName", a.DisplayName) + populate(objectMap, "id", a.ID) + populate(objectMap, "type", a.Type) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type AccessReviewDecisionResource. +func (a *AccessReviewDecisionResource) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", a, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "displayName": + err = unpopulate(val, "DisplayName", &a.DisplayName) + delete(rawMsg, key) + case "id": + err = unpopulate(val, "ID", &a.ID) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &a.Type) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", a, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type AccessReviewDecisionServicePrincipalIdentity. +func (a AccessReviewDecisionServicePrincipalIdentity) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "appId", a.AppID) + populate(objectMap, "displayName", a.DisplayName) + populate(objectMap, "id", a.ID) + objectMap["type"] = DecisionTargetTypeServicePrincipal + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type AccessReviewDecisionServicePrincipalIdentity. +func (a *AccessReviewDecisionServicePrincipalIdentity) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", a, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "appId": + err = unpopulate(val, "AppID", &a.AppID) + delete(rawMsg, key) + case "displayName": + err = unpopulate(val, "DisplayName", &a.DisplayName) + delete(rawMsg, key) + case "id": + err = unpopulate(val, "ID", &a.ID) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &a.Type) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", a, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type AccessReviewDecisionUserIdentity. +func (a AccessReviewDecisionUserIdentity) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "displayName", a.DisplayName) + populate(objectMap, "id", a.ID) + objectMap["type"] = DecisionTargetTypeUser + populate(objectMap, "userPrincipalName", a.UserPrincipalName) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type AccessReviewDecisionUserIdentity. +func (a *AccessReviewDecisionUserIdentity) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", a, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "displayName": + err = unpopulate(val, "DisplayName", &a.DisplayName) + delete(rawMsg, key) + case "id": + err = unpopulate(val, "ID", &a.ID) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &a.Type) + delete(rawMsg, key) + case "userPrincipalName": + err = unpopulate(val, "UserPrincipalName", &a.UserPrincipalName) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", a, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type AccessReviewDecisionUserSignInInsightProperties. +func (a AccessReviewDecisionUserSignInInsightProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populateAny(objectMap, "insightCreatedDateTime", a.InsightCreatedDateTime) + populateAny(objectMap, "lastSignInDateTime", a.LastSignInDateTime) + objectMap["type"] = AccessReviewDecisionInsightTypeUserSignInInsight + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type AccessReviewDecisionUserSignInInsightProperties. +func (a *AccessReviewDecisionUserSignInInsightProperties) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", a, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "insightCreatedDateTime": + err = unpopulate(val, "InsightCreatedDateTime", &a.InsightCreatedDateTime) + delete(rawMsg, key) + case "lastSignInDateTime": + err = unpopulate(val, "LastSignInDateTime", &a.LastSignInDateTime) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &a.Type) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", a, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type AccessReviewDefaultSettings. +func (a AccessReviewDefaultSettings) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "id", a.ID) + populate(objectMap, "name", a.Name) + populate(objectMap, "properties", a.Properties) + populate(objectMap, "type", a.Type) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type AccessReviewDefaultSettings. +func (a *AccessReviewDefaultSettings) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", a, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "id": + err = unpopulate(val, "ID", &a.ID) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &a.Name) + delete(rawMsg, key) + case "properties": + err = unpopulate(val, "Properties", &a.Properties) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &a.Type) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", a, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type AccessReviewHistoryDefinition. +func (a AccessReviewHistoryDefinition) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "id", a.ID) + populate(objectMap, "name", a.Name) + populate(objectMap, "properties", a.Properties) + populate(objectMap, "type", a.Type) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type AccessReviewHistoryDefinition. +func (a *AccessReviewHistoryDefinition) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", a, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "id": + err = unpopulate(val, "ID", &a.ID) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &a.Name) + delete(rawMsg, key) + case "properties": + err = unpopulate(val, "Properties", &a.Properties) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &a.Type) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", a, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type AccessReviewHistoryDefinitionInstanceListResult. +func (a AccessReviewHistoryDefinitionInstanceListResult) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "nextLink", a.NextLink) + populate(objectMap, "value", a.Value) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type AccessReviewHistoryDefinitionInstanceListResult. +func (a *AccessReviewHistoryDefinitionInstanceListResult) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", a, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "nextLink": + err = unpopulate(val, "NextLink", &a.NextLink) + delete(rawMsg, key) + case "value": + err = unpopulate(val, "Value", &a.Value) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", a, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type AccessReviewHistoryDefinitionListResult. +func (a AccessReviewHistoryDefinitionListResult) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "nextLink", a.NextLink) + populate(objectMap, "value", a.Value) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type AccessReviewHistoryDefinitionListResult. +func (a *AccessReviewHistoryDefinitionListResult) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", a, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "nextLink": + err = unpopulate(val, "NextLink", &a.NextLink) + delete(rawMsg, key) + case "value": + err = unpopulate(val, "Value", &a.Value) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", a, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type AccessReviewHistoryDefinitionProperties. +func (a AccessReviewHistoryDefinitionProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "createdBy", a.CreatedBy) + populateDateTimeRFC3339(objectMap, "createdDateTime", a.CreatedDateTime) + populate(objectMap, "decisions", a.Decisions) + populate(objectMap, "displayName", a.DisplayName) + populate(objectMap, "instances", a.Instances) + populateDateTimeRFC3339(objectMap, "reviewHistoryPeriodEndDateTime", a.ReviewHistoryPeriodEndDateTime) + populateDateTimeRFC3339(objectMap, "reviewHistoryPeriodStartDateTime", a.ReviewHistoryPeriodStartDateTime) + populate(objectMap, "scopes", a.Scopes) + populate(objectMap, "settings", a.Settings) + populate(objectMap, "status", a.Status) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type AccessReviewHistoryDefinitionProperties. +func (a *AccessReviewHistoryDefinitionProperties) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", a, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "createdBy": + err = unpopulate(val, "CreatedBy", &a.CreatedBy) + delete(rawMsg, key) + case "createdDateTime": + err = unpopulateDateTimeRFC3339(val, "CreatedDateTime", &a.CreatedDateTime) + delete(rawMsg, key) + case "decisions": + err = unpopulate(val, "Decisions", &a.Decisions) + delete(rawMsg, key) + case "displayName": + err = unpopulate(val, "DisplayName", &a.DisplayName) + delete(rawMsg, key) + case "instances": + err = unpopulate(val, "Instances", &a.Instances) + delete(rawMsg, key) + case "reviewHistoryPeriodEndDateTime": + err = unpopulateDateTimeRFC3339(val, "ReviewHistoryPeriodEndDateTime", &a.ReviewHistoryPeriodEndDateTime) + delete(rawMsg, key) + case "reviewHistoryPeriodStartDateTime": + err = unpopulateDateTimeRFC3339(val, "ReviewHistoryPeriodStartDateTime", &a.ReviewHistoryPeriodStartDateTime) + delete(rawMsg, key) + case "scopes": + err = unpopulate(val, "Scopes", &a.Scopes) + delete(rawMsg, key) + case "settings": + err = unpopulate(val, "Settings", &a.Settings) + delete(rawMsg, key) + case "status": + err = unpopulate(val, "Status", &a.Status) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", a, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type AccessReviewHistoryInstance. +func (a AccessReviewHistoryInstance) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "id", a.ID) + populate(objectMap, "name", a.Name) + populate(objectMap, "properties", a.Properties) + populate(objectMap, "type", a.Type) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type AccessReviewHistoryInstance. +func (a *AccessReviewHistoryInstance) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", a, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "id": + err = unpopulate(val, "ID", &a.ID) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &a.Name) + delete(rawMsg, key) + case "properties": + err = unpopulate(val, "Properties", &a.Properties) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &a.Type) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", a, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type AccessReviewHistoryInstanceProperties. +func (a AccessReviewHistoryInstanceProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "displayName", a.DisplayName) + populate(objectMap, "downloadUri", a.DownloadURI) + populateDateTimeRFC3339(objectMap, "expiration", a.Expiration) + populateDateTimeRFC3339(objectMap, "fulfilledDateTime", a.FulfilledDateTime) + populateDateTimeRFC3339(objectMap, "reviewHistoryPeriodEndDateTime", a.ReviewHistoryPeriodEndDateTime) + populateDateTimeRFC3339(objectMap, "reviewHistoryPeriodStartDateTime", a.ReviewHistoryPeriodStartDateTime) + populateDateTimeRFC3339(objectMap, "runDateTime", a.RunDateTime) + populate(objectMap, "status", a.Status) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type AccessReviewHistoryInstanceProperties. +func (a *AccessReviewHistoryInstanceProperties) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", a, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "displayName": + err = unpopulate(val, "DisplayName", &a.DisplayName) + delete(rawMsg, key) + case "downloadUri": + err = unpopulate(val, "DownloadURI", &a.DownloadURI) + delete(rawMsg, key) + case "expiration": + err = unpopulateDateTimeRFC3339(val, "Expiration", &a.Expiration) + delete(rawMsg, key) + case "fulfilledDateTime": + err = unpopulateDateTimeRFC3339(val, "FulfilledDateTime", &a.FulfilledDateTime) + delete(rawMsg, key) + case "reviewHistoryPeriodEndDateTime": + err = unpopulateDateTimeRFC3339(val, "ReviewHistoryPeriodEndDateTime", &a.ReviewHistoryPeriodEndDateTime) + delete(rawMsg, key) + case "reviewHistoryPeriodStartDateTime": + err = unpopulateDateTimeRFC3339(val, "ReviewHistoryPeriodStartDateTime", &a.ReviewHistoryPeriodStartDateTime) + delete(rawMsg, key) + case "runDateTime": + err = unpopulateDateTimeRFC3339(val, "RunDateTime", &a.RunDateTime) + delete(rawMsg, key) + case "status": + err = unpopulate(val, "Status", &a.Status) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", a, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type AccessReviewHistoryScheduleSettings. +func (a AccessReviewHistoryScheduleSettings) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "pattern", a.Pattern) + populate(objectMap, "range", a.Range) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type AccessReviewHistoryScheduleSettings. +func (a *AccessReviewHistoryScheduleSettings) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", a, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "pattern": + err = unpopulate(val, "Pattern", &a.Pattern) + delete(rawMsg, key) + case "range": + err = unpopulate(val, "Range", &a.Range) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", a, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type AccessReviewInstance. +func (a AccessReviewInstance) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "id", a.ID) + populate(objectMap, "name", a.Name) + populate(objectMap, "properties", a.Properties) + populate(objectMap, "type", a.Type) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type AccessReviewInstance. +func (a *AccessReviewInstance) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", a, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "id": + err = unpopulate(val, "ID", &a.ID) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &a.Name) + delete(rawMsg, key) + case "properties": + err = unpopulate(val, "Properties", &a.Properties) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &a.Type) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", a, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type AccessReviewInstanceListResult. +func (a AccessReviewInstanceListResult) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "nextLink", a.NextLink) + populate(objectMap, "value", a.Value) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type AccessReviewInstanceListResult. +func (a *AccessReviewInstanceListResult) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", a, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "nextLink": + err = unpopulate(val, "NextLink", &a.NextLink) + delete(rawMsg, key) + case "value": + err = unpopulate(val, "Value", &a.Value) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", a, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type AccessReviewInstanceProperties. +func (a AccessReviewInstanceProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "backupReviewers", a.BackupReviewers) + populateDateTimeRFC3339(objectMap, "endDateTime", a.EndDateTime) + populate(objectMap, "reviewers", a.Reviewers) + populate(objectMap, "reviewersType", a.ReviewersType) + populateDateTimeRFC3339(objectMap, "startDateTime", a.StartDateTime) + populate(objectMap, "status", a.Status) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type AccessReviewInstanceProperties. +func (a *AccessReviewInstanceProperties) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", a, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "backupReviewers": + err = unpopulate(val, "BackupReviewers", &a.BackupReviewers) + delete(rawMsg, key) + case "endDateTime": + err = unpopulateDateTimeRFC3339(val, "EndDateTime", &a.EndDateTime) + delete(rawMsg, key) + case "reviewers": + err = unpopulate(val, "Reviewers", &a.Reviewers) + delete(rawMsg, key) + case "reviewersType": + err = unpopulate(val, "ReviewersType", &a.ReviewersType) + delete(rawMsg, key) + case "startDateTime": + err = unpopulateDateTimeRFC3339(val, "StartDateTime", &a.StartDateTime) + delete(rawMsg, key) + case "status": + err = unpopulate(val, "Status", &a.Status) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", a, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type AccessReviewRecurrencePattern. +func (a AccessReviewRecurrencePattern) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "interval", a.Interval) + populate(objectMap, "type", a.Type) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type AccessReviewRecurrencePattern. +func (a *AccessReviewRecurrencePattern) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", a, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "interval": + err = unpopulate(val, "Interval", &a.Interval) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &a.Type) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", a, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type AccessReviewRecurrenceRange. +func (a AccessReviewRecurrenceRange) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populateDateTimeRFC3339(objectMap, "endDate", a.EndDate) + populate(objectMap, "numberOfOccurrences", a.NumberOfOccurrences) + populateDateTimeRFC3339(objectMap, "startDate", a.StartDate) + populate(objectMap, "type", a.Type) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type AccessReviewRecurrenceRange. +func (a *AccessReviewRecurrenceRange) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", a, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "endDate": + err = unpopulateDateTimeRFC3339(val, "EndDate", &a.EndDate) + delete(rawMsg, key) + case "numberOfOccurrences": + err = unpopulate(val, "NumberOfOccurrences", &a.NumberOfOccurrences) + delete(rawMsg, key) + case "startDate": + err = unpopulateDateTimeRFC3339(val, "StartDate", &a.StartDate) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &a.Type) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", a, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type AccessReviewRecurrenceSettings. +func (a AccessReviewRecurrenceSettings) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "pattern", a.Pattern) + populate(objectMap, "range", a.Range) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type AccessReviewRecurrenceSettings. +func (a *AccessReviewRecurrenceSettings) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", a, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "pattern": + err = unpopulate(val, "Pattern", &a.Pattern) + delete(rawMsg, key) + case "range": + err = unpopulate(val, "Range", &a.Range) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", a, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type AccessReviewReviewer. +func (a AccessReviewReviewer) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "principalId", a.PrincipalID) + populate(objectMap, "principalType", a.PrincipalType) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type AccessReviewReviewer. +func (a *AccessReviewReviewer) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", a, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "principalId": + err = unpopulate(val, "PrincipalID", &a.PrincipalID) + delete(rawMsg, key) + case "principalType": + err = unpopulate(val, "PrincipalType", &a.PrincipalType) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", a, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type AccessReviewScheduleDefinition. +func (a AccessReviewScheduleDefinition) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "id", a.ID) + populate(objectMap, "name", a.Name) + populate(objectMap, "properties", a.Properties) + populate(objectMap, "type", a.Type) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type AccessReviewScheduleDefinition. +func (a *AccessReviewScheduleDefinition) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", a, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "id": + err = unpopulate(val, "ID", &a.ID) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &a.Name) + delete(rawMsg, key) + case "properties": + err = unpopulate(val, "Properties", &a.Properties) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &a.Type) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", a, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type AccessReviewScheduleDefinitionListResult. +func (a AccessReviewScheduleDefinitionListResult) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "nextLink", a.NextLink) + populate(objectMap, "value", a.Value) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type AccessReviewScheduleDefinitionListResult. +func (a *AccessReviewScheduleDefinitionListResult) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", a, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "nextLink": + err = unpopulate(val, "NextLink", &a.NextLink) + delete(rawMsg, key) + case "value": + err = unpopulate(val, "Value", &a.Value) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", a, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type AccessReviewScheduleDefinitionProperties. +func (a AccessReviewScheduleDefinitionProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "backupReviewers", a.BackupReviewers) + populate(objectMap, "createdBy", a.CreatedBy) + populate(objectMap, "descriptionForAdmins", a.DescriptionForAdmins) + populate(objectMap, "descriptionForReviewers", a.DescriptionForReviewers) + populate(objectMap, "displayName", a.DisplayName) + populate(objectMap, "instances", a.Instances) + populate(objectMap, "reviewers", a.Reviewers) + populate(objectMap, "reviewersType", a.ReviewersType) + populate(objectMap, "scope", a.Scope) + populate(objectMap, "settings", a.Settings) + populate(objectMap, "status", a.Status) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type AccessReviewScheduleDefinitionProperties. +func (a *AccessReviewScheduleDefinitionProperties) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", a, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "backupReviewers": + err = unpopulate(val, "BackupReviewers", &a.BackupReviewers) + delete(rawMsg, key) + case "createdBy": + err = unpopulate(val, "CreatedBy", &a.CreatedBy) + delete(rawMsg, key) + case "descriptionForAdmins": + err = unpopulate(val, "DescriptionForAdmins", &a.DescriptionForAdmins) + delete(rawMsg, key) + case "descriptionForReviewers": + err = unpopulate(val, "DescriptionForReviewers", &a.DescriptionForReviewers) + delete(rawMsg, key) + case "displayName": + err = unpopulate(val, "DisplayName", &a.DisplayName) + delete(rawMsg, key) + case "instances": + err = unpopulate(val, "Instances", &a.Instances) + delete(rawMsg, key) + case "reviewers": + err = unpopulate(val, "Reviewers", &a.Reviewers) + delete(rawMsg, key) + case "reviewersType": + err = unpopulate(val, "ReviewersType", &a.ReviewersType) + delete(rawMsg, key) + case "scope": + err = unpopulate(val, "Scope", &a.Scope) + delete(rawMsg, key) + case "settings": + err = unpopulate(val, "Settings", &a.Settings) + delete(rawMsg, key) + case "status": + err = unpopulate(val, "Status", &a.Status) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", a, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type AccessReviewScheduleSettings. +func (a AccessReviewScheduleSettings) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "autoApplyDecisionsEnabled", a.AutoApplyDecisionsEnabled) + populate(objectMap, "defaultDecision", a.DefaultDecision) + populate(objectMap, "defaultDecisionEnabled", a.DefaultDecisionEnabled) + populate(objectMap, "instanceDurationInDays", a.InstanceDurationInDays) + populate(objectMap, "justificationRequiredOnApproval", a.JustificationRequiredOnApproval) + populate(objectMap, "mailNotificationsEnabled", a.MailNotificationsEnabled) + populate(objectMap, "recommendationLookBackDuration", a.RecommendationLookBackDuration) + populate(objectMap, "recommendationsEnabled", a.RecommendationsEnabled) + populate(objectMap, "recurrence", a.Recurrence) + populate(objectMap, "reminderNotificationsEnabled", a.ReminderNotificationsEnabled) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type AccessReviewScheduleSettings. +func (a *AccessReviewScheduleSettings) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", a, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "autoApplyDecisionsEnabled": + err = unpopulate(val, "AutoApplyDecisionsEnabled", &a.AutoApplyDecisionsEnabled) + delete(rawMsg, key) + case "defaultDecision": + err = unpopulate(val, "DefaultDecision", &a.DefaultDecision) + delete(rawMsg, key) + case "defaultDecisionEnabled": + err = unpopulate(val, "DefaultDecisionEnabled", &a.DefaultDecisionEnabled) + delete(rawMsg, key) + case "instanceDurationInDays": + err = unpopulate(val, "InstanceDurationInDays", &a.InstanceDurationInDays) + delete(rawMsg, key) + case "justificationRequiredOnApproval": + err = unpopulate(val, "JustificationRequiredOnApproval", &a.JustificationRequiredOnApproval) + delete(rawMsg, key) + case "mailNotificationsEnabled": + err = unpopulate(val, "MailNotificationsEnabled", &a.MailNotificationsEnabled) + delete(rawMsg, key) + case "recommendationLookBackDuration": + err = unpopulate(val, "RecommendationLookBackDuration", &a.RecommendationLookBackDuration) + delete(rawMsg, key) + case "recommendationsEnabled": + err = unpopulate(val, "RecommendationsEnabled", &a.RecommendationsEnabled) + delete(rawMsg, key) + case "recurrence": + err = unpopulate(val, "Recurrence", &a.Recurrence) + delete(rawMsg, key) + case "reminderNotificationsEnabled": + err = unpopulate(val, "ReminderNotificationsEnabled", &a.ReminderNotificationsEnabled) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", a, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type AccessReviewScope. +func (a AccessReviewScope) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "assignmentState", a.AssignmentState) + populate(objectMap, "excludeResourceId", a.ExcludeResourceID) + populate(objectMap, "excludeRoleDefinitionId", a.ExcludeRoleDefinitionID) + populate(objectMap, "expandNestedMemberships", a.ExpandNestedMemberships) + populate(objectMap, "inactiveDuration", a.InactiveDuration) + populate(objectMap, "includeAccessBelowResource", a.IncludeAccessBelowResource) + populate(objectMap, "includeInheritedAccess", a.IncludeInheritedAccess) + populate(objectMap, "principalType", a.PrincipalType) + populate(objectMap, "resourceId", a.ResourceID) + populate(objectMap, "roleDefinitionId", a.RoleDefinitionID) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type AccessReviewScope. +func (a *AccessReviewScope) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", a, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "assignmentState": + err = unpopulate(val, "AssignmentState", &a.AssignmentState) + delete(rawMsg, key) + case "excludeResourceId": + err = unpopulate(val, "ExcludeResourceID", &a.ExcludeResourceID) + delete(rawMsg, key) + case "excludeRoleDefinitionId": + err = unpopulate(val, "ExcludeRoleDefinitionID", &a.ExcludeRoleDefinitionID) + delete(rawMsg, key) + case "expandNestedMemberships": + err = unpopulate(val, "ExpandNestedMemberships", &a.ExpandNestedMemberships) + delete(rawMsg, key) + case "inactiveDuration": + err = unpopulate(val, "InactiveDuration", &a.InactiveDuration) + delete(rawMsg, key) + case "includeAccessBelowResource": + err = unpopulate(val, "IncludeAccessBelowResource", &a.IncludeAccessBelowResource) + delete(rawMsg, key) + case "includeInheritedAccess": + err = unpopulate(val, "IncludeInheritedAccess", &a.IncludeInheritedAccess) + delete(rawMsg, key) + case "principalType": + err = unpopulate(val, "PrincipalType", &a.PrincipalType) + delete(rawMsg, key) + case "resourceId": + err = unpopulate(val, "ResourceID", &a.ResourceID) + delete(rawMsg, key) + case "roleDefinitionId": + err = unpopulate(val, "RoleDefinitionID", &a.RoleDefinitionID) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", a, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type Alert. +func (a Alert) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "id", a.ID) + populate(objectMap, "name", a.Name) + populate(objectMap, "properties", a.Properties) + populate(objectMap, "type", a.Type) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type Alert. +func (a *Alert) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", a, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "id": + err = unpopulate(val, "ID", &a.ID) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &a.Name) + delete(rawMsg, key) + case "properties": + err = unpopulate(val, "Properties", &a.Properties) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &a.Type) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", a, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type AlertConfiguration. +func (a AlertConfiguration) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "id", a.ID) + populate(objectMap, "name", a.Name) + populate(objectMap, "properties", a.Properties) + populate(objectMap, "type", a.Type) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type AlertConfiguration. +func (a *AlertConfiguration) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", a, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "id": + err = unpopulate(val, "ID", &a.ID) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &a.Name) + delete(rawMsg, key) + case "properties": + a.Properties, err = unmarshalAlertConfigurationPropertiesClassification(val) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &a.Type) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", a, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type AlertConfigurationListResult. +func (a AlertConfigurationListResult) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "nextLink", a.NextLink) + populate(objectMap, "value", a.Value) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type AlertConfigurationListResult. +func (a *AlertConfigurationListResult) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", a, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "nextLink": + err = unpopulate(val, "NextLink", &a.NextLink) + delete(rawMsg, key) + case "value": + err = unpopulate(val, "Value", &a.Value) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", a, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type AlertConfigurationProperties. +func (a AlertConfigurationProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + objectMap["alertConfigurationType"] = a.AlertConfigurationType + populate(objectMap, "alertDefinition", a.AlertDefinition) + populate(objectMap, "alertDefinitionId", a.AlertDefinitionID) + populate(objectMap, "isEnabled", a.IsEnabled) + populate(objectMap, "scope", a.Scope) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type AlertConfigurationProperties. +func (a *AlertConfigurationProperties) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", a, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "alertConfigurationType": + err = unpopulate(val, "AlertConfigurationType", &a.AlertConfigurationType) + delete(rawMsg, key) + case "alertDefinition": + err = unpopulate(val, "AlertDefinition", &a.AlertDefinition) + delete(rawMsg, key) + case "alertDefinitionId": + err = unpopulate(val, "AlertDefinitionID", &a.AlertDefinitionID) + delete(rawMsg, key) + case "isEnabled": + err = unpopulate(val, "IsEnabled", &a.IsEnabled) + delete(rawMsg, key) + case "scope": + err = unpopulate(val, "Scope", &a.Scope) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", a, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type AlertDefinition. +func (a AlertDefinition) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "id", a.ID) + populate(objectMap, "name", a.Name) + populate(objectMap, "properties", a.Properties) + populate(objectMap, "type", a.Type) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type AlertDefinition. +func (a *AlertDefinition) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", a, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "id": + err = unpopulate(val, "ID", &a.ID) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &a.Name) + delete(rawMsg, key) + case "properties": + err = unpopulate(val, "Properties", &a.Properties) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &a.Type) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", a, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type AlertDefinitionListResult. +func (a AlertDefinitionListResult) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "nextLink", a.NextLink) + populate(objectMap, "value", a.Value) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type AlertDefinitionListResult. +func (a *AlertDefinitionListResult) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", a, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "nextLink": + err = unpopulate(val, "NextLink", &a.NextLink) + delete(rawMsg, key) + case "value": + err = unpopulate(val, "Value", &a.Value) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", a, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type AlertDefinitionProperties. +func (a AlertDefinitionProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "description", a.Description) + populate(objectMap, "displayName", a.DisplayName) + populate(objectMap, "howToPrevent", a.HowToPrevent) + populate(objectMap, "isConfigurable", a.IsConfigurable) + populate(objectMap, "isRemediatable", a.IsRemediatable) + populate(objectMap, "mitigationSteps", a.MitigationSteps) + populate(objectMap, "scope", a.Scope) + populate(objectMap, "securityImpact", a.SecurityImpact) + populate(objectMap, "severityLevel", a.SeverityLevel) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type AlertDefinitionProperties. +func (a *AlertDefinitionProperties) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", a, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "description": + err = unpopulate(val, "Description", &a.Description) + delete(rawMsg, key) + case "displayName": + err = unpopulate(val, "DisplayName", &a.DisplayName) + delete(rawMsg, key) + case "howToPrevent": + err = unpopulate(val, "HowToPrevent", &a.HowToPrevent) + delete(rawMsg, key) + case "isConfigurable": + err = unpopulate(val, "IsConfigurable", &a.IsConfigurable) + delete(rawMsg, key) + case "isRemediatable": + err = unpopulate(val, "IsRemediatable", &a.IsRemediatable) + delete(rawMsg, key) + case "mitigationSteps": + err = unpopulate(val, "MitigationSteps", &a.MitigationSteps) + delete(rawMsg, key) + case "scope": + err = unpopulate(val, "Scope", &a.Scope) + delete(rawMsg, key) + case "securityImpact": + err = unpopulate(val, "SecurityImpact", &a.SecurityImpact) + delete(rawMsg, key) + case "severityLevel": + err = unpopulate(val, "SeverityLevel", &a.SeverityLevel) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", a, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type AlertIncident. +func (a AlertIncident) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "id", a.ID) + populate(objectMap, "name", a.Name) + populate(objectMap, "properties", a.Properties) + populate(objectMap, "type", a.Type) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type AlertIncident. +func (a *AlertIncident) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", a, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "id": + err = unpopulate(val, "ID", &a.ID) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &a.Name) + delete(rawMsg, key) + case "properties": + a.Properties, err = unmarshalAlertIncidentPropertiesClassification(val) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &a.Type) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", a, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type AlertIncidentListResult. +func (a AlertIncidentListResult) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "nextLink", a.NextLink) + populate(objectMap, "value", a.Value) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type AlertIncidentListResult. +func (a *AlertIncidentListResult) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", a, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "nextLink": + err = unpopulate(val, "NextLink", &a.NextLink) + delete(rawMsg, key) + case "value": + err = unpopulate(val, "Value", &a.Value) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", a, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type AlertIncidentProperties. +func (a AlertIncidentProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + objectMap["alertIncidentType"] = a.AlertIncidentType + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type AlertIncidentProperties. +func (a *AlertIncidentProperties) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", a, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "alertIncidentType": + err = unpopulate(val, "AlertIncidentType", &a.AlertIncidentType) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", a, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type AlertListResult. +func (a AlertListResult) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "nextLink", a.NextLink) + populate(objectMap, "value", a.Value) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type AlertListResult. +func (a *AlertListResult) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", a, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "nextLink": + err = unpopulate(val, "NextLink", &a.NextLink) + delete(rawMsg, key) + case "value": + err = unpopulate(val, "Value", &a.Value) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", a, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type AlertOperationResult. +func (a AlertOperationResult) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populateDateTimeRFC3339(objectMap, "createdDateTime", a.CreatedDateTime) + populate(objectMap, "id", a.ID) + populateDateTimeRFC3339(objectMap, "lastActionDateTime", a.LastActionDateTime) + populate(objectMap, "resourceLocation", a.ResourceLocation) + populate(objectMap, "status", a.Status) + populate(objectMap, "statusDetail", a.StatusDetail) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type AlertOperationResult. +func (a *AlertOperationResult) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", a, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "createdDateTime": + err = unpopulateDateTimeRFC3339(val, "CreatedDateTime", &a.CreatedDateTime) + delete(rawMsg, key) + case "id": + err = unpopulate(val, "ID", &a.ID) + delete(rawMsg, key) + case "lastActionDateTime": + err = unpopulateDateTimeRFC3339(val, "LastActionDateTime", &a.LastActionDateTime) + delete(rawMsg, key) + case "resourceLocation": + err = unpopulate(val, "ResourceLocation", &a.ResourceLocation) + delete(rawMsg, key) + case "status": + err = unpopulate(val, "Status", &a.Status) + delete(rawMsg, key) + case "statusDetail": + err = unpopulate(val, "StatusDetail", &a.StatusDetail) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", a, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type AlertProperties. +func (a AlertProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "alertConfiguration", a.AlertConfiguration) + populate(objectMap, "alertDefinition", a.AlertDefinition) + populate(objectMap, "alertIncidents", a.AlertIncidents) + populate(objectMap, "incidentCount", a.IncidentCount) + populate(objectMap, "isActive", a.IsActive) + populateDateTimeRFC3339(objectMap, "lastModifiedDateTime", a.LastModifiedDateTime) + populateDateTimeRFC3339(objectMap, "lastScannedDateTime", a.LastScannedDateTime) + populate(objectMap, "scope", a.Scope) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type AlertProperties. +func (a *AlertProperties) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", a, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "alertConfiguration": + err = unpopulate(val, "AlertConfiguration", &a.AlertConfiguration) + delete(rawMsg, key) + case "alertDefinition": + err = unpopulate(val, "AlertDefinition", &a.AlertDefinition) + delete(rawMsg, key) + case "alertIncidents": + err = unpopulate(val, "AlertIncidents", &a.AlertIncidents) + delete(rawMsg, key) + case "incidentCount": + err = unpopulate(val, "IncidentCount", &a.IncidentCount) + delete(rawMsg, key) + case "isActive": + err = unpopulate(val, "IsActive", &a.IsActive) + delete(rawMsg, key) + case "lastModifiedDateTime": + err = unpopulateDateTimeRFC3339(val, "LastModifiedDateTime", &a.LastModifiedDateTime) + delete(rawMsg, key) + case "lastScannedDateTime": + err = unpopulateDateTimeRFC3339(val, "LastScannedDateTime", &a.LastScannedDateTime) + delete(rawMsg, key) + case "scope": + err = unpopulate(val, "Scope", &a.Scope) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", a, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type ApprovalSettings. +func (a ApprovalSettings) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "approvalMode", a.ApprovalMode) + populate(objectMap, "approvalStages", a.ApprovalStages) + populate(objectMap, "isApprovalRequired", a.IsApprovalRequired) + populate(objectMap, "isApprovalRequiredForExtension", a.IsApprovalRequiredForExtension) + populate(objectMap, "isRequestorJustificationRequired", a.IsRequestorJustificationRequired) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type ApprovalSettings. +func (a *ApprovalSettings) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", a, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "approvalMode": + err = unpopulate(val, "ApprovalMode", &a.ApprovalMode) + delete(rawMsg, key) + case "approvalStages": + err = unpopulate(val, "ApprovalStages", &a.ApprovalStages) + delete(rawMsg, key) + case "isApprovalRequired": + err = unpopulate(val, "IsApprovalRequired", &a.IsApprovalRequired) + delete(rawMsg, key) + case "isApprovalRequiredForExtension": + err = unpopulate(val, "IsApprovalRequiredForExtension", &a.IsApprovalRequiredForExtension) + delete(rawMsg, key) + case "isRequestorJustificationRequired": + err = unpopulate(val, "IsRequestorJustificationRequired", &a.IsRequestorJustificationRequired) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", a, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type ApprovalStage. +func (a ApprovalStage) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "approvalStageTimeOutInDays", a.ApprovalStageTimeOutInDays) + populate(objectMap, "escalationApprovers", a.EscalationApprovers) + populate(objectMap, "escalationTimeInMinutes", a.EscalationTimeInMinutes) + populate(objectMap, "isApproverJustificationRequired", a.IsApproverJustificationRequired) + populate(objectMap, "isEscalationEnabled", a.IsEscalationEnabled) + populate(objectMap, "primaryApprovers", a.PrimaryApprovers) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type ApprovalStage. +func (a *ApprovalStage) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", a, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "approvalStageTimeOutInDays": + err = unpopulate(val, "ApprovalStageTimeOutInDays", &a.ApprovalStageTimeOutInDays) + delete(rawMsg, key) + case "escalationApprovers": + err = unpopulate(val, "EscalationApprovers", &a.EscalationApprovers) + delete(rawMsg, key) + case "escalationTimeInMinutes": + err = unpopulate(val, "EscalationTimeInMinutes", &a.EscalationTimeInMinutes) + delete(rawMsg, key) + case "isApproverJustificationRequired": + err = unpopulate(val, "IsApproverJustificationRequired", &a.IsApproverJustificationRequired) + delete(rawMsg, key) + case "isEscalationEnabled": + err = unpopulate(val, "IsEscalationEnabled", &a.IsEscalationEnabled) + delete(rawMsg, key) + case "primaryApprovers": + err = unpopulate(val, "PrimaryApprovers", &a.PrimaryApprovers) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", a, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type AzureRolesAssignedOutsidePimAlertConfigurationProperties. +func (a AzureRolesAssignedOutsidePimAlertConfigurationProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + objectMap["alertConfigurationType"] = "AzureRolesAssignedOutsidePimAlertConfiguration" + populate(objectMap, "alertDefinition", a.AlertDefinition) + populate(objectMap, "alertDefinitionId", a.AlertDefinitionID) + populate(objectMap, "isEnabled", a.IsEnabled) + populate(objectMap, "scope", a.Scope) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type AzureRolesAssignedOutsidePimAlertConfigurationProperties. +func (a *AzureRolesAssignedOutsidePimAlertConfigurationProperties) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", a, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "alertConfigurationType": + err = unpopulate(val, "AlertConfigurationType", &a.AlertConfigurationType) + delete(rawMsg, key) + case "alertDefinition": + err = unpopulate(val, "AlertDefinition", &a.AlertDefinition) + delete(rawMsg, key) + case "alertDefinitionId": + err = unpopulate(val, "AlertDefinitionID", &a.AlertDefinitionID) + delete(rawMsg, key) + case "isEnabled": + err = unpopulate(val, "IsEnabled", &a.IsEnabled) + delete(rawMsg, key) + case "scope": + err = unpopulate(val, "Scope", &a.Scope) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", a, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type AzureRolesAssignedOutsidePimAlertIncidentProperties. +func (a AzureRolesAssignedOutsidePimAlertIncidentProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + objectMap["alertIncidentType"] = "AzureRolesAssignedOutsidePimAlertIncident" + populate(objectMap, "assigneeDisplayName", a.AssigneeDisplayName) + populate(objectMap, "assigneeId", a.AssigneeID) + populate(objectMap, "assigneeUserPrincipalName", a.AssigneeUserPrincipalName) + populateDateTimeRFC3339(objectMap, "assignmentActivatedDate", a.AssignmentActivatedDate) + populate(objectMap, "requestorDisplayName", a.RequestorDisplayName) + populate(objectMap, "requestorId", a.RequestorID) + populate(objectMap, "requestorUserPrincipalName", a.RequestorUserPrincipalName) + populate(objectMap, "roleDefinitionId", a.RoleDefinitionID) + populate(objectMap, "roleDisplayName", a.RoleDisplayName) + populate(objectMap, "roleTemplateId", a.RoleTemplateID) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type AzureRolesAssignedOutsidePimAlertIncidentProperties. +func (a *AzureRolesAssignedOutsidePimAlertIncidentProperties) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", a, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "alertIncidentType": + err = unpopulate(val, "AlertIncidentType", &a.AlertIncidentType) + delete(rawMsg, key) + case "assigneeDisplayName": + err = unpopulate(val, "AssigneeDisplayName", &a.AssigneeDisplayName) + delete(rawMsg, key) + case "assigneeId": + err = unpopulate(val, "AssigneeID", &a.AssigneeID) + delete(rawMsg, key) + case "assigneeUserPrincipalName": + err = unpopulate(val, "AssigneeUserPrincipalName", &a.AssigneeUserPrincipalName) + delete(rawMsg, key) + case "assignmentActivatedDate": + err = unpopulateDateTimeRFC3339(val, "AssignmentActivatedDate", &a.AssignmentActivatedDate) + delete(rawMsg, key) + case "requestorDisplayName": + err = unpopulate(val, "RequestorDisplayName", &a.RequestorDisplayName) + delete(rawMsg, key) + case "requestorId": + err = unpopulate(val, "RequestorID", &a.RequestorID) + delete(rawMsg, key) + case "requestorUserPrincipalName": + err = unpopulate(val, "RequestorUserPrincipalName", &a.RequestorUserPrincipalName) + delete(rawMsg, key) + case "roleDefinitionId": + err = unpopulate(val, "RoleDefinitionID", &a.RoleDefinitionID) + delete(rawMsg, key) + case "roleDisplayName": + err = unpopulate(val, "RoleDisplayName", &a.RoleDisplayName) + delete(rawMsg, key) + case "roleTemplateId": + err = unpopulate(val, "RoleTemplateID", &a.RoleTemplateID) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", a, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type ClassicAdministrator. +func (c ClassicAdministrator) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "id", c.ID) + populate(objectMap, "name", c.Name) + populate(objectMap, "properties", c.Properties) + populate(objectMap, "type", c.Type) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type ClassicAdministrator. +func (c *ClassicAdministrator) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", c, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "id": + err = unpopulate(val, "ID", &c.ID) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &c.Name) + delete(rawMsg, key) + case "properties": + err = unpopulate(val, "Properties", &c.Properties) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &c.Type) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", c, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type ClassicAdministratorListResult. +func (c ClassicAdministratorListResult) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "nextLink", c.NextLink) + populate(objectMap, "value", c.Value) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type ClassicAdministratorListResult. +func (c *ClassicAdministratorListResult) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", c, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "nextLink": + err = unpopulate(val, "NextLink", &c.NextLink) + delete(rawMsg, key) + case "value": + err = unpopulate(val, "Value", &c.Value) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", c, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type ClassicAdministratorProperties. +func (c ClassicAdministratorProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "emailAddress", c.EmailAddress) + populate(objectMap, "role", c.Role) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type ClassicAdministratorProperties. +func (c *ClassicAdministratorProperties) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", c, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "emailAddress": + err = unpopulate(val, "EmailAddress", &c.EmailAddress) + delete(rawMsg, key) + case "role": + err = unpopulate(val, "Role", &c.Role) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", c, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type DenyAssignment. +func (d DenyAssignment) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "id", d.ID) + populate(objectMap, "name", d.Name) + populate(objectMap, "properties", d.Properties) + populate(objectMap, "type", d.Type) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type DenyAssignment. +func (d *DenyAssignment) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", d, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "id": + err = unpopulate(val, "ID", &d.ID) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &d.Name) + delete(rawMsg, key) + case "properties": + err = unpopulate(val, "Properties", &d.Properties) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &d.Type) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", d, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type DenyAssignmentFilter. +func (d DenyAssignmentFilter) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "denyAssignmentName", d.DenyAssignmentName) + populate(objectMap, "gdprExportPrincipalId", d.GdprExportPrincipalID) + populate(objectMap, "principalId", d.PrincipalID) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type DenyAssignmentFilter. +func (d *DenyAssignmentFilter) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", d, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "denyAssignmentName": + err = unpopulate(val, "DenyAssignmentName", &d.DenyAssignmentName) + delete(rawMsg, key) + case "gdprExportPrincipalId": + err = unpopulate(val, "GdprExportPrincipalID", &d.GdprExportPrincipalID) + delete(rawMsg, key) + case "principalId": + err = unpopulate(val, "PrincipalID", &d.PrincipalID) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", d, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type DenyAssignmentListResult. +func (d DenyAssignmentListResult) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "nextLink", d.NextLink) + populate(objectMap, "value", d.Value) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type DenyAssignmentListResult. +func (d *DenyAssignmentListResult) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", d, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "nextLink": + err = unpopulate(val, "NextLink", &d.NextLink) + delete(rawMsg, key) + case "value": + err = unpopulate(val, "Value", &d.Value) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", d, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type DenyAssignmentPermission. +func (d DenyAssignmentPermission) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "actions", d.Actions) + populate(objectMap, "condition", d.Condition) + populate(objectMap, "conditionVersion", d.ConditionVersion) + populate(objectMap, "dataActions", d.DataActions) + populate(objectMap, "notActions", d.NotActions) + populate(objectMap, "notDataActions", d.NotDataActions) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type DenyAssignmentPermission. +func (d *DenyAssignmentPermission) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", d, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "actions": + err = unpopulate(val, "Actions", &d.Actions) + delete(rawMsg, key) + case "condition": + err = unpopulate(val, "Condition", &d.Condition) + delete(rawMsg, key) + case "conditionVersion": + err = unpopulate(val, "ConditionVersion", &d.ConditionVersion) + delete(rawMsg, key) + case "dataActions": + err = unpopulate(val, "DataActions", &d.DataActions) + delete(rawMsg, key) + case "notActions": + err = unpopulate(val, "NotActions", &d.NotActions) + delete(rawMsg, key) + case "notDataActions": + err = unpopulate(val, "NotDataActions", &d.NotDataActions) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", d, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type DenyAssignmentProperties. +func (d DenyAssignmentProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "condition", d.Condition) + populate(objectMap, "conditionVersion", d.ConditionVersion) + populate(objectMap, "createdBy", d.CreatedBy) + populateDateTimeRFC3339(objectMap, "createdOn", d.CreatedOn) + populate(objectMap, "denyAssignmentName", d.DenyAssignmentName) + populate(objectMap, "description", d.Description) + populate(objectMap, "doNotApplyToChildScopes", d.DoNotApplyToChildScopes) + populate(objectMap, "excludePrincipals", d.ExcludePrincipals) + populate(objectMap, "isSystemProtected", d.IsSystemProtected) + populate(objectMap, "permissions", d.Permissions) + populate(objectMap, "principals", d.Principals) + populate(objectMap, "scope", d.Scope) + populate(objectMap, "updatedBy", d.UpdatedBy) + populateDateTimeRFC3339(objectMap, "updatedOn", d.UpdatedOn) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type DenyAssignmentProperties. +func (d *DenyAssignmentProperties) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", d, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "condition": + err = unpopulate(val, "Condition", &d.Condition) + delete(rawMsg, key) + case "conditionVersion": + err = unpopulate(val, "ConditionVersion", &d.ConditionVersion) + delete(rawMsg, key) + case "createdBy": + err = unpopulate(val, "CreatedBy", &d.CreatedBy) + delete(rawMsg, key) + case "createdOn": + err = unpopulateDateTimeRFC3339(val, "CreatedOn", &d.CreatedOn) + delete(rawMsg, key) + case "denyAssignmentName": + err = unpopulate(val, "DenyAssignmentName", &d.DenyAssignmentName) + delete(rawMsg, key) + case "description": + err = unpopulate(val, "Description", &d.Description) + delete(rawMsg, key) + case "doNotApplyToChildScopes": + err = unpopulate(val, "DoNotApplyToChildScopes", &d.DoNotApplyToChildScopes) + delete(rawMsg, key) + case "excludePrincipals": + err = unpopulate(val, "ExcludePrincipals", &d.ExcludePrincipals) + delete(rawMsg, key) + case "isSystemProtected": + err = unpopulate(val, "IsSystemProtected", &d.IsSystemProtected) + delete(rawMsg, key) + case "permissions": + err = unpopulate(val, "Permissions", &d.Permissions) + delete(rawMsg, key) + case "principals": + err = unpopulate(val, "Principals", &d.Principals) + delete(rawMsg, key) + case "scope": + err = unpopulate(val, "Scope", &d.Scope) + delete(rawMsg, key) + case "updatedBy": + err = unpopulate(val, "UpdatedBy", &d.UpdatedBy) + delete(rawMsg, key) + case "updatedOn": + err = unpopulateDateTimeRFC3339(val, "UpdatedOn", &d.UpdatedOn) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", d, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type DuplicateRoleCreatedAlertConfigurationProperties. +func (d DuplicateRoleCreatedAlertConfigurationProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + objectMap["alertConfigurationType"] = "DuplicateRoleCreatedAlertConfiguration" + populate(objectMap, "alertDefinition", d.AlertDefinition) + populate(objectMap, "alertDefinitionId", d.AlertDefinitionID) + populate(objectMap, "isEnabled", d.IsEnabled) + populate(objectMap, "scope", d.Scope) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type DuplicateRoleCreatedAlertConfigurationProperties. +func (d *DuplicateRoleCreatedAlertConfigurationProperties) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", d, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "alertConfigurationType": + err = unpopulate(val, "AlertConfigurationType", &d.AlertConfigurationType) + delete(rawMsg, key) + case "alertDefinition": + err = unpopulate(val, "AlertDefinition", &d.AlertDefinition) + delete(rawMsg, key) + case "alertDefinitionId": + err = unpopulate(val, "AlertDefinitionID", &d.AlertDefinitionID) + delete(rawMsg, key) + case "isEnabled": + err = unpopulate(val, "IsEnabled", &d.IsEnabled) + delete(rawMsg, key) + case "scope": + err = unpopulate(val, "Scope", &d.Scope) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", d, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type DuplicateRoleCreatedAlertIncidentProperties. +func (d DuplicateRoleCreatedAlertIncidentProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + objectMap["alertIncidentType"] = "DuplicateRoleCreatedAlertIncident" + populate(objectMap, "duplicateRoles", d.DuplicateRoles) + populate(objectMap, "reason", d.Reason) + populate(objectMap, "roleName", d.RoleName) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type DuplicateRoleCreatedAlertIncidentProperties. +func (d *DuplicateRoleCreatedAlertIncidentProperties) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", d, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "alertIncidentType": + err = unpopulate(val, "AlertIncidentType", &d.AlertIncidentType) + delete(rawMsg, key) + case "duplicateRoles": + err = unpopulate(val, "DuplicateRoles", &d.DuplicateRoles) + delete(rawMsg, key) + case "reason": + err = unpopulate(val, "Reason", &d.Reason) + delete(rawMsg, key) + case "roleName": + err = unpopulate(val, "RoleName", &d.RoleName) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", d, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type EligibleChildResource. +func (e EligibleChildResource) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "id", e.ID) + populate(objectMap, "name", e.Name) + populate(objectMap, "type", e.Type) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type EligibleChildResource. +func (e *EligibleChildResource) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", e, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "id": + err = unpopulate(val, "ID", &e.ID) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &e.Name) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &e.Type) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", e, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type EligibleChildResourcesListResult. +func (e EligibleChildResourcesListResult) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "nextLink", e.NextLink) + populate(objectMap, "value", e.Value) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type EligibleChildResourcesListResult. +func (e *EligibleChildResourcesListResult) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", e, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "nextLink": + err = unpopulate(val, "NextLink", &e.NextLink) + delete(rawMsg, key) + case "value": + err = unpopulate(val, "Value", &e.Value) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", e, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type ErrorAdditionalInfo. +func (e ErrorAdditionalInfo) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populateAny(objectMap, "info", e.Info) + populate(objectMap, "type", e.Type) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type ErrorAdditionalInfo. +func (e *ErrorAdditionalInfo) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", e, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "info": + err = unpopulate(val, "Info", &e.Info) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &e.Type) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", e, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type ErrorDefinition. +func (e ErrorDefinition) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "error", e.Error) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type ErrorDefinition. +func (e *ErrorDefinition) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", e, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "error": + err = unpopulate(val, "Error", &e.Error) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", e, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type ErrorDefinitionProperties. +func (e ErrorDefinitionProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "code", e.Code) + populate(objectMap, "message", e.Message) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type ErrorDefinitionProperties. +func (e *ErrorDefinitionProperties) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", e, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "code": + err = unpopulate(val, "Code", &e.Code) + delete(rawMsg, key) + case "message": + err = unpopulate(val, "Message", &e.Message) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", e, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type ErrorDetail. +func (e ErrorDetail) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "additionalInfo", e.AdditionalInfo) + populate(objectMap, "code", e.Code) + populate(objectMap, "details", e.Details) + populate(objectMap, "message", e.Message) + populate(objectMap, "target", e.Target) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type ErrorDetail. +func (e *ErrorDetail) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", e, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "additionalInfo": + err = unpopulate(val, "AdditionalInfo", &e.AdditionalInfo) + delete(rawMsg, key) + case "code": + err = unpopulate(val, "Code", &e.Code) + delete(rawMsg, key) + case "details": + err = unpopulate(val, "Details", &e.Details) + delete(rawMsg, key) + case "message": + err = unpopulate(val, "Message", &e.Message) + delete(rawMsg, key) + case "target": + err = unpopulate(val, "Target", &e.Target) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", e, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type ErrorResponse. +func (e ErrorResponse) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "error", e.Error) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type ErrorResponse. +func (e *ErrorResponse) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", e, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "error": + err = unpopulate(val, "Error", &e.Error) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", e, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type ExpandedProperties. +func (e ExpandedProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "principal", e.Principal) + populate(objectMap, "roleDefinition", e.RoleDefinition) + populate(objectMap, "scope", e.Scope) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type ExpandedProperties. +func (e *ExpandedProperties) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", e, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "principal": + err = unpopulate(val, "Principal", &e.Principal) + delete(rawMsg, key) + case "roleDefinition": + err = unpopulate(val, "RoleDefinition", &e.RoleDefinition) + delete(rawMsg, key) + case "scope": + err = unpopulate(val, "Scope", &e.Scope) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", e, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type ExpandedPropertiesPrincipal. +func (e ExpandedPropertiesPrincipal) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "displayName", e.DisplayName) + populate(objectMap, "email", e.Email) + populate(objectMap, "id", e.ID) + populate(objectMap, "type", e.Type) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type ExpandedPropertiesPrincipal. +func (e *ExpandedPropertiesPrincipal) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", e, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "displayName": + err = unpopulate(val, "DisplayName", &e.DisplayName) + delete(rawMsg, key) + case "email": + err = unpopulate(val, "Email", &e.Email) + delete(rawMsg, key) + case "id": + err = unpopulate(val, "ID", &e.ID) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &e.Type) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", e, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type ExpandedPropertiesRoleDefinition. +func (e ExpandedPropertiesRoleDefinition) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "displayName", e.DisplayName) + populate(objectMap, "id", e.ID) + populate(objectMap, "type", e.Type) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type ExpandedPropertiesRoleDefinition. +func (e *ExpandedPropertiesRoleDefinition) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", e, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "displayName": + err = unpopulate(val, "DisplayName", &e.DisplayName) + delete(rawMsg, key) + case "id": + err = unpopulate(val, "ID", &e.ID) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &e.Type) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", e, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type ExpandedPropertiesScope. +func (e ExpandedPropertiesScope) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "displayName", e.DisplayName) + populate(objectMap, "id", e.ID) + populate(objectMap, "type", e.Type) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type ExpandedPropertiesScope. +func (e *ExpandedPropertiesScope) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", e, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "displayName": + err = unpopulate(val, "DisplayName", &e.DisplayName) + delete(rawMsg, key) + case "id": + err = unpopulate(val, "ID", &e.ID) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &e.Type) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", e, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type Operation. +func (o Operation) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "display", o.Display) + populate(objectMap, "isDataAction", o.IsDataAction) + populate(objectMap, "name", o.Name) + populate(objectMap, "origin", o.Origin) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type Operation. +func (o *Operation) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", o, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "display": + err = unpopulate(val, "Display", &o.Display) + delete(rawMsg, key) + case "isDataAction": + err = unpopulate(val, "IsDataAction", &o.IsDataAction) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &o.Name) + delete(rawMsg, key) + case "origin": + err = unpopulate(val, "Origin", &o.Origin) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", o, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type OperationDisplay. +func (o OperationDisplay) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "description", o.Description) + populate(objectMap, "operation", o.Operation) + populate(objectMap, "provider", o.Provider) + populate(objectMap, "resource", o.Resource) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type OperationDisplay. +func (o *OperationDisplay) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", o, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "description": + err = unpopulate(val, "Description", &o.Description) + delete(rawMsg, key) + case "operation": + err = unpopulate(val, "Operation", &o.Operation) + delete(rawMsg, key) + case "provider": + err = unpopulate(val, "Provider", &o.Provider) + delete(rawMsg, key) + case "resource": + err = unpopulate(val, "Resource", &o.Resource) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", o, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type OperationListResult. +func (o OperationListResult) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "nextLink", o.NextLink) + populate(objectMap, "value", o.Value) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type OperationListResult. +func (o *OperationListResult) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", o, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "nextLink": + err = unpopulate(val, "NextLink", &o.NextLink) + delete(rawMsg, key) + case "value": + err = unpopulate(val, "Value", &o.Value) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", o, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type Permission. +func (p Permission) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "actions", p.Actions) + populate(objectMap, "condition", p.Condition) + populate(objectMap, "conditionVersion", p.ConditionVersion) + populate(objectMap, "dataActions", p.DataActions) + populate(objectMap, "notActions", p.NotActions) + populate(objectMap, "notDataActions", p.NotDataActions) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type Permission. +func (p *Permission) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", p, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "actions": + err = unpopulate(val, "Actions", &p.Actions) + delete(rawMsg, key) + case "condition": + err = unpopulate(val, "Condition", &p.Condition) + delete(rawMsg, key) + case "conditionVersion": + err = unpopulate(val, "ConditionVersion", &p.ConditionVersion) + delete(rawMsg, key) + case "dataActions": + err = unpopulate(val, "DataActions", &p.DataActions) + delete(rawMsg, key) + case "notActions": + err = unpopulate(val, "NotActions", &p.NotActions) + delete(rawMsg, key) + case "notDataActions": + err = unpopulate(val, "NotDataActions", &p.NotDataActions) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", p, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type PermissionGetResult. +func (p PermissionGetResult) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "nextLink", p.NextLink) + populate(objectMap, "value", p.Value) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type PermissionGetResult. +func (p *PermissionGetResult) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", p, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "nextLink": + err = unpopulate(val, "NextLink", &p.NextLink) + delete(rawMsg, key) + case "value": + err = unpopulate(val, "Value", &p.Value) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", p, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type PolicyAssignmentProperties. +func (p PolicyAssignmentProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "policy", p.Policy) + populate(objectMap, "roleDefinition", p.RoleDefinition) + populate(objectMap, "scope", p.Scope) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type PolicyAssignmentProperties. +func (p *PolicyAssignmentProperties) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", p, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "policy": + err = unpopulate(val, "Policy", &p.Policy) + delete(rawMsg, key) + case "roleDefinition": + err = unpopulate(val, "RoleDefinition", &p.RoleDefinition) + delete(rawMsg, key) + case "scope": + err = unpopulate(val, "Scope", &p.Scope) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", p, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type PolicyAssignmentPropertiesPolicy. +func (p PolicyAssignmentPropertiesPolicy) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "id", p.ID) + populate(objectMap, "lastModifiedBy", p.LastModifiedBy) + populateDateTimeRFC3339(objectMap, "lastModifiedDateTime", p.LastModifiedDateTime) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type PolicyAssignmentPropertiesPolicy. +func (p *PolicyAssignmentPropertiesPolicy) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", p, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "id": + err = unpopulate(val, "ID", &p.ID) + delete(rawMsg, key) + case "lastModifiedBy": + err = unpopulate(val, "LastModifiedBy", &p.LastModifiedBy) + delete(rawMsg, key) + case "lastModifiedDateTime": + err = unpopulateDateTimeRFC3339(val, "LastModifiedDateTime", &p.LastModifiedDateTime) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", p, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type PolicyAssignmentPropertiesRoleDefinition. +func (p PolicyAssignmentPropertiesRoleDefinition) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "displayName", p.DisplayName) + populate(objectMap, "id", p.ID) + populate(objectMap, "type", p.Type) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type PolicyAssignmentPropertiesRoleDefinition. +func (p *PolicyAssignmentPropertiesRoleDefinition) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", p, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "displayName": + err = unpopulate(val, "DisplayName", &p.DisplayName) + delete(rawMsg, key) + case "id": + err = unpopulate(val, "ID", &p.ID) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &p.Type) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", p, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type PolicyAssignmentPropertiesScope. +func (p PolicyAssignmentPropertiesScope) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "displayName", p.DisplayName) + populate(objectMap, "id", p.ID) + populate(objectMap, "type", p.Type) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type PolicyAssignmentPropertiesScope. +func (p *PolicyAssignmentPropertiesScope) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", p, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "displayName": + err = unpopulate(val, "DisplayName", &p.DisplayName) + delete(rawMsg, key) + case "id": + err = unpopulate(val, "ID", &p.ID) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &p.Type) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", p, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type PolicyProperties. +func (p PolicyProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "scope", p.Scope) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type PolicyProperties. +func (p *PolicyProperties) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", p, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "scope": + err = unpopulate(val, "Scope", &p.Scope) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", p, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type PolicyPropertiesScope. +func (p PolicyPropertiesScope) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "displayName", p.DisplayName) + populate(objectMap, "id", p.ID) + populate(objectMap, "type", p.Type) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type PolicyPropertiesScope. +func (p *PolicyPropertiesScope) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", p, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "displayName": + err = unpopulate(val, "DisplayName", &p.DisplayName) + delete(rawMsg, key) + case "id": + err = unpopulate(val, "ID", &p.ID) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &p.Type) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", p, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type Principal. +func (p Principal) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "displayName", p.DisplayName) + populate(objectMap, "email", p.Email) + populate(objectMap, "id", p.ID) + populate(objectMap, "type", p.Type) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type Principal. +func (p *Principal) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", p, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "displayName": + err = unpopulate(val, "DisplayName", &p.DisplayName) + delete(rawMsg, key) + case "email": + err = unpopulate(val, "Email", &p.Email) + delete(rawMsg, key) + case "id": + err = unpopulate(val, "ID", &p.ID) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &p.Type) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", p, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type ProviderOperation. +func (p ProviderOperation) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "description", p.Description) + populate(objectMap, "displayName", p.DisplayName) + populate(objectMap, "isDataAction", p.IsDataAction) + populate(objectMap, "name", p.Name) + populate(objectMap, "origin", p.Origin) + populateAny(objectMap, "properties", p.Properties) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type ProviderOperation. +func (p *ProviderOperation) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", p, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "description": + err = unpopulate(val, "Description", &p.Description) + delete(rawMsg, key) + case "displayName": + err = unpopulate(val, "DisplayName", &p.DisplayName) + delete(rawMsg, key) + case "isDataAction": + err = unpopulate(val, "IsDataAction", &p.IsDataAction) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &p.Name) + delete(rawMsg, key) + case "origin": + err = unpopulate(val, "Origin", &p.Origin) + delete(rawMsg, key) + case "properties": + err = unpopulate(val, "Properties", &p.Properties) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", p, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type ProviderOperationsMetadata. +func (p ProviderOperationsMetadata) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "displayName", p.DisplayName) + populate(objectMap, "id", p.ID) + populate(objectMap, "name", p.Name) + populate(objectMap, "operations", p.Operations) + populate(objectMap, "resourceTypes", p.ResourceTypes) + populate(objectMap, "type", p.Type) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type ProviderOperationsMetadata. +func (p *ProviderOperationsMetadata) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", p, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "displayName": + err = unpopulate(val, "DisplayName", &p.DisplayName) + delete(rawMsg, key) + case "id": + err = unpopulate(val, "ID", &p.ID) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &p.Name) + delete(rawMsg, key) + case "operations": + err = unpopulate(val, "Operations", &p.Operations) + delete(rawMsg, key) + case "resourceTypes": + err = unpopulate(val, "ResourceTypes", &p.ResourceTypes) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &p.Type) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", p, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type ProviderOperationsMetadataListResult. +func (p ProviderOperationsMetadataListResult) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "nextLink", p.NextLink) + populate(objectMap, "value", p.Value) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type ProviderOperationsMetadataListResult. +func (p *ProviderOperationsMetadataListResult) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", p, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "nextLink": + err = unpopulate(val, "NextLink", &p.NextLink) + delete(rawMsg, key) + case "value": + err = unpopulate(val, "Value", &p.Value) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", p, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type RecordAllDecisionsProperties. +func (r RecordAllDecisionsProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "decision", r.Decision) + populate(objectMap, "justification", r.Justification) + populate(objectMap, "principalId", r.PrincipalID) + populate(objectMap, "resourceId", r.ResourceID) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type RecordAllDecisionsProperties. +func (r *RecordAllDecisionsProperties) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "decision": + err = unpopulate(val, "Decision", &r.Decision) + delete(rawMsg, key) + case "justification": + err = unpopulate(val, "Justification", &r.Justification) + delete(rawMsg, key) + case "principalId": + err = unpopulate(val, "PrincipalID", &r.PrincipalID) + delete(rawMsg, key) + case "resourceId": + err = unpopulate(val, "ResourceID", &r.ResourceID) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type ResourceType. +func (r ResourceType) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "displayName", r.DisplayName) + populate(objectMap, "name", r.Name) + populate(objectMap, "operations", r.Operations) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type ResourceType. +func (r *ResourceType) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "displayName": + err = unpopulate(val, "DisplayName", &r.DisplayName) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &r.Name) + delete(rawMsg, key) + case "operations": + err = unpopulate(val, "Operations", &r.Operations) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type RoleAssignment. +func (r RoleAssignment) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "id", r.ID) + populate(objectMap, "name", r.Name) + populate(objectMap, "properties", r.Properties) + populate(objectMap, "type", r.Type) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type RoleAssignment. +func (r *RoleAssignment) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "id": + err = unpopulate(val, "ID", &r.ID) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &r.Name) + delete(rawMsg, key) + case "properties": + err = unpopulate(val, "Properties", &r.Properties) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &r.Type) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type RoleAssignmentCreateParameters. +func (r RoleAssignmentCreateParameters) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "properties", r.Properties) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type RoleAssignmentCreateParameters. +func (r *RoleAssignmentCreateParameters) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "properties": + err = unpopulate(val, "Properties", &r.Properties) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type RoleAssignmentFilter. +func (r RoleAssignmentFilter) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "principalId", r.PrincipalID) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type RoleAssignmentFilter. +func (r *RoleAssignmentFilter) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "principalId": + err = unpopulate(val, "PrincipalID", &r.PrincipalID) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type RoleAssignmentListResult. +func (r RoleAssignmentListResult) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "nextLink", r.NextLink) + populate(objectMap, "value", r.Value) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type RoleAssignmentListResult. +func (r *RoleAssignmentListResult) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "nextLink": + err = unpopulate(val, "NextLink", &r.NextLink) + delete(rawMsg, key) + case "value": + err = unpopulate(val, "Value", &r.Value) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type RoleAssignmentProperties. +func (r RoleAssignmentProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "condition", r.Condition) + populate(objectMap, "conditionVersion", r.ConditionVersion) + populate(objectMap, "createdBy", r.CreatedBy) + populateDateTimeRFC3339(objectMap, "createdOn", r.CreatedOn) + populate(objectMap, "delegatedManagedIdentityResourceId", r.DelegatedManagedIdentityResourceID) + populate(objectMap, "description", r.Description) + populate(objectMap, "principalId", r.PrincipalID) + populate(objectMap, "principalType", r.PrincipalType) + populate(objectMap, "roleDefinitionId", r.RoleDefinitionID) + populate(objectMap, "scope", r.Scope) + populate(objectMap, "updatedBy", r.UpdatedBy) + populateDateTimeRFC3339(objectMap, "updatedOn", r.UpdatedOn) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type RoleAssignmentProperties. +func (r *RoleAssignmentProperties) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "condition": + err = unpopulate(val, "Condition", &r.Condition) + delete(rawMsg, key) + case "conditionVersion": + err = unpopulate(val, "ConditionVersion", &r.ConditionVersion) + delete(rawMsg, key) + case "createdBy": + err = unpopulate(val, "CreatedBy", &r.CreatedBy) + delete(rawMsg, key) + case "createdOn": + err = unpopulateDateTimeRFC3339(val, "CreatedOn", &r.CreatedOn) + delete(rawMsg, key) + case "delegatedManagedIdentityResourceId": + err = unpopulate(val, "DelegatedManagedIdentityResourceID", &r.DelegatedManagedIdentityResourceID) + delete(rawMsg, key) + case "description": + err = unpopulate(val, "Description", &r.Description) + delete(rawMsg, key) + case "principalId": + err = unpopulate(val, "PrincipalID", &r.PrincipalID) + delete(rawMsg, key) + case "principalType": + err = unpopulate(val, "PrincipalType", &r.PrincipalType) + delete(rawMsg, key) + case "roleDefinitionId": + err = unpopulate(val, "RoleDefinitionID", &r.RoleDefinitionID) + delete(rawMsg, key) + case "scope": + err = unpopulate(val, "Scope", &r.Scope) + delete(rawMsg, key) + case "updatedBy": + err = unpopulate(val, "UpdatedBy", &r.UpdatedBy) + delete(rawMsg, key) + case "updatedOn": + err = unpopulateDateTimeRFC3339(val, "UpdatedOn", &r.UpdatedOn) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type RoleAssignmentSchedule. +func (r RoleAssignmentSchedule) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "id", r.ID) + populate(objectMap, "name", r.Name) + populate(objectMap, "properties", r.Properties) + populate(objectMap, "type", r.Type) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type RoleAssignmentSchedule. +func (r *RoleAssignmentSchedule) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "id": + err = unpopulate(val, "ID", &r.ID) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &r.Name) + delete(rawMsg, key) + case "properties": + err = unpopulate(val, "Properties", &r.Properties) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &r.Type) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type RoleAssignmentScheduleFilter. +func (r RoleAssignmentScheduleFilter) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "principalId", r.PrincipalID) + populate(objectMap, "roleDefinitionId", r.RoleDefinitionID) + populate(objectMap, "status", r.Status) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type RoleAssignmentScheduleFilter. +func (r *RoleAssignmentScheduleFilter) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "principalId": + err = unpopulate(val, "PrincipalID", &r.PrincipalID) + delete(rawMsg, key) + case "roleDefinitionId": + err = unpopulate(val, "RoleDefinitionID", &r.RoleDefinitionID) + delete(rawMsg, key) + case "status": + err = unpopulate(val, "Status", &r.Status) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type RoleAssignmentScheduleInstance. +func (r RoleAssignmentScheduleInstance) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "id", r.ID) + populate(objectMap, "name", r.Name) + populate(objectMap, "properties", r.Properties) + populate(objectMap, "type", r.Type) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type RoleAssignmentScheduleInstance. +func (r *RoleAssignmentScheduleInstance) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "id": + err = unpopulate(val, "ID", &r.ID) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &r.Name) + delete(rawMsg, key) + case "properties": + err = unpopulate(val, "Properties", &r.Properties) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &r.Type) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type RoleAssignmentScheduleInstanceFilter. +func (r RoleAssignmentScheduleInstanceFilter) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "principalId", r.PrincipalID) + populate(objectMap, "roleAssignmentScheduleId", r.RoleAssignmentScheduleID) + populate(objectMap, "roleDefinitionId", r.RoleDefinitionID) + populate(objectMap, "status", r.Status) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type RoleAssignmentScheduleInstanceFilter. +func (r *RoleAssignmentScheduleInstanceFilter) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "principalId": + err = unpopulate(val, "PrincipalID", &r.PrincipalID) + delete(rawMsg, key) + case "roleAssignmentScheduleId": + err = unpopulate(val, "RoleAssignmentScheduleID", &r.RoleAssignmentScheduleID) + delete(rawMsg, key) + case "roleDefinitionId": + err = unpopulate(val, "RoleDefinitionID", &r.RoleDefinitionID) + delete(rawMsg, key) + case "status": + err = unpopulate(val, "Status", &r.Status) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type RoleAssignmentScheduleInstanceListResult. +func (r RoleAssignmentScheduleInstanceListResult) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "nextLink", r.NextLink) + populate(objectMap, "value", r.Value) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type RoleAssignmentScheduleInstanceListResult. +func (r *RoleAssignmentScheduleInstanceListResult) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "nextLink": + err = unpopulate(val, "NextLink", &r.NextLink) + delete(rawMsg, key) + case "value": + err = unpopulate(val, "Value", &r.Value) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type RoleAssignmentScheduleInstanceProperties. +func (r RoleAssignmentScheduleInstanceProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "assignmentType", r.AssignmentType) + populate(objectMap, "condition", r.Condition) + populate(objectMap, "conditionVersion", r.ConditionVersion) + populateDateTimeRFC3339(objectMap, "createdOn", r.CreatedOn) + populateDateTimeRFC3339(objectMap, "endDateTime", r.EndDateTime) + populate(objectMap, "expandedProperties", r.ExpandedProperties) + populate(objectMap, "linkedRoleEligibilityScheduleId", r.LinkedRoleEligibilityScheduleID) + populate(objectMap, "linkedRoleEligibilityScheduleInstanceId", r.LinkedRoleEligibilityScheduleInstanceID) + populate(objectMap, "memberType", r.MemberType) + populate(objectMap, "originRoleAssignmentId", r.OriginRoleAssignmentID) + populate(objectMap, "principalId", r.PrincipalID) + populate(objectMap, "principalType", r.PrincipalType) + populate(objectMap, "roleAssignmentScheduleId", r.RoleAssignmentScheduleID) + populate(objectMap, "roleDefinitionId", r.RoleDefinitionID) + populate(objectMap, "scope", r.Scope) + populateDateTimeRFC3339(objectMap, "startDateTime", r.StartDateTime) + populate(objectMap, "status", r.Status) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type RoleAssignmentScheduleInstanceProperties. +func (r *RoleAssignmentScheduleInstanceProperties) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "assignmentType": + err = unpopulate(val, "AssignmentType", &r.AssignmentType) + delete(rawMsg, key) + case "condition": + err = unpopulate(val, "Condition", &r.Condition) + delete(rawMsg, key) + case "conditionVersion": + err = unpopulate(val, "ConditionVersion", &r.ConditionVersion) + delete(rawMsg, key) + case "createdOn": + err = unpopulateDateTimeRFC3339(val, "CreatedOn", &r.CreatedOn) + delete(rawMsg, key) + case "endDateTime": + err = unpopulateDateTimeRFC3339(val, "EndDateTime", &r.EndDateTime) + delete(rawMsg, key) + case "expandedProperties": + err = unpopulate(val, "ExpandedProperties", &r.ExpandedProperties) + delete(rawMsg, key) + case "linkedRoleEligibilityScheduleId": + err = unpopulate(val, "LinkedRoleEligibilityScheduleID", &r.LinkedRoleEligibilityScheduleID) + delete(rawMsg, key) + case "linkedRoleEligibilityScheduleInstanceId": + err = unpopulate(val, "LinkedRoleEligibilityScheduleInstanceID", &r.LinkedRoleEligibilityScheduleInstanceID) + delete(rawMsg, key) + case "memberType": + err = unpopulate(val, "MemberType", &r.MemberType) + delete(rawMsg, key) + case "originRoleAssignmentId": + err = unpopulate(val, "OriginRoleAssignmentID", &r.OriginRoleAssignmentID) + delete(rawMsg, key) + case "principalId": + err = unpopulate(val, "PrincipalID", &r.PrincipalID) + delete(rawMsg, key) + case "principalType": + err = unpopulate(val, "PrincipalType", &r.PrincipalType) + delete(rawMsg, key) + case "roleAssignmentScheduleId": + err = unpopulate(val, "RoleAssignmentScheduleID", &r.RoleAssignmentScheduleID) + delete(rawMsg, key) + case "roleDefinitionId": + err = unpopulate(val, "RoleDefinitionID", &r.RoleDefinitionID) + delete(rawMsg, key) + case "scope": + err = unpopulate(val, "Scope", &r.Scope) + delete(rawMsg, key) + case "startDateTime": + err = unpopulateDateTimeRFC3339(val, "StartDateTime", &r.StartDateTime) + delete(rawMsg, key) + case "status": + err = unpopulate(val, "Status", &r.Status) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type RoleAssignmentScheduleListResult. +func (r RoleAssignmentScheduleListResult) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "nextLink", r.NextLink) + populate(objectMap, "value", r.Value) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type RoleAssignmentScheduleListResult. +func (r *RoleAssignmentScheduleListResult) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "nextLink": + err = unpopulate(val, "NextLink", &r.NextLink) + delete(rawMsg, key) + case "value": + err = unpopulate(val, "Value", &r.Value) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type RoleAssignmentScheduleProperties. +func (r RoleAssignmentScheduleProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "assignmentType", r.AssignmentType) + populate(objectMap, "condition", r.Condition) + populate(objectMap, "conditionVersion", r.ConditionVersion) + populateDateTimeRFC3339(objectMap, "createdOn", r.CreatedOn) + populateDateTimeRFC3339(objectMap, "endDateTime", r.EndDateTime) + populate(objectMap, "expandedProperties", r.ExpandedProperties) + populate(objectMap, "linkedRoleEligibilityScheduleId", r.LinkedRoleEligibilityScheduleID) + populate(objectMap, "memberType", r.MemberType) + populate(objectMap, "principalId", r.PrincipalID) + populate(objectMap, "principalType", r.PrincipalType) + populate(objectMap, "roleAssignmentScheduleRequestId", r.RoleAssignmentScheduleRequestID) + populate(objectMap, "roleDefinitionId", r.RoleDefinitionID) + populate(objectMap, "scope", r.Scope) + populateDateTimeRFC3339(objectMap, "startDateTime", r.StartDateTime) + populate(objectMap, "status", r.Status) + populateDateTimeRFC3339(objectMap, "updatedOn", r.UpdatedOn) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type RoleAssignmentScheduleProperties. +func (r *RoleAssignmentScheduleProperties) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "assignmentType": + err = unpopulate(val, "AssignmentType", &r.AssignmentType) + delete(rawMsg, key) + case "condition": + err = unpopulate(val, "Condition", &r.Condition) + delete(rawMsg, key) + case "conditionVersion": + err = unpopulate(val, "ConditionVersion", &r.ConditionVersion) + delete(rawMsg, key) + case "createdOn": + err = unpopulateDateTimeRFC3339(val, "CreatedOn", &r.CreatedOn) + delete(rawMsg, key) + case "endDateTime": + err = unpopulateDateTimeRFC3339(val, "EndDateTime", &r.EndDateTime) + delete(rawMsg, key) + case "expandedProperties": + err = unpopulate(val, "ExpandedProperties", &r.ExpandedProperties) + delete(rawMsg, key) + case "linkedRoleEligibilityScheduleId": + err = unpopulate(val, "LinkedRoleEligibilityScheduleID", &r.LinkedRoleEligibilityScheduleID) + delete(rawMsg, key) + case "memberType": + err = unpopulate(val, "MemberType", &r.MemberType) + delete(rawMsg, key) + case "principalId": + err = unpopulate(val, "PrincipalID", &r.PrincipalID) + delete(rawMsg, key) + case "principalType": + err = unpopulate(val, "PrincipalType", &r.PrincipalType) + delete(rawMsg, key) + case "roleAssignmentScheduleRequestId": + err = unpopulate(val, "RoleAssignmentScheduleRequestID", &r.RoleAssignmentScheduleRequestID) + delete(rawMsg, key) + case "roleDefinitionId": + err = unpopulate(val, "RoleDefinitionID", &r.RoleDefinitionID) + delete(rawMsg, key) + case "scope": + err = unpopulate(val, "Scope", &r.Scope) + delete(rawMsg, key) + case "startDateTime": + err = unpopulateDateTimeRFC3339(val, "StartDateTime", &r.StartDateTime) + delete(rawMsg, key) + case "status": + err = unpopulate(val, "Status", &r.Status) + delete(rawMsg, key) + case "updatedOn": + err = unpopulateDateTimeRFC3339(val, "UpdatedOn", &r.UpdatedOn) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type RoleAssignmentScheduleRequest. +func (r RoleAssignmentScheduleRequest) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "id", r.ID) + populate(objectMap, "name", r.Name) + populate(objectMap, "properties", r.Properties) + populate(objectMap, "type", r.Type) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type RoleAssignmentScheduleRequest. +func (r *RoleAssignmentScheduleRequest) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "id": + err = unpopulate(val, "ID", &r.ID) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &r.Name) + delete(rawMsg, key) + case "properties": + err = unpopulate(val, "Properties", &r.Properties) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &r.Type) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type RoleAssignmentScheduleRequestFilter. +func (r RoleAssignmentScheduleRequestFilter) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "principalId", r.PrincipalID) + populate(objectMap, "requestorId", r.RequestorID) + populate(objectMap, "roleDefinitionId", r.RoleDefinitionID) + populate(objectMap, "status", r.Status) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type RoleAssignmentScheduleRequestFilter. +func (r *RoleAssignmentScheduleRequestFilter) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "principalId": + err = unpopulate(val, "PrincipalID", &r.PrincipalID) + delete(rawMsg, key) + case "requestorId": + err = unpopulate(val, "RequestorID", &r.RequestorID) + delete(rawMsg, key) + case "roleDefinitionId": + err = unpopulate(val, "RoleDefinitionID", &r.RoleDefinitionID) + delete(rawMsg, key) + case "status": + err = unpopulate(val, "Status", &r.Status) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type RoleAssignmentScheduleRequestListResult. +func (r RoleAssignmentScheduleRequestListResult) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "nextLink", r.NextLink) + populate(objectMap, "value", r.Value) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type RoleAssignmentScheduleRequestListResult. +func (r *RoleAssignmentScheduleRequestListResult) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "nextLink": + err = unpopulate(val, "NextLink", &r.NextLink) + delete(rawMsg, key) + case "value": + err = unpopulate(val, "Value", &r.Value) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type RoleAssignmentScheduleRequestProperties. +func (r RoleAssignmentScheduleRequestProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "approvalId", r.ApprovalID) + populate(objectMap, "condition", r.Condition) + populate(objectMap, "conditionVersion", r.ConditionVersion) + populateDateTimeRFC3339(objectMap, "createdOn", r.CreatedOn) + populate(objectMap, "expandedProperties", r.ExpandedProperties) + populate(objectMap, "justification", r.Justification) + populate(objectMap, "linkedRoleEligibilityScheduleId", r.LinkedRoleEligibilityScheduleID) + populate(objectMap, "principalId", r.PrincipalID) + populate(objectMap, "principalType", r.PrincipalType) + populate(objectMap, "requestType", r.RequestType) + populate(objectMap, "requestorId", r.RequestorID) + populate(objectMap, "roleDefinitionId", r.RoleDefinitionID) + populate(objectMap, "scheduleInfo", r.ScheduleInfo) + populate(objectMap, "scope", r.Scope) + populate(objectMap, "status", r.Status) + populate(objectMap, "targetRoleAssignmentScheduleId", r.TargetRoleAssignmentScheduleID) + populate(objectMap, "targetRoleAssignmentScheduleInstanceId", r.TargetRoleAssignmentScheduleInstanceID) + populate(objectMap, "ticketInfo", r.TicketInfo) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type RoleAssignmentScheduleRequestProperties. +func (r *RoleAssignmentScheduleRequestProperties) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "approvalId": + err = unpopulate(val, "ApprovalID", &r.ApprovalID) + delete(rawMsg, key) + case "condition": + err = unpopulate(val, "Condition", &r.Condition) + delete(rawMsg, key) + case "conditionVersion": + err = unpopulate(val, "ConditionVersion", &r.ConditionVersion) + delete(rawMsg, key) + case "createdOn": + err = unpopulateDateTimeRFC3339(val, "CreatedOn", &r.CreatedOn) + delete(rawMsg, key) + case "expandedProperties": + err = unpopulate(val, "ExpandedProperties", &r.ExpandedProperties) + delete(rawMsg, key) + case "justification": + err = unpopulate(val, "Justification", &r.Justification) + delete(rawMsg, key) + case "linkedRoleEligibilityScheduleId": + err = unpopulate(val, "LinkedRoleEligibilityScheduleID", &r.LinkedRoleEligibilityScheduleID) + delete(rawMsg, key) + case "principalId": + err = unpopulate(val, "PrincipalID", &r.PrincipalID) + delete(rawMsg, key) + case "principalType": + err = unpopulate(val, "PrincipalType", &r.PrincipalType) + delete(rawMsg, key) + case "requestType": + err = unpopulate(val, "RequestType", &r.RequestType) + delete(rawMsg, key) + case "requestorId": + err = unpopulate(val, "RequestorID", &r.RequestorID) + delete(rawMsg, key) + case "roleDefinitionId": + err = unpopulate(val, "RoleDefinitionID", &r.RoleDefinitionID) + delete(rawMsg, key) + case "scheduleInfo": + err = unpopulate(val, "ScheduleInfo", &r.ScheduleInfo) + delete(rawMsg, key) + case "scope": + err = unpopulate(val, "Scope", &r.Scope) + delete(rawMsg, key) + case "status": + err = unpopulate(val, "Status", &r.Status) + delete(rawMsg, key) + case "targetRoleAssignmentScheduleId": + err = unpopulate(val, "TargetRoleAssignmentScheduleID", &r.TargetRoleAssignmentScheduleID) + delete(rawMsg, key) + case "targetRoleAssignmentScheduleInstanceId": + err = unpopulate(val, "TargetRoleAssignmentScheduleInstanceID", &r.TargetRoleAssignmentScheduleInstanceID) + delete(rawMsg, key) + case "ticketInfo": + err = unpopulate(val, "TicketInfo", &r.TicketInfo) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type RoleAssignmentScheduleRequestPropertiesScheduleInfo. +func (r RoleAssignmentScheduleRequestPropertiesScheduleInfo) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "expiration", r.Expiration) + populateDateTimeRFC3339(objectMap, "startDateTime", r.StartDateTime) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type RoleAssignmentScheduleRequestPropertiesScheduleInfo. +func (r *RoleAssignmentScheduleRequestPropertiesScheduleInfo) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "expiration": + err = unpopulate(val, "Expiration", &r.Expiration) + delete(rawMsg, key) + case "startDateTime": + err = unpopulateDateTimeRFC3339(val, "StartDateTime", &r.StartDateTime) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type RoleAssignmentScheduleRequestPropertiesScheduleInfoExpiration. +func (r RoleAssignmentScheduleRequestPropertiesScheduleInfoExpiration) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "duration", r.Duration) + populateDateTimeRFC3339(objectMap, "endDateTime", r.EndDateTime) + populate(objectMap, "type", r.Type) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type RoleAssignmentScheduleRequestPropertiesScheduleInfoExpiration. +func (r *RoleAssignmentScheduleRequestPropertiesScheduleInfoExpiration) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "duration": + err = unpopulate(val, "Duration", &r.Duration) + delete(rawMsg, key) + case "endDateTime": + err = unpopulateDateTimeRFC3339(val, "EndDateTime", &r.EndDateTime) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &r.Type) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type RoleAssignmentScheduleRequestPropertiesTicketInfo. +func (r RoleAssignmentScheduleRequestPropertiesTicketInfo) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "ticketNumber", r.TicketNumber) + populate(objectMap, "ticketSystem", r.TicketSystem) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type RoleAssignmentScheduleRequestPropertiesTicketInfo. +func (r *RoleAssignmentScheduleRequestPropertiesTicketInfo) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "ticketNumber": + err = unpopulate(val, "TicketNumber", &r.TicketNumber) + delete(rawMsg, key) + case "ticketSystem": + err = unpopulate(val, "TicketSystem", &r.TicketSystem) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type RoleDefinition. +func (r RoleDefinition) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "id", r.ID) + populate(objectMap, "name", r.Name) + populate(objectMap, "properties", r.Properties) + populate(objectMap, "type", r.Type) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type RoleDefinition. +func (r *RoleDefinition) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "id": + err = unpopulate(val, "ID", &r.ID) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &r.Name) + delete(rawMsg, key) + case "properties": + err = unpopulate(val, "Properties", &r.Properties) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &r.Type) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type RoleDefinitionFilter. +func (r RoleDefinitionFilter) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "roleName", r.RoleName) + populate(objectMap, "type", r.Type) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type RoleDefinitionFilter. +func (r *RoleDefinitionFilter) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "roleName": + err = unpopulate(val, "RoleName", &r.RoleName) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &r.Type) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type RoleDefinitionListResult. +func (r RoleDefinitionListResult) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "nextLink", r.NextLink) + populate(objectMap, "value", r.Value) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type RoleDefinitionListResult. +func (r *RoleDefinitionListResult) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "nextLink": + err = unpopulate(val, "NextLink", &r.NextLink) + delete(rawMsg, key) + case "value": + err = unpopulate(val, "Value", &r.Value) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type RoleDefinitionProperties. +func (r RoleDefinitionProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "assignableScopes", r.AssignableScopes) + populate(objectMap, "createdBy", r.CreatedBy) + populateDateTimeRFC3339(objectMap, "createdOn", r.CreatedOn) + populate(objectMap, "description", r.Description) + populate(objectMap, "permissions", r.Permissions) + populate(objectMap, "roleName", r.RoleName) + populate(objectMap, "type", r.RoleType) + populate(objectMap, "updatedBy", r.UpdatedBy) + populateDateTimeRFC3339(objectMap, "updatedOn", r.UpdatedOn) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type RoleDefinitionProperties. +func (r *RoleDefinitionProperties) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "assignableScopes": + err = unpopulate(val, "AssignableScopes", &r.AssignableScopes) + delete(rawMsg, key) + case "createdBy": + err = unpopulate(val, "CreatedBy", &r.CreatedBy) + delete(rawMsg, key) + case "createdOn": + err = unpopulateDateTimeRFC3339(val, "CreatedOn", &r.CreatedOn) + delete(rawMsg, key) + case "description": + err = unpopulate(val, "Description", &r.Description) + delete(rawMsg, key) + case "permissions": + err = unpopulate(val, "Permissions", &r.Permissions) + delete(rawMsg, key) + case "roleName": + err = unpopulate(val, "RoleName", &r.RoleName) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "RoleType", &r.RoleType) + delete(rawMsg, key) + case "updatedBy": + err = unpopulate(val, "UpdatedBy", &r.UpdatedBy) + delete(rawMsg, key) + case "updatedOn": + err = unpopulateDateTimeRFC3339(val, "UpdatedOn", &r.UpdatedOn) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type RoleEligibilitySchedule. +func (r RoleEligibilitySchedule) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "id", r.ID) + populate(objectMap, "name", r.Name) + populate(objectMap, "properties", r.Properties) + populate(objectMap, "type", r.Type) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type RoleEligibilitySchedule. +func (r *RoleEligibilitySchedule) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "id": + err = unpopulate(val, "ID", &r.ID) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &r.Name) + delete(rawMsg, key) + case "properties": + err = unpopulate(val, "Properties", &r.Properties) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &r.Type) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type RoleEligibilityScheduleFilter. +func (r RoleEligibilityScheduleFilter) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "principalId", r.PrincipalID) + populate(objectMap, "roleDefinitionId", r.RoleDefinitionID) + populate(objectMap, "status", r.Status) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type RoleEligibilityScheduleFilter. +func (r *RoleEligibilityScheduleFilter) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "principalId": + err = unpopulate(val, "PrincipalID", &r.PrincipalID) + delete(rawMsg, key) + case "roleDefinitionId": + err = unpopulate(val, "RoleDefinitionID", &r.RoleDefinitionID) + delete(rawMsg, key) + case "status": + err = unpopulate(val, "Status", &r.Status) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type RoleEligibilityScheduleInstance. +func (r RoleEligibilityScheduleInstance) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "id", r.ID) + populate(objectMap, "name", r.Name) + populate(objectMap, "properties", r.Properties) + populate(objectMap, "type", r.Type) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type RoleEligibilityScheduleInstance. +func (r *RoleEligibilityScheduleInstance) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "id": + err = unpopulate(val, "ID", &r.ID) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &r.Name) + delete(rawMsg, key) + case "properties": + err = unpopulate(val, "Properties", &r.Properties) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &r.Type) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type RoleEligibilityScheduleInstanceFilter. +func (r RoleEligibilityScheduleInstanceFilter) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "principalId", r.PrincipalID) + populate(objectMap, "roleDefinitionId", r.RoleDefinitionID) + populate(objectMap, "roleEligibilityScheduleId", r.RoleEligibilityScheduleID) + populate(objectMap, "status", r.Status) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type RoleEligibilityScheduleInstanceFilter. +func (r *RoleEligibilityScheduleInstanceFilter) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "principalId": + err = unpopulate(val, "PrincipalID", &r.PrincipalID) + delete(rawMsg, key) + case "roleDefinitionId": + err = unpopulate(val, "RoleDefinitionID", &r.RoleDefinitionID) + delete(rawMsg, key) + case "roleEligibilityScheduleId": + err = unpopulate(val, "RoleEligibilityScheduleID", &r.RoleEligibilityScheduleID) + delete(rawMsg, key) + case "status": + err = unpopulate(val, "Status", &r.Status) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type RoleEligibilityScheduleInstanceListResult. +func (r RoleEligibilityScheduleInstanceListResult) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "nextLink", r.NextLink) + populate(objectMap, "value", r.Value) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type RoleEligibilityScheduleInstanceListResult. +func (r *RoleEligibilityScheduleInstanceListResult) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "nextLink": + err = unpopulate(val, "NextLink", &r.NextLink) + delete(rawMsg, key) + case "value": + err = unpopulate(val, "Value", &r.Value) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type RoleEligibilityScheduleInstanceProperties. +func (r RoleEligibilityScheduleInstanceProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "condition", r.Condition) + populate(objectMap, "conditionVersion", r.ConditionVersion) + populateDateTimeRFC3339(objectMap, "createdOn", r.CreatedOn) + populateDateTimeRFC3339(objectMap, "endDateTime", r.EndDateTime) + populate(objectMap, "expandedProperties", r.ExpandedProperties) + populate(objectMap, "memberType", r.MemberType) + populate(objectMap, "principalId", r.PrincipalID) + populate(objectMap, "principalType", r.PrincipalType) + populate(objectMap, "roleDefinitionId", r.RoleDefinitionID) + populate(objectMap, "roleEligibilityScheduleId", r.RoleEligibilityScheduleID) + populate(objectMap, "scope", r.Scope) + populateDateTimeRFC3339(objectMap, "startDateTime", r.StartDateTime) + populate(objectMap, "status", r.Status) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type RoleEligibilityScheduleInstanceProperties. +func (r *RoleEligibilityScheduleInstanceProperties) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "condition": + err = unpopulate(val, "Condition", &r.Condition) + delete(rawMsg, key) + case "conditionVersion": + err = unpopulate(val, "ConditionVersion", &r.ConditionVersion) + delete(rawMsg, key) + case "createdOn": + err = unpopulateDateTimeRFC3339(val, "CreatedOn", &r.CreatedOn) + delete(rawMsg, key) + case "endDateTime": + err = unpopulateDateTimeRFC3339(val, "EndDateTime", &r.EndDateTime) + delete(rawMsg, key) + case "expandedProperties": + err = unpopulate(val, "ExpandedProperties", &r.ExpandedProperties) + delete(rawMsg, key) + case "memberType": + err = unpopulate(val, "MemberType", &r.MemberType) + delete(rawMsg, key) + case "principalId": + err = unpopulate(val, "PrincipalID", &r.PrincipalID) + delete(rawMsg, key) + case "principalType": + err = unpopulate(val, "PrincipalType", &r.PrincipalType) + delete(rawMsg, key) + case "roleDefinitionId": + err = unpopulate(val, "RoleDefinitionID", &r.RoleDefinitionID) + delete(rawMsg, key) + case "roleEligibilityScheduleId": + err = unpopulate(val, "RoleEligibilityScheduleID", &r.RoleEligibilityScheduleID) + delete(rawMsg, key) + case "scope": + err = unpopulate(val, "Scope", &r.Scope) + delete(rawMsg, key) + case "startDateTime": + err = unpopulateDateTimeRFC3339(val, "StartDateTime", &r.StartDateTime) + delete(rawMsg, key) + case "status": + err = unpopulate(val, "Status", &r.Status) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type RoleEligibilityScheduleListResult. +func (r RoleEligibilityScheduleListResult) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "nextLink", r.NextLink) + populate(objectMap, "value", r.Value) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type RoleEligibilityScheduleListResult. +func (r *RoleEligibilityScheduleListResult) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "nextLink": + err = unpopulate(val, "NextLink", &r.NextLink) + delete(rawMsg, key) + case "value": + err = unpopulate(val, "Value", &r.Value) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type RoleEligibilityScheduleProperties. +func (r RoleEligibilityScheduleProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "condition", r.Condition) + populate(objectMap, "conditionVersion", r.ConditionVersion) + populateDateTimeRFC3339(objectMap, "createdOn", r.CreatedOn) + populateDateTimeRFC3339(objectMap, "endDateTime", r.EndDateTime) + populate(objectMap, "expandedProperties", r.ExpandedProperties) + populate(objectMap, "memberType", r.MemberType) + populate(objectMap, "principalId", r.PrincipalID) + populate(objectMap, "principalType", r.PrincipalType) + populate(objectMap, "roleDefinitionId", r.RoleDefinitionID) + populate(objectMap, "roleEligibilityScheduleRequestId", r.RoleEligibilityScheduleRequestID) + populate(objectMap, "scope", r.Scope) + populateDateTimeRFC3339(objectMap, "startDateTime", r.StartDateTime) + populate(objectMap, "status", r.Status) + populateDateTimeRFC3339(objectMap, "updatedOn", r.UpdatedOn) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type RoleEligibilityScheduleProperties. +func (r *RoleEligibilityScheduleProperties) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "condition": + err = unpopulate(val, "Condition", &r.Condition) + delete(rawMsg, key) + case "conditionVersion": + err = unpopulate(val, "ConditionVersion", &r.ConditionVersion) + delete(rawMsg, key) + case "createdOn": + err = unpopulateDateTimeRFC3339(val, "CreatedOn", &r.CreatedOn) + delete(rawMsg, key) + case "endDateTime": + err = unpopulateDateTimeRFC3339(val, "EndDateTime", &r.EndDateTime) + delete(rawMsg, key) + case "expandedProperties": + err = unpopulate(val, "ExpandedProperties", &r.ExpandedProperties) + delete(rawMsg, key) + case "memberType": + err = unpopulate(val, "MemberType", &r.MemberType) + delete(rawMsg, key) + case "principalId": + err = unpopulate(val, "PrincipalID", &r.PrincipalID) + delete(rawMsg, key) + case "principalType": + err = unpopulate(val, "PrincipalType", &r.PrincipalType) + delete(rawMsg, key) + case "roleDefinitionId": + err = unpopulate(val, "RoleDefinitionID", &r.RoleDefinitionID) + delete(rawMsg, key) + case "roleEligibilityScheduleRequestId": + err = unpopulate(val, "RoleEligibilityScheduleRequestID", &r.RoleEligibilityScheduleRequestID) + delete(rawMsg, key) + case "scope": + err = unpopulate(val, "Scope", &r.Scope) + delete(rawMsg, key) + case "startDateTime": + err = unpopulateDateTimeRFC3339(val, "StartDateTime", &r.StartDateTime) + delete(rawMsg, key) + case "status": + err = unpopulate(val, "Status", &r.Status) + delete(rawMsg, key) + case "updatedOn": + err = unpopulateDateTimeRFC3339(val, "UpdatedOn", &r.UpdatedOn) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type RoleEligibilityScheduleRequest. +func (r RoleEligibilityScheduleRequest) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "id", r.ID) + populate(objectMap, "name", r.Name) + populate(objectMap, "properties", r.Properties) + populate(objectMap, "type", r.Type) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type RoleEligibilityScheduleRequest. +func (r *RoleEligibilityScheduleRequest) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "id": + err = unpopulate(val, "ID", &r.ID) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &r.Name) + delete(rawMsg, key) + case "properties": + err = unpopulate(val, "Properties", &r.Properties) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &r.Type) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type RoleEligibilityScheduleRequestFilter. +func (r RoleEligibilityScheduleRequestFilter) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "principalId", r.PrincipalID) + populate(objectMap, "requestorId", r.RequestorID) + populate(objectMap, "roleDefinitionId", r.RoleDefinitionID) + populate(objectMap, "status", r.Status) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type RoleEligibilityScheduleRequestFilter. +func (r *RoleEligibilityScheduleRequestFilter) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "principalId": + err = unpopulate(val, "PrincipalID", &r.PrincipalID) + delete(rawMsg, key) + case "requestorId": + err = unpopulate(val, "RequestorID", &r.RequestorID) + delete(rawMsg, key) + case "roleDefinitionId": + err = unpopulate(val, "RoleDefinitionID", &r.RoleDefinitionID) + delete(rawMsg, key) + case "status": + err = unpopulate(val, "Status", &r.Status) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type RoleEligibilityScheduleRequestListResult. +func (r RoleEligibilityScheduleRequestListResult) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "nextLink", r.NextLink) + populate(objectMap, "value", r.Value) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type RoleEligibilityScheduleRequestListResult. +func (r *RoleEligibilityScheduleRequestListResult) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "nextLink": + err = unpopulate(val, "NextLink", &r.NextLink) + delete(rawMsg, key) + case "value": + err = unpopulate(val, "Value", &r.Value) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type RoleEligibilityScheduleRequestProperties. +func (r RoleEligibilityScheduleRequestProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "approvalId", r.ApprovalID) + populate(objectMap, "condition", r.Condition) + populate(objectMap, "conditionVersion", r.ConditionVersion) + populateDateTimeRFC3339(objectMap, "createdOn", r.CreatedOn) + populate(objectMap, "expandedProperties", r.ExpandedProperties) + populate(objectMap, "justification", r.Justification) + populate(objectMap, "principalId", r.PrincipalID) + populate(objectMap, "principalType", r.PrincipalType) + populate(objectMap, "requestType", r.RequestType) + populate(objectMap, "requestorId", r.RequestorID) + populate(objectMap, "roleDefinitionId", r.RoleDefinitionID) + populate(objectMap, "scheduleInfo", r.ScheduleInfo) + populate(objectMap, "scope", r.Scope) + populate(objectMap, "status", r.Status) + populate(objectMap, "targetRoleEligibilityScheduleId", r.TargetRoleEligibilityScheduleID) + populate(objectMap, "targetRoleEligibilityScheduleInstanceId", r.TargetRoleEligibilityScheduleInstanceID) + populate(objectMap, "ticketInfo", r.TicketInfo) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type RoleEligibilityScheduleRequestProperties. +func (r *RoleEligibilityScheduleRequestProperties) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "approvalId": + err = unpopulate(val, "ApprovalID", &r.ApprovalID) + delete(rawMsg, key) + case "condition": + err = unpopulate(val, "Condition", &r.Condition) + delete(rawMsg, key) + case "conditionVersion": + err = unpopulate(val, "ConditionVersion", &r.ConditionVersion) + delete(rawMsg, key) + case "createdOn": + err = unpopulateDateTimeRFC3339(val, "CreatedOn", &r.CreatedOn) + delete(rawMsg, key) + case "expandedProperties": + err = unpopulate(val, "ExpandedProperties", &r.ExpandedProperties) + delete(rawMsg, key) + case "justification": + err = unpopulate(val, "Justification", &r.Justification) + delete(rawMsg, key) + case "principalId": + err = unpopulate(val, "PrincipalID", &r.PrincipalID) + delete(rawMsg, key) + case "principalType": + err = unpopulate(val, "PrincipalType", &r.PrincipalType) + delete(rawMsg, key) + case "requestType": + err = unpopulate(val, "RequestType", &r.RequestType) + delete(rawMsg, key) + case "requestorId": + err = unpopulate(val, "RequestorID", &r.RequestorID) + delete(rawMsg, key) + case "roleDefinitionId": + err = unpopulate(val, "RoleDefinitionID", &r.RoleDefinitionID) + delete(rawMsg, key) + case "scheduleInfo": + err = unpopulate(val, "ScheduleInfo", &r.ScheduleInfo) + delete(rawMsg, key) + case "scope": + err = unpopulate(val, "Scope", &r.Scope) + delete(rawMsg, key) + case "status": + err = unpopulate(val, "Status", &r.Status) + delete(rawMsg, key) + case "targetRoleEligibilityScheduleId": + err = unpopulate(val, "TargetRoleEligibilityScheduleID", &r.TargetRoleEligibilityScheduleID) + delete(rawMsg, key) + case "targetRoleEligibilityScheduleInstanceId": + err = unpopulate(val, "TargetRoleEligibilityScheduleInstanceID", &r.TargetRoleEligibilityScheduleInstanceID) + delete(rawMsg, key) + case "ticketInfo": + err = unpopulate(val, "TicketInfo", &r.TicketInfo) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type RoleEligibilityScheduleRequestPropertiesScheduleInfo. +func (r RoleEligibilityScheduleRequestPropertiesScheduleInfo) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "expiration", r.Expiration) + populateDateTimeRFC3339(objectMap, "startDateTime", r.StartDateTime) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type RoleEligibilityScheduleRequestPropertiesScheduleInfo. +func (r *RoleEligibilityScheduleRequestPropertiesScheduleInfo) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "expiration": + err = unpopulate(val, "Expiration", &r.Expiration) + delete(rawMsg, key) + case "startDateTime": + err = unpopulateDateTimeRFC3339(val, "StartDateTime", &r.StartDateTime) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type RoleEligibilityScheduleRequestPropertiesScheduleInfoExpiration. +func (r RoleEligibilityScheduleRequestPropertiesScheduleInfoExpiration) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "duration", r.Duration) + populateDateTimeRFC3339(objectMap, "endDateTime", r.EndDateTime) + populate(objectMap, "type", r.Type) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type RoleEligibilityScheduleRequestPropertiesScheduleInfoExpiration. +func (r *RoleEligibilityScheduleRequestPropertiesScheduleInfoExpiration) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "duration": + err = unpopulate(val, "Duration", &r.Duration) + delete(rawMsg, key) + case "endDateTime": + err = unpopulateDateTimeRFC3339(val, "EndDateTime", &r.EndDateTime) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &r.Type) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type RoleEligibilityScheduleRequestPropertiesTicketInfo. +func (r RoleEligibilityScheduleRequestPropertiesTicketInfo) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "ticketNumber", r.TicketNumber) + populate(objectMap, "ticketSystem", r.TicketSystem) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type RoleEligibilityScheduleRequestPropertiesTicketInfo. +func (r *RoleEligibilityScheduleRequestPropertiesTicketInfo) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "ticketNumber": + err = unpopulate(val, "TicketNumber", &r.TicketNumber) + delete(rawMsg, key) + case "ticketSystem": + err = unpopulate(val, "TicketSystem", &r.TicketSystem) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type RoleManagementPolicy. +func (r RoleManagementPolicy) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "id", r.ID) + populate(objectMap, "name", r.Name) + populate(objectMap, "properties", r.Properties) + populate(objectMap, "type", r.Type) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type RoleManagementPolicy. +func (r *RoleManagementPolicy) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "id": + err = unpopulate(val, "ID", &r.ID) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &r.Name) + delete(rawMsg, key) + case "properties": + err = unpopulate(val, "Properties", &r.Properties) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &r.Type) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type RoleManagementPolicyApprovalRule. +func (r RoleManagementPolicyApprovalRule) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "id", r.ID) + objectMap["ruleType"] = RoleManagementPolicyRuleTypeRoleManagementPolicyApprovalRule + populate(objectMap, "setting", r.Setting) + populate(objectMap, "target", r.Target) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type RoleManagementPolicyApprovalRule. +func (r *RoleManagementPolicyApprovalRule) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "id": + err = unpopulate(val, "ID", &r.ID) + delete(rawMsg, key) + case "ruleType": + err = unpopulate(val, "RuleType", &r.RuleType) + delete(rawMsg, key) + case "setting": + err = unpopulate(val, "Setting", &r.Setting) + delete(rawMsg, key) + case "target": + err = unpopulate(val, "Target", &r.Target) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type RoleManagementPolicyAssignment. +func (r RoleManagementPolicyAssignment) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "id", r.ID) + populate(objectMap, "name", r.Name) + populate(objectMap, "properties", r.Properties) + populate(objectMap, "type", r.Type) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type RoleManagementPolicyAssignment. +func (r *RoleManagementPolicyAssignment) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "id": + err = unpopulate(val, "ID", &r.ID) + delete(rawMsg, key) + case "name": + err = unpopulate(val, "Name", &r.Name) + delete(rawMsg, key) + case "properties": + err = unpopulate(val, "Properties", &r.Properties) + delete(rawMsg, key) + case "type": + err = unpopulate(val, "Type", &r.Type) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type RoleManagementPolicyAssignmentListResult. +func (r RoleManagementPolicyAssignmentListResult) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "nextLink", r.NextLink) + populate(objectMap, "value", r.Value) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type RoleManagementPolicyAssignmentListResult. +func (r *RoleManagementPolicyAssignmentListResult) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "nextLink": + err = unpopulate(val, "NextLink", &r.NextLink) + delete(rawMsg, key) + case "value": + err = unpopulate(val, "Value", &r.Value) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type RoleManagementPolicyAssignmentProperties. +func (r RoleManagementPolicyAssignmentProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "policyAssignmentProperties", r.PolicyAssignmentProperties) + populate(objectMap, "policyId", r.PolicyID) + populate(objectMap, "roleDefinitionId", r.RoleDefinitionID) + populate(objectMap, "scope", r.Scope) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type RoleManagementPolicyAssignmentProperties. +func (r *RoleManagementPolicyAssignmentProperties) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "policyAssignmentProperties": + err = unpopulate(val, "PolicyAssignmentProperties", &r.PolicyAssignmentProperties) + delete(rawMsg, key) + case "policyId": + err = unpopulate(val, "PolicyID", &r.PolicyID) + delete(rawMsg, key) + case "roleDefinitionId": + err = unpopulate(val, "RoleDefinitionID", &r.RoleDefinitionID) + delete(rawMsg, key) + case "scope": + err = unpopulate(val, "Scope", &r.Scope) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type RoleManagementPolicyAuthenticationContextRule. +func (r RoleManagementPolicyAuthenticationContextRule) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "claimValue", r.ClaimValue) + populate(objectMap, "id", r.ID) + populate(objectMap, "isEnabled", r.IsEnabled) + objectMap["ruleType"] = RoleManagementPolicyRuleTypeRoleManagementPolicyAuthenticationContextRule + populate(objectMap, "target", r.Target) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type RoleManagementPolicyAuthenticationContextRule. +func (r *RoleManagementPolicyAuthenticationContextRule) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "claimValue": + err = unpopulate(val, "ClaimValue", &r.ClaimValue) + delete(rawMsg, key) + case "id": + err = unpopulate(val, "ID", &r.ID) + delete(rawMsg, key) + case "isEnabled": + err = unpopulate(val, "IsEnabled", &r.IsEnabled) + delete(rawMsg, key) + case "ruleType": + err = unpopulate(val, "RuleType", &r.RuleType) + delete(rawMsg, key) + case "target": + err = unpopulate(val, "Target", &r.Target) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type RoleManagementPolicyEnablementRule. +func (r RoleManagementPolicyEnablementRule) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "enabledRules", r.EnabledRules) + populate(objectMap, "id", r.ID) + objectMap["ruleType"] = RoleManagementPolicyRuleTypeRoleManagementPolicyEnablementRule + populate(objectMap, "target", r.Target) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type RoleManagementPolicyEnablementRule. +func (r *RoleManagementPolicyEnablementRule) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "enabledRules": + err = unpopulate(val, "EnabledRules", &r.EnabledRules) + delete(rawMsg, key) + case "id": + err = unpopulate(val, "ID", &r.ID) + delete(rawMsg, key) + case "ruleType": + err = unpopulate(val, "RuleType", &r.RuleType) + delete(rawMsg, key) + case "target": + err = unpopulate(val, "Target", &r.Target) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type RoleManagementPolicyExpirationRule. +func (r RoleManagementPolicyExpirationRule) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "id", r.ID) + populate(objectMap, "isExpirationRequired", r.IsExpirationRequired) + populate(objectMap, "maximumDuration", r.MaximumDuration) + objectMap["ruleType"] = RoleManagementPolicyRuleTypeRoleManagementPolicyExpirationRule + populate(objectMap, "target", r.Target) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type RoleManagementPolicyExpirationRule. +func (r *RoleManagementPolicyExpirationRule) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "id": + err = unpopulate(val, "ID", &r.ID) + delete(rawMsg, key) + case "isExpirationRequired": + err = unpopulate(val, "IsExpirationRequired", &r.IsExpirationRequired) + delete(rawMsg, key) + case "maximumDuration": + err = unpopulate(val, "MaximumDuration", &r.MaximumDuration) + delete(rawMsg, key) + case "ruleType": + err = unpopulate(val, "RuleType", &r.RuleType) + delete(rawMsg, key) + case "target": + err = unpopulate(val, "Target", &r.Target) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type RoleManagementPolicyListResult. +func (r RoleManagementPolicyListResult) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "nextLink", r.NextLink) + populate(objectMap, "value", r.Value) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type RoleManagementPolicyListResult. +func (r *RoleManagementPolicyListResult) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "nextLink": + err = unpopulate(val, "NextLink", &r.NextLink) + delete(rawMsg, key) + case "value": + err = unpopulate(val, "Value", &r.Value) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type RoleManagementPolicyNotificationRule. +func (r RoleManagementPolicyNotificationRule) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "id", r.ID) + populate(objectMap, "isDefaultRecipientsEnabled", r.IsDefaultRecipientsEnabled) + populate(objectMap, "notificationLevel", r.NotificationLevel) + populate(objectMap, "notificationRecipients", r.NotificationRecipients) + populate(objectMap, "notificationType", r.NotificationType) + populate(objectMap, "recipientType", r.RecipientType) + objectMap["ruleType"] = RoleManagementPolicyRuleTypeRoleManagementPolicyNotificationRule + populate(objectMap, "target", r.Target) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type RoleManagementPolicyNotificationRule. +func (r *RoleManagementPolicyNotificationRule) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "id": + err = unpopulate(val, "ID", &r.ID) + delete(rawMsg, key) + case "isDefaultRecipientsEnabled": + err = unpopulate(val, "IsDefaultRecipientsEnabled", &r.IsDefaultRecipientsEnabled) + delete(rawMsg, key) + case "notificationLevel": + err = unpopulate(val, "NotificationLevel", &r.NotificationLevel) + delete(rawMsg, key) + case "notificationRecipients": + err = unpopulate(val, "NotificationRecipients", &r.NotificationRecipients) + delete(rawMsg, key) + case "notificationType": + err = unpopulate(val, "NotificationType", &r.NotificationType) + delete(rawMsg, key) + case "recipientType": + err = unpopulate(val, "RecipientType", &r.RecipientType) + delete(rawMsg, key) + case "ruleType": + err = unpopulate(val, "RuleType", &r.RuleType) + delete(rawMsg, key) + case "target": + err = unpopulate(val, "Target", &r.Target) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type RoleManagementPolicyProperties. +func (r RoleManagementPolicyProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "description", r.Description) + populate(objectMap, "displayName", r.DisplayName) + populate(objectMap, "effectiveRules", r.EffectiveRules) + populate(objectMap, "isOrganizationDefault", r.IsOrganizationDefault) + populate(objectMap, "lastModifiedBy", r.LastModifiedBy) + populateDateTimeRFC3339(objectMap, "lastModifiedDateTime", r.LastModifiedDateTime) + populate(objectMap, "policyProperties", r.PolicyProperties) + populate(objectMap, "rules", r.Rules) + populate(objectMap, "scope", r.Scope) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type RoleManagementPolicyProperties. +func (r *RoleManagementPolicyProperties) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "description": + err = unpopulate(val, "Description", &r.Description) + delete(rawMsg, key) + case "displayName": + err = unpopulate(val, "DisplayName", &r.DisplayName) + delete(rawMsg, key) + case "effectiveRules": + r.EffectiveRules, err = unmarshalRoleManagementPolicyRuleClassificationArray(val) + delete(rawMsg, key) + case "isOrganizationDefault": + err = unpopulate(val, "IsOrganizationDefault", &r.IsOrganizationDefault) + delete(rawMsg, key) + case "lastModifiedBy": + err = unpopulate(val, "LastModifiedBy", &r.LastModifiedBy) + delete(rawMsg, key) + case "lastModifiedDateTime": + err = unpopulateDateTimeRFC3339(val, "LastModifiedDateTime", &r.LastModifiedDateTime) + delete(rawMsg, key) + case "policyProperties": + err = unpopulate(val, "PolicyProperties", &r.PolicyProperties) + delete(rawMsg, key) + case "rules": + r.Rules, err = unmarshalRoleManagementPolicyRuleClassificationArray(val) + delete(rawMsg, key) + case "scope": + err = unpopulate(val, "Scope", &r.Scope) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type RoleManagementPolicyRule. +func (r RoleManagementPolicyRule) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "id", r.ID) + objectMap["ruleType"] = r.RuleType + populate(objectMap, "target", r.Target) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type RoleManagementPolicyRule. +func (r *RoleManagementPolicyRule) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "id": + err = unpopulate(val, "ID", &r.ID) + delete(rawMsg, key) + case "ruleType": + err = unpopulate(val, "RuleType", &r.RuleType) + delete(rawMsg, key) + case "target": + err = unpopulate(val, "Target", &r.Target) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type RoleManagementPolicyRuleTarget. +func (r RoleManagementPolicyRuleTarget) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "caller", r.Caller) + populate(objectMap, "enforcedSettings", r.EnforcedSettings) + populate(objectMap, "inheritableSettings", r.InheritableSettings) + populate(objectMap, "level", r.Level) + populate(objectMap, "operations", r.Operations) + populate(objectMap, "targetObjects", r.TargetObjects) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type RoleManagementPolicyRuleTarget. +func (r *RoleManagementPolicyRuleTarget) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "caller": + err = unpopulate(val, "Caller", &r.Caller) + delete(rawMsg, key) + case "enforcedSettings": + err = unpopulate(val, "EnforcedSettings", &r.EnforcedSettings) + delete(rawMsg, key) + case "inheritableSettings": + err = unpopulate(val, "InheritableSettings", &r.InheritableSettings) + delete(rawMsg, key) + case "level": + err = unpopulate(val, "Level", &r.Level) + delete(rawMsg, key) + case "operations": + err = unpopulate(val, "Operations", &r.Operations) + delete(rawMsg, key) + case "targetObjects": + err = unpopulate(val, "TargetObjects", &r.TargetObjects) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", r, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type TooManyOwnersAssignedToResourceAlertConfigurationProperties. +func (t TooManyOwnersAssignedToResourceAlertConfigurationProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + objectMap["alertConfigurationType"] = "TooManyOwnersAssignedToResourceAlertConfiguration" + populate(objectMap, "alertDefinition", t.AlertDefinition) + populate(objectMap, "alertDefinitionId", t.AlertDefinitionID) + populate(objectMap, "isEnabled", t.IsEnabled) + populate(objectMap, "scope", t.Scope) + populate(objectMap, "thresholdNumberOfOwners", t.ThresholdNumberOfOwners) + populate(objectMap, "thresholdPercentageOfOwnersOutOfAllRoleMembers", t.ThresholdPercentageOfOwnersOutOfAllRoleMembers) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type TooManyOwnersAssignedToResourceAlertConfigurationProperties. +func (t *TooManyOwnersAssignedToResourceAlertConfigurationProperties) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", t, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "alertConfigurationType": + err = unpopulate(val, "AlertConfigurationType", &t.AlertConfigurationType) + delete(rawMsg, key) + case "alertDefinition": + err = unpopulate(val, "AlertDefinition", &t.AlertDefinition) + delete(rawMsg, key) + case "alertDefinitionId": + err = unpopulate(val, "AlertDefinitionID", &t.AlertDefinitionID) + delete(rawMsg, key) + case "isEnabled": + err = unpopulate(val, "IsEnabled", &t.IsEnabled) + delete(rawMsg, key) + case "scope": + err = unpopulate(val, "Scope", &t.Scope) + delete(rawMsg, key) + case "thresholdNumberOfOwners": + err = unpopulate(val, "ThresholdNumberOfOwners", &t.ThresholdNumberOfOwners) + delete(rawMsg, key) + case "thresholdPercentageOfOwnersOutOfAllRoleMembers": + err = unpopulate(val, "ThresholdPercentageOfOwnersOutOfAllRoleMembers", &t.ThresholdPercentageOfOwnersOutOfAllRoleMembers) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", t, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type TooManyOwnersAssignedToResourceAlertIncidentProperties. +func (t TooManyOwnersAssignedToResourceAlertIncidentProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + objectMap["alertIncidentType"] = "TooManyOwnersAssignedToResourceAlertIncident" + populate(objectMap, "assigneeName", t.AssigneeName) + populate(objectMap, "assigneeType", t.AssigneeType) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type TooManyOwnersAssignedToResourceAlertIncidentProperties. +func (t *TooManyOwnersAssignedToResourceAlertIncidentProperties) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", t, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "alertIncidentType": + err = unpopulate(val, "AlertIncidentType", &t.AlertIncidentType) + delete(rawMsg, key) + case "assigneeName": + err = unpopulate(val, "AssigneeName", &t.AssigneeName) + delete(rawMsg, key) + case "assigneeType": + err = unpopulate(val, "AssigneeType", &t.AssigneeType) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", t, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type TooManyPermanentOwnersAssignedToResourceAlertConfigurationProperties. +func (t TooManyPermanentOwnersAssignedToResourceAlertConfigurationProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + objectMap["alertConfigurationType"] = "TooManyPermanentOwnersAssignedToResourceAlertConfiguration" + populate(objectMap, "alertDefinition", t.AlertDefinition) + populate(objectMap, "alertDefinitionId", t.AlertDefinitionID) + populate(objectMap, "isEnabled", t.IsEnabled) + populate(objectMap, "scope", t.Scope) + populate(objectMap, "thresholdNumberOfPermanentOwners", t.ThresholdNumberOfPermanentOwners) + populate(objectMap, "thresholdPercentageOfPermanentOwnersOutOfAllOwners", t.ThresholdPercentageOfPermanentOwnersOutOfAllOwners) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type TooManyPermanentOwnersAssignedToResourceAlertConfigurationProperties. +func (t *TooManyPermanentOwnersAssignedToResourceAlertConfigurationProperties) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", t, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "alertConfigurationType": + err = unpopulate(val, "AlertConfigurationType", &t.AlertConfigurationType) + delete(rawMsg, key) + case "alertDefinition": + err = unpopulate(val, "AlertDefinition", &t.AlertDefinition) + delete(rawMsg, key) + case "alertDefinitionId": + err = unpopulate(val, "AlertDefinitionID", &t.AlertDefinitionID) + delete(rawMsg, key) + case "isEnabled": + err = unpopulate(val, "IsEnabled", &t.IsEnabled) + delete(rawMsg, key) + case "scope": + err = unpopulate(val, "Scope", &t.Scope) + delete(rawMsg, key) + case "thresholdNumberOfPermanentOwners": + err = unpopulate(val, "ThresholdNumberOfPermanentOwners", &t.ThresholdNumberOfPermanentOwners) + delete(rawMsg, key) + case "thresholdPercentageOfPermanentOwnersOutOfAllOwners": + err = unpopulate(val, "ThresholdPercentageOfPermanentOwnersOutOfAllOwners", &t.ThresholdPercentageOfPermanentOwnersOutOfAllOwners) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", t, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type TooManyPermanentOwnersAssignedToResourceAlertIncidentProperties. +func (t TooManyPermanentOwnersAssignedToResourceAlertIncidentProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + objectMap["alertIncidentType"] = "TooManyPermanentOwnersAssignedToResourceAlertIncident" + populate(objectMap, "assigneeName", t.AssigneeName) + populate(objectMap, "assigneeType", t.AssigneeType) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type TooManyPermanentOwnersAssignedToResourceAlertIncidentProperties. +func (t *TooManyPermanentOwnersAssignedToResourceAlertIncidentProperties) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", t, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "alertIncidentType": + err = unpopulate(val, "AlertIncidentType", &t.AlertIncidentType) + delete(rawMsg, key) + case "assigneeName": + err = unpopulate(val, "AssigneeName", &t.AssigneeName) + delete(rawMsg, key) + case "assigneeType": + err = unpopulate(val, "AssigneeType", &t.AssigneeType) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", t, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type UserSet. +func (u UserSet) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "description", u.Description) + populate(objectMap, "id", u.ID) + populate(objectMap, "isBackup", u.IsBackup) + populate(objectMap, "userType", u.UserType) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type UserSet. +func (u *UserSet) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", u, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "description": + err = unpopulate(val, "Description", &u.Description) + delete(rawMsg, key) + case "id": + err = unpopulate(val, "ID", &u.ID) + delete(rawMsg, key) + case "isBackup": + err = unpopulate(val, "IsBackup", &u.IsBackup) + delete(rawMsg, key) + case "userType": + err = unpopulate(val, "UserType", &u.UserType) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", u, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type ValidationResponse. +func (v ValidationResponse) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "errorInfo", v.ErrorInfo) + populate(objectMap, "isValid", v.IsValid) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type ValidationResponse. +func (v *ValidationResponse) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", v, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "errorInfo": + err = unpopulate(val, "ErrorInfo", &v.ErrorInfo) + delete(rawMsg, key) + case "isValid": + err = unpopulate(val, "IsValid", &v.IsValid) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", v, err) + } + } + return nil +} + +// MarshalJSON implements the json.Marshaller interface for type ValidationResponseErrorInfo. +func (v ValidationResponseErrorInfo) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]any) + populate(objectMap, "code", v.Code) + populate(objectMap, "message", v.Message) + return json.Marshal(objectMap) +} + +// UnmarshalJSON implements the json.Unmarshaller interface for type ValidationResponseErrorInfo. +func (v *ValidationResponseErrorInfo) UnmarshalJSON(data []byte) error { + var rawMsg map[string]json.RawMessage + if err := json.Unmarshal(data, &rawMsg); err != nil { + return fmt.Errorf("unmarshalling type %T: %v", v, err) + } + for key, val := range rawMsg { + var err error + switch key { + case "code": + err = unpopulate(val, "Code", &v.Code) + delete(rawMsg, key) + case "message": + err = unpopulate(val, "Message", &v.Message) + delete(rawMsg, key) + } + if err != nil { + return fmt.Errorf("unmarshalling type %T: %v", v, err) + } + } + return nil +} + +func populate(m map[string]any, k string, v any) { + if v == nil { + return + } else if azcore.IsNullValue(v) { + m[k] = nil + } else if !reflect.ValueOf(v).IsNil() { + m[k] = v + } +} + +func populateAny(m map[string]any, k string, v any) { + if v == nil { + return + } else if azcore.IsNullValue(v) { + m[k] = nil + } else { + m[k] = v + } +} + +func unpopulate(data json.RawMessage, fn string, v any) error { + if data == nil { + return nil + } + if err := json.Unmarshal(data, v); err != nil { + return fmt.Errorf("struct field %s: %v", fn, err) + } + return nil +} diff --git a/vendor/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3/operations_client.go b/vendor/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3/operations_client.go new file mode 100644 index 00000000000..54ea9d38d7a --- /dev/null +++ b/vendor/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3/operations_client.go @@ -0,0 +1,88 @@ +//go:build go1.18 +// +build go1.18 + +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package armauthorization + +import ( + "context" + "github.com/Azure/azure-sdk-for-go/sdk/azcore" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/arm" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/policy" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "net/http" +) + +// OperationsClient contains the methods for the Operations group. +// Don't use this type directly, use NewOperationsClient() instead. +type OperationsClient struct { + internal *arm.Client +} + +// NewOperationsClient creates a new instance of OperationsClient with the specified values. +// - credential - used to authorize requests. Usually a credential from azidentity. +// - options - pass nil to accept the default values. +func NewOperationsClient(credential azcore.TokenCredential, options *arm.ClientOptions) (*OperationsClient, error) { + cl, err := arm.NewClient(moduleName, moduleVersion, credential, options) + if err != nil { + return nil, err + } + client := &OperationsClient{ + internal: cl, + } + return client, nil +} + +// NewListPager - Lists the operations available from this provider. +// +// Generated from API version 2021-12-01-preview +// - options - OperationsClientListOptions contains the optional parameters for the OperationsClient.NewListPager method. +func (client *OperationsClient) NewListPager(options *OperationsClientListOptions) *runtime.Pager[OperationsClientListResponse] { + return runtime.NewPager(runtime.PagingHandler[OperationsClientListResponse]{ + More: func(page OperationsClientListResponse) bool { + return page.NextLink != nil && len(*page.NextLink) > 0 + }, + Fetcher: func(ctx context.Context, page *OperationsClientListResponse) (OperationsClientListResponse, error) { + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, "OperationsClient.NewListPager") + nextLink := "" + if page != nil { + nextLink = *page.NextLink + } + resp, err := runtime.FetcherForNextLink(ctx, client.internal.Pipeline(), nextLink, func(ctx context.Context) (*policy.Request, error) { + return client.listCreateRequest(ctx, options) + }, nil) + if err != nil { + return OperationsClientListResponse{}, err + } + return client.listHandleResponse(resp) + }, + Tracer: client.internal.Tracer(), + }) +} + +// listCreateRequest creates the List request. +func (client *OperationsClient) listCreateRequest(ctx context.Context, options *OperationsClientListOptions) (*policy.Request, error) { + urlPath := "/providers/Microsoft.Authorization/operations" + req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2021-12-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// listHandleResponse handles the List response. +func (client *OperationsClient) listHandleResponse(resp *http.Response) (OperationsClientListResponse, error) { + result := OperationsClientListResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.OperationListResult); err != nil { + return OperationsClientListResponse{}, err + } + return result, nil +} diff --git a/vendor/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3/options.go b/vendor/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3/options.go new file mode 100644 index 00000000000..4d8c08f58bb --- /dev/null +++ b/vendor/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3/options.go @@ -0,0 +1,851 @@ +//go:build go1.18 +// +build go1.18 + +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package armauthorization + +// AccessReviewDefaultSettingsClientGetOptions contains the optional parameters for the AccessReviewDefaultSettingsClient.Get +// method. +type AccessReviewDefaultSettingsClientGetOptions struct { + // placeholder for future optional parameters +} + +// AccessReviewDefaultSettingsClientPutOptions contains the optional parameters for the AccessReviewDefaultSettingsClient.Put +// method. +type AccessReviewDefaultSettingsClientPutOptions struct { + // placeholder for future optional parameters +} + +// AccessReviewHistoryDefinitionClientCreateOptions contains the optional parameters for the AccessReviewHistoryDefinitionClient.Create +// method. +type AccessReviewHistoryDefinitionClientCreateOptions struct { + // placeholder for future optional parameters +} + +// AccessReviewHistoryDefinitionClientDeleteByIDOptions contains the optional parameters for the AccessReviewHistoryDefinitionClient.DeleteByID +// method. +type AccessReviewHistoryDefinitionClientDeleteByIDOptions struct { + // placeholder for future optional parameters +} + +// AccessReviewHistoryDefinitionInstanceClientGenerateDownloadURIOptions contains the optional parameters for the AccessReviewHistoryDefinitionInstanceClient.GenerateDownloadURI +// method. +type AccessReviewHistoryDefinitionInstanceClientGenerateDownloadURIOptions struct { + // placeholder for future optional parameters +} + +// AccessReviewHistoryDefinitionInstancesClientListOptions contains the optional parameters for the AccessReviewHistoryDefinitionInstancesClient.NewListPager +// method. +type AccessReviewHistoryDefinitionInstancesClientListOptions struct { + // placeholder for future optional parameters +} + +// AccessReviewHistoryDefinitionsClientGetByIDOptions contains the optional parameters for the AccessReviewHistoryDefinitionsClient.GetByID +// method. +type AccessReviewHistoryDefinitionsClientGetByIDOptions struct { + // placeholder for future optional parameters +} + +// AccessReviewHistoryDefinitionsClientListOptions contains the optional parameters for the AccessReviewHistoryDefinitionsClient.NewListPager +// method. +type AccessReviewHistoryDefinitionsClientListOptions struct { + // The filter to apply on the operation. Only standard filters on definition name and created date are supported + Filter *string +} + +// AccessReviewInstanceClientAcceptRecommendationsOptions contains the optional parameters for the AccessReviewInstanceClient.AcceptRecommendations +// method. +type AccessReviewInstanceClientAcceptRecommendationsOptions struct { + // placeholder for future optional parameters +} + +// AccessReviewInstanceClientApplyDecisionsOptions contains the optional parameters for the AccessReviewInstanceClient.ApplyDecisions +// method. +type AccessReviewInstanceClientApplyDecisionsOptions struct { + // placeholder for future optional parameters +} + +// AccessReviewInstanceClientResetDecisionsOptions contains the optional parameters for the AccessReviewInstanceClient.ResetDecisions +// method. +type AccessReviewInstanceClientResetDecisionsOptions struct { + // placeholder for future optional parameters +} + +// AccessReviewInstanceClientSendRemindersOptions contains the optional parameters for the AccessReviewInstanceClient.SendReminders +// method. +type AccessReviewInstanceClientSendRemindersOptions struct { + // placeholder for future optional parameters +} + +// AccessReviewInstanceClientStopOptions contains the optional parameters for the AccessReviewInstanceClient.Stop method. +type AccessReviewInstanceClientStopOptions struct { + // placeholder for future optional parameters +} + +// AccessReviewInstanceContactedReviewersClientListOptions contains the optional parameters for the AccessReviewInstanceContactedReviewersClient.NewListPager +// method. +type AccessReviewInstanceContactedReviewersClientListOptions struct { + // placeholder for future optional parameters +} + +// AccessReviewInstanceDecisionsClientListOptions contains the optional parameters for the AccessReviewInstanceDecisionsClient.NewListPager +// method. +type AccessReviewInstanceDecisionsClientListOptions struct { + // The filter to apply on the operation. Other than standard filters, one custom filter option is supported : 'assignedToMeToReview()'. + // When one specified $filter=assignedToMeToReview(), only items that + // are assigned to the calling user to review are returned + Filter *string +} + +// AccessReviewInstanceMyDecisionsClientGetByIDOptions contains the optional parameters for the AccessReviewInstanceMyDecisionsClient.GetByID +// method. +type AccessReviewInstanceMyDecisionsClientGetByIDOptions struct { + // placeholder for future optional parameters +} + +// AccessReviewInstanceMyDecisionsClientListOptions contains the optional parameters for the AccessReviewInstanceMyDecisionsClient.NewListPager +// method. +type AccessReviewInstanceMyDecisionsClientListOptions struct { + // The filter to apply on the operation. Other than standard filters, one custom filter option is supported : 'assignedToMeToReview()'. + // When one specified $filter=assignedToMeToReview(), only items that + // are assigned to the calling user to review are returned + Filter *string +} + +// AccessReviewInstanceMyDecisionsClientPatchOptions contains the optional parameters for the AccessReviewInstanceMyDecisionsClient.Patch +// method. +type AccessReviewInstanceMyDecisionsClientPatchOptions struct { + // placeholder for future optional parameters +} + +// AccessReviewInstancesAssignedForMyApprovalClientGetByIDOptions contains the optional parameters for the AccessReviewInstancesAssignedForMyApprovalClient.GetByID +// method. +type AccessReviewInstancesAssignedForMyApprovalClientGetByIDOptions struct { + // placeholder for future optional parameters +} + +// AccessReviewInstancesAssignedForMyApprovalClientListOptions contains the optional parameters for the AccessReviewInstancesAssignedForMyApprovalClient.NewListPager +// method. +type AccessReviewInstancesAssignedForMyApprovalClientListOptions struct { + // The filter to apply on the operation. Other than standard filters, one custom filter option is supported : 'assignedToMeToReview()'. + // When one specified $filter=assignedToMeToReview(), only items that + // are assigned to the calling user to review are returned + Filter *string +} + +// AccessReviewInstancesClientCreateOptions contains the optional parameters for the AccessReviewInstancesClient.Create method. +type AccessReviewInstancesClientCreateOptions struct { + // placeholder for future optional parameters +} + +// AccessReviewInstancesClientGetByIDOptions contains the optional parameters for the AccessReviewInstancesClient.GetByID +// method. +type AccessReviewInstancesClientGetByIDOptions struct { + // placeholder for future optional parameters +} + +// AccessReviewInstancesClientListOptions contains the optional parameters for the AccessReviewInstancesClient.NewListPager +// method. +type AccessReviewInstancesClientListOptions struct { + // The filter to apply on the operation. Other than standard filters, one custom filter option is supported : 'assignedToMeToReview()'. + // When one specified $filter=assignedToMeToReview(), only items that + // are assigned to the calling user to review are returned + Filter *string +} + +// AccessReviewScheduleDefinitionsAssignedForMyApprovalClientListOptions contains the optional parameters for the AccessReviewScheduleDefinitionsAssignedForMyApprovalClient.NewListPager +// method. +type AccessReviewScheduleDefinitionsAssignedForMyApprovalClientListOptions struct { + // The filter to apply on the operation. Other than standard filters, one custom filter option is supported : 'assignedToMeToReview()'. + // When one specified $filter=assignedToMeToReview(), only items that + // are assigned to the calling user to review are returned + Filter *string +} + +// AccessReviewScheduleDefinitionsClientCreateOrUpdateByIDOptions contains the optional parameters for the AccessReviewScheduleDefinitionsClient.CreateOrUpdateByID +// method. +type AccessReviewScheduleDefinitionsClientCreateOrUpdateByIDOptions struct { + // placeholder for future optional parameters +} + +// AccessReviewScheduleDefinitionsClientDeleteByIDOptions contains the optional parameters for the AccessReviewScheduleDefinitionsClient.DeleteByID +// method. +type AccessReviewScheduleDefinitionsClientDeleteByIDOptions struct { + // placeholder for future optional parameters +} + +// AccessReviewScheduleDefinitionsClientGetByIDOptions contains the optional parameters for the AccessReviewScheduleDefinitionsClient.GetByID +// method. +type AccessReviewScheduleDefinitionsClientGetByIDOptions struct { + // placeholder for future optional parameters +} + +// AccessReviewScheduleDefinitionsClientListOptions contains the optional parameters for the AccessReviewScheduleDefinitionsClient.NewListPager +// method. +type AccessReviewScheduleDefinitionsClientListOptions struct { + // The filter to apply on the operation. Other than standard filters, one custom filter option is supported : 'assignedToMeToReview()'. + // When one specified $filter=assignedToMeToReview(), only items that + // are assigned to the calling user to review are returned + Filter *string +} + +// AccessReviewScheduleDefinitionsClientStopOptions contains the optional parameters for the AccessReviewScheduleDefinitionsClient.Stop +// method. +type AccessReviewScheduleDefinitionsClientStopOptions struct { + // placeholder for future optional parameters +} + +// AlertConfigurationsClientGetOptions contains the optional parameters for the AlertConfigurationsClient.Get method. +type AlertConfigurationsClientGetOptions struct { + // placeholder for future optional parameters +} + +// AlertConfigurationsClientListForScopeOptions contains the optional parameters for the AlertConfigurationsClient.NewListForScopePager +// method. +type AlertConfigurationsClientListForScopeOptions struct { + // placeholder for future optional parameters +} + +// AlertConfigurationsClientUpdateOptions contains the optional parameters for the AlertConfigurationsClient.Update method. +type AlertConfigurationsClientUpdateOptions struct { + // placeholder for future optional parameters +} + +// AlertDefinitionsClientGetOptions contains the optional parameters for the AlertDefinitionsClient.Get method. +type AlertDefinitionsClientGetOptions struct { + // placeholder for future optional parameters +} + +// AlertDefinitionsClientListForScopeOptions contains the optional parameters for the AlertDefinitionsClient.NewListForScopePager +// method. +type AlertDefinitionsClientListForScopeOptions struct { + // placeholder for future optional parameters +} + +// AlertIncidentsClientGetOptions contains the optional parameters for the AlertIncidentsClient.Get method. +type AlertIncidentsClientGetOptions struct { + // placeholder for future optional parameters +} + +// AlertIncidentsClientListForScopeOptions contains the optional parameters for the AlertIncidentsClient.NewListForScopePager +// method. +type AlertIncidentsClientListForScopeOptions struct { + // placeholder for future optional parameters +} + +// AlertIncidentsClientRemediateOptions contains the optional parameters for the AlertIncidentsClient.Remediate method. +type AlertIncidentsClientRemediateOptions struct { + // placeholder for future optional parameters +} + +// AlertOperationClientGetOptions contains the optional parameters for the AlertOperationClient.Get method. +type AlertOperationClientGetOptions struct { + // placeholder for future optional parameters +} + +// AlertsClientBeginRefreshAllOptions contains the optional parameters for the AlertsClient.BeginRefreshAll method. +type AlertsClientBeginRefreshAllOptions struct { + // Resumes the LRO from the provided token. + ResumeToken string +} + +// AlertsClientBeginRefreshOptions contains the optional parameters for the AlertsClient.BeginRefresh method. +type AlertsClientBeginRefreshOptions struct { + // Resumes the LRO from the provided token. + ResumeToken string +} + +// AlertsClientGetOptions contains the optional parameters for the AlertsClient.Get method. +type AlertsClientGetOptions struct { + // placeholder for future optional parameters +} + +// AlertsClientListForScopeOptions contains the optional parameters for the AlertsClient.NewListForScopePager method. +type AlertsClientListForScopeOptions struct { + // placeholder for future optional parameters +} + +// AlertsClientUpdateOptions contains the optional parameters for the AlertsClient.Update method. +type AlertsClientUpdateOptions struct { + // placeholder for future optional parameters +} + +// ClassicAdministratorsClientListOptions contains the optional parameters for the ClassicAdministratorsClient.NewListPager +// method. +type ClassicAdministratorsClientListOptions struct { + // placeholder for future optional parameters +} + +// DenyAssignmentsClientGetByIDOptions contains the optional parameters for the DenyAssignmentsClient.GetByID method. +type DenyAssignmentsClientGetByIDOptions struct { + // placeholder for future optional parameters +} + +// DenyAssignmentsClientGetOptions contains the optional parameters for the DenyAssignmentsClient.Get method. +type DenyAssignmentsClientGetOptions struct { + // placeholder for future optional parameters +} + +// DenyAssignmentsClientListForResourceGroupOptions contains the optional parameters for the DenyAssignmentsClient.NewListForResourceGroupPager +// method. +type DenyAssignmentsClientListForResourceGroupOptions struct { + // The filter to apply on the operation. Use $filter=atScope() to return all deny assignments at or above the scope. Use $filter=denyAssignmentName + // eq '{name}' to search deny assignments by name at + // specified scope. Use $filter=principalId eq '{id}' to return all deny assignments at, above and below the scope for the + // specified principal. Use $filter=gdprExportPrincipalId eq '{id}' to return all + // deny assignments at, above and below the scope for the specified principal. This filter is different from the principalId + // filter as it returns not only those deny assignments that contain the + // specified principal is the Principals list but also those deny assignments that contain the specified principal is the + // ExcludePrincipals list. Additionally, when gdprExportPrincipalId filter is used, + // only the deny assignment name and description properties are returned. + Filter *string +} + +// DenyAssignmentsClientListForResourceOptions contains the optional parameters for the DenyAssignmentsClient.NewListForResourcePager +// method. +type DenyAssignmentsClientListForResourceOptions struct { + // The filter to apply on the operation. Use $filter=atScope() to return all deny assignments at or above the scope. Use $filter=denyAssignmentName + // eq '{name}' to search deny assignments by name at + // specified scope. Use $filter=principalId eq '{id}' to return all deny assignments at, above and below the scope for the + // specified principal. Use $filter=gdprExportPrincipalId eq '{id}' to return all + // deny assignments at, above and below the scope for the specified principal. This filter is different from the principalId + // filter as it returns not only those deny assignments that contain the + // specified principal is the Principals list but also those deny assignments that contain the specified principal is the + // ExcludePrincipals list. Additionally, when gdprExportPrincipalId filter is used, + // only the deny assignment name and description properties are returned. + Filter *string +} + +// DenyAssignmentsClientListForScopeOptions contains the optional parameters for the DenyAssignmentsClient.NewListForScopePager +// method. +type DenyAssignmentsClientListForScopeOptions struct { + // The filter to apply on the operation. Use $filter=atScope() to return all deny assignments at or above the scope. Use $filter=denyAssignmentName + // eq '{name}' to search deny assignments by name at + // specified scope. Use $filter=principalId eq '{id}' to return all deny assignments at, above and below the scope for the + // specified principal. Use $filter=gdprExportPrincipalId eq '{id}' to return all + // deny assignments at, above and below the scope for the specified principal. This filter is different from the principalId + // filter as it returns not only those deny assignments that contain the + // specified principal is the Principals list but also those deny assignments that contain the specified principal is the + // ExcludePrincipals list. Additionally, when gdprExportPrincipalId filter is used, + // only the deny assignment name and description properties are returned. + Filter *string +} + +// DenyAssignmentsClientListOptions contains the optional parameters for the DenyAssignmentsClient.NewListPager method. +type DenyAssignmentsClientListOptions struct { + // The filter to apply on the operation. Use $filter=atScope() to return all deny assignments at or above the scope. Use $filter=denyAssignmentName + // eq '{name}' to search deny assignments by name at + // specified scope. Use $filter=principalId eq '{id}' to return all deny assignments at, above and below the scope for the + // specified principal. Use $filter=gdprExportPrincipalId eq '{id}' to return all + // deny assignments at, above and below the scope for the specified principal. This filter is different from the principalId + // filter as it returns not only those deny assignments that contain the + // specified principal is the Principals list but also those deny assignments that contain the specified principal is the + // ExcludePrincipals list. Additionally, when gdprExportPrincipalId filter is used, + // only the deny assignment name and description properties are returned. + Filter *string +} + +// EligibleChildResourcesClientGetOptions contains the optional parameters for the EligibleChildResourcesClient.NewGetPager +// method. +type EligibleChildResourcesClientGetOptions struct { + // The filter to apply on the operation. Use $filter=resourceType+eq+'Subscription' to filter on only resource of type = 'Subscription'. + // Use + // $filter=resourceType+eq+'subscription'+or+resourceType+eq+'resourcegroup' to filter on resource of type = 'Subscription' + // or 'ResourceGroup' + Filter *string +} + +// GlobalAdministratorClientElevateAccessOptions contains the optional parameters for the GlobalAdministratorClient.ElevateAccess +// method. +type GlobalAdministratorClientElevateAccessOptions struct { + // placeholder for future optional parameters +} + +// OperationsClientListOptions contains the optional parameters for the OperationsClient.NewListPager method. +type OperationsClientListOptions struct { + // placeholder for future optional parameters +} + +// PermissionsClientListForResourceGroupOptions contains the optional parameters for the PermissionsClient.NewListForResourceGroupPager +// method. +type PermissionsClientListForResourceGroupOptions struct { + // placeholder for future optional parameters +} + +// PermissionsClientListForResourceOptions contains the optional parameters for the PermissionsClient.NewListForResourcePager +// method. +type PermissionsClientListForResourceOptions struct { + // placeholder for future optional parameters +} + +// ProviderOperationsMetadataClientGetOptions contains the optional parameters for the ProviderOperationsMetadataClient.Get +// method. +type ProviderOperationsMetadataClientGetOptions struct { + // Specifies whether to expand the values. + Expand *string +} + +// ProviderOperationsMetadataClientListOptions contains the optional parameters for the ProviderOperationsMetadataClient.NewListPager +// method. +type ProviderOperationsMetadataClientListOptions struct { + // Specifies whether to expand the values. + Expand *string +} + +// RoleAssignmentScheduleInstancesClientGetOptions contains the optional parameters for the RoleAssignmentScheduleInstancesClient.Get +// method. +type RoleAssignmentScheduleInstancesClientGetOptions struct { + // placeholder for future optional parameters +} + +// RoleAssignmentScheduleInstancesClientListForScopeOptions contains the optional parameters for the RoleAssignmentScheduleInstancesClient.NewListForScopePager +// method. +type RoleAssignmentScheduleInstancesClientListForScopeOptions struct { + // The filter to apply on the operation. Use $filter=atScope() to return all role assignment schedules at or above the scope. + // Use $filter=principalId eq {id} to return all role assignment schedules at, + // above or below the scope for the specified principal. Use $filter=assignedTo('{userId}') to return all role assignment + // schedule instances for the user. Use $filter=asTarget() to return all role + // assignment schedule instances created for the current user. + Filter *string +} + +// RoleAssignmentScheduleRequestsClientCancelOptions contains the optional parameters for the RoleAssignmentScheduleRequestsClient.Cancel +// method. +type RoleAssignmentScheduleRequestsClientCancelOptions struct { + // placeholder for future optional parameters +} + +// RoleAssignmentScheduleRequestsClientCreateOptions contains the optional parameters for the RoleAssignmentScheduleRequestsClient.Create +// method. +type RoleAssignmentScheduleRequestsClientCreateOptions struct { + // placeholder for future optional parameters +} + +// RoleAssignmentScheduleRequestsClientGetOptions contains the optional parameters for the RoleAssignmentScheduleRequestsClient.Get +// method. +type RoleAssignmentScheduleRequestsClientGetOptions struct { + // placeholder for future optional parameters +} + +// RoleAssignmentScheduleRequestsClientListForScopeOptions contains the optional parameters for the RoleAssignmentScheduleRequestsClient.NewListForScopePager +// method. +type RoleAssignmentScheduleRequestsClientListForScopeOptions struct { + // The filter to apply on the operation. Use $filter=atScope() to return all role assignment schedule requests at or above + // the scope. Use $filter=principalId eq {id} to return all role assignment + // schedule requests at, above or below the scope for the specified principal. Use $filter=asRequestor() to return all role + // assignment schedule requests requested by the current user. Use + // $filter=asTarget() to return all role assignment schedule requests created for the current user. Use $filter=asApprover() + // to return all role assignment schedule requests where the current user is an + // approver. + Filter *string +} + +// RoleAssignmentScheduleRequestsClientValidateOptions contains the optional parameters for the RoleAssignmentScheduleRequestsClient.Validate +// method. +type RoleAssignmentScheduleRequestsClientValidateOptions struct { + // placeholder for future optional parameters +} + +// RoleAssignmentSchedulesClientGetOptions contains the optional parameters for the RoleAssignmentSchedulesClient.Get method. +type RoleAssignmentSchedulesClientGetOptions struct { + // placeholder for future optional parameters +} + +// RoleAssignmentSchedulesClientListForScopeOptions contains the optional parameters for the RoleAssignmentSchedulesClient.NewListForScopePager +// method. +type RoleAssignmentSchedulesClientListForScopeOptions struct { + // The filter to apply on the operation. Use $filter=atScope() to return all role assignment schedules at or above the scope. + // Use $filter=principalId eq {id} to return all role assignment schedules at, + // above or below the scope for the specified principal. Use $filter=assignedTo('{userId}') to return all role assignment + // schedules for the current user. Use $filter=asTarget() to return all role + // assignment schedules created for the current user. + Filter *string +} + +// RoleAssignmentsClientCreateByIDOptions contains the optional parameters for the RoleAssignmentsClient.CreateByID method. +type RoleAssignmentsClientCreateByIDOptions struct { + // placeholder for future optional parameters +} + +// RoleAssignmentsClientCreateOptions contains the optional parameters for the RoleAssignmentsClient.Create method. +type RoleAssignmentsClientCreateOptions struct { + // placeholder for future optional parameters +} + +// RoleAssignmentsClientDeleteByIDOptions contains the optional parameters for the RoleAssignmentsClient.DeleteByID method. +type RoleAssignmentsClientDeleteByIDOptions struct { + // Tenant ID for cross-tenant request + TenantID *string +} + +// RoleAssignmentsClientDeleteOptions contains the optional parameters for the RoleAssignmentsClient.Delete method. +type RoleAssignmentsClientDeleteOptions struct { + // Tenant ID for cross-tenant request + TenantID *string +} + +// RoleAssignmentsClientGetByIDOptions contains the optional parameters for the RoleAssignmentsClient.GetByID method. +type RoleAssignmentsClientGetByIDOptions struct { + // Tenant ID for cross-tenant request + TenantID *string +} + +// RoleAssignmentsClientGetOptions contains the optional parameters for the RoleAssignmentsClient.Get method. +type RoleAssignmentsClientGetOptions struct { + // Tenant ID for cross-tenant request + TenantID *string +} + +// RoleAssignmentsClientListForResourceGroupOptions contains the optional parameters for the RoleAssignmentsClient.NewListForResourceGroupPager +// method. +type RoleAssignmentsClientListForResourceGroupOptions struct { + // The filter to apply on the operation. Use $filter=atScope() to return all role assignments at or above the scope. Use $filter=principalId + // eq {id} to return all role assignments at, above or below the + // scope for the specified principal. + Filter *string + + // Tenant ID for cross-tenant request + TenantID *string +} + +// RoleAssignmentsClientListForResourceOptions contains the optional parameters for the RoleAssignmentsClient.NewListForResourcePager +// method. +type RoleAssignmentsClientListForResourceOptions struct { + // The filter to apply on the operation. Use $filter=atScope() to return all role assignments at or above the scope. Use $filter=principalId + // eq {id} to return all role assignments at, above or below the + // scope for the specified principal. + Filter *string + + // Tenant ID for cross-tenant request + TenantID *string +} + +// RoleAssignmentsClientListForScopeOptions contains the optional parameters for the RoleAssignmentsClient.NewListForScopePager +// method. +type RoleAssignmentsClientListForScopeOptions struct { + // The filter to apply on the operation. Use $filter=atScope() to return all role assignments at or above the scope. Use $filter=principalId + // eq {id} to return all role assignments at, above or below the + // scope for the specified principal. + Filter *string + + // The skipToken to apply on the operation. Use $skipToken={skiptoken} to return paged role assignments following the skipToken + // passed. Only supported on provider level calls. + SkipToken *string + + // Tenant ID for cross-tenant request + TenantID *string +} + +// RoleAssignmentsClientListForSubscriptionOptions contains the optional parameters for the RoleAssignmentsClient.NewListForSubscriptionPager +// method. +type RoleAssignmentsClientListForSubscriptionOptions struct { + // The filter to apply on the operation. Use $filter=atScope() to return all role assignments at or above the scope. Use $filter=principalId + // eq {id} to return all role assignments at, above or below the + // scope for the specified principal. + Filter *string + + // Tenant ID for cross-tenant request + TenantID *string +} + +// RoleDefinitionsClientCreateOrUpdateOptions contains the optional parameters for the RoleDefinitionsClient.CreateOrUpdate +// method. +type RoleDefinitionsClientCreateOrUpdateOptions struct { + // placeholder for future optional parameters +} + +// RoleDefinitionsClientDeleteOptions contains the optional parameters for the RoleDefinitionsClient.Delete method. +type RoleDefinitionsClientDeleteOptions struct { + // placeholder for future optional parameters +} + +// RoleDefinitionsClientGetByIDOptions contains the optional parameters for the RoleDefinitionsClient.GetByID method. +type RoleDefinitionsClientGetByIDOptions struct { + // placeholder for future optional parameters +} + +// RoleDefinitionsClientGetOptions contains the optional parameters for the RoleDefinitionsClient.Get method. +type RoleDefinitionsClientGetOptions struct { + // placeholder for future optional parameters +} + +// RoleDefinitionsClientListOptions contains the optional parameters for the RoleDefinitionsClient.NewListPager method. +type RoleDefinitionsClientListOptions struct { + // The filter to apply on the operation. Use atScopeAndBelow filter to search below the given scope as well. + Filter *string +} + +// RoleEligibilityScheduleInstancesClientGetOptions contains the optional parameters for the RoleEligibilityScheduleInstancesClient.Get +// method. +type RoleEligibilityScheduleInstancesClientGetOptions struct { + // placeholder for future optional parameters +} + +// RoleEligibilityScheduleInstancesClientListForScopeOptions contains the optional parameters for the RoleEligibilityScheduleInstancesClient.NewListForScopePager +// method. +type RoleEligibilityScheduleInstancesClientListForScopeOptions struct { + // The filter to apply on the operation. Use $filter=atScope() to return all role assignment schedules at or above the scope. + // Use $filter=principalId eq {id} to return all role assignment schedules at, + // above or below the scope for the specified principal. Use $filter=assignedTo('{userId}') to return all role eligibility + // schedules for the user. Use $filter=asTarget() to return all role eligibility + // schedules created for the current user. + Filter *string +} + +// RoleEligibilityScheduleRequestsClientCancelOptions contains the optional parameters for the RoleEligibilityScheduleRequestsClient.Cancel +// method. +type RoleEligibilityScheduleRequestsClientCancelOptions struct { + // placeholder for future optional parameters +} + +// RoleEligibilityScheduleRequestsClientCreateOptions contains the optional parameters for the RoleEligibilityScheduleRequestsClient.Create +// method. +type RoleEligibilityScheduleRequestsClientCreateOptions struct { + // placeholder for future optional parameters +} + +// RoleEligibilityScheduleRequestsClientGetOptions contains the optional parameters for the RoleEligibilityScheduleRequestsClient.Get +// method. +type RoleEligibilityScheduleRequestsClientGetOptions struct { + // placeholder for future optional parameters +} + +// RoleEligibilityScheduleRequestsClientListForScopeOptions contains the optional parameters for the RoleEligibilityScheduleRequestsClient.NewListForScopePager +// method. +type RoleEligibilityScheduleRequestsClientListForScopeOptions struct { + // The filter to apply on the operation. Use $filter=atScope() to return all role eligibility schedule requests at or above + // the scope. Use $filter=principalId eq {id} to return all role eligibility + // schedule requests at, above or below the scope for the specified principal. Use $filter=asRequestor() to return all role + // eligibility schedule requests requested by the current user. Use + // $filter=asTarget() to return all role eligibility schedule requests created for the current user. Use $filter=asApprover() + // to return all role eligibility schedule requests where the current user is an + // approver. + Filter *string +} + +// RoleEligibilityScheduleRequestsClientValidateOptions contains the optional parameters for the RoleEligibilityScheduleRequestsClient.Validate +// method. +type RoleEligibilityScheduleRequestsClientValidateOptions struct { + // placeholder for future optional parameters +} + +// RoleEligibilitySchedulesClientGetOptions contains the optional parameters for the RoleEligibilitySchedulesClient.Get method. +type RoleEligibilitySchedulesClientGetOptions struct { + // placeholder for future optional parameters +} + +// RoleEligibilitySchedulesClientListForScopeOptions contains the optional parameters for the RoleEligibilitySchedulesClient.NewListForScopePager +// method. +type RoleEligibilitySchedulesClientListForScopeOptions struct { + // The filter to apply on the operation. Use $filter=atScope() to return all role eligibility schedules at or above the scope. + // Use $filter=principalId eq {id} to return all role eligibility schedules at, + // above or below the scope for the specified principal. Use $filter=assignedTo('{userId}') to return all role eligibility + // schedules for the user. Use $filter=asTarget() to return all role eligibility + // schedules created for the current user. + Filter *string +} + +// RoleManagementPoliciesClientDeleteOptions contains the optional parameters for the RoleManagementPoliciesClient.Delete +// method. +type RoleManagementPoliciesClientDeleteOptions struct { + // placeholder for future optional parameters +} + +// RoleManagementPoliciesClientGetOptions contains the optional parameters for the RoleManagementPoliciesClient.Get method. +type RoleManagementPoliciesClientGetOptions struct { + // placeholder for future optional parameters +} + +// RoleManagementPoliciesClientListForScopeOptions contains the optional parameters for the RoleManagementPoliciesClient.NewListForScopePager +// method. +type RoleManagementPoliciesClientListForScopeOptions struct { + // placeholder for future optional parameters +} + +// RoleManagementPoliciesClientUpdateOptions contains the optional parameters for the RoleManagementPoliciesClient.Update +// method. +type RoleManagementPoliciesClientUpdateOptions struct { + // placeholder for future optional parameters +} + +// RoleManagementPolicyAssignmentsClientCreateOptions contains the optional parameters for the RoleManagementPolicyAssignmentsClient.Create +// method. +type RoleManagementPolicyAssignmentsClientCreateOptions struct { + // placeholder for future optional parameters +} + +// RoleManagementPolicyAssignmentsClientDeleteOptions contains the optional parameters for the RoleManagementPolicyAssignmentsClient.Delete +// method. +type RoleManagementPolicyAssignmentsClientDeleteOptions struct { + // placeholder for future optional parameters +} + +// RoleManagementPolicyAssignmentsClientGetOptions contains the optional parameters for the RoleManagementPolicyAssignmentsClient.Get +// method. +type RoleManagementPolicyAssignmentsClientGetOptions struct { + // placeholder for future optional parameters +} + +// RoleManagementPolicyAssignmentsClientListForScopeOptions contains the optional parameters for the RoleManagementPolicyAssignmentsClient.NewListForScopePager +// method. +type RoleManagementPolicyAssignmentsClientListForScopeOptions struct { + // placeholder for future optional parameters +} + +// ScopeAccessReviewDefaultSettingsClientGetOptions contains the optional parameters for the ScopeAccessReviewDefaultSettingsClient.Get +// method. +type ScopeAccessReviewDefaultSettingsClientGetOptions struct { + // placeholder for future optional parameters +} + +// ScopeAccessReviewDefaultSettingsClientPutOptions contains the optional parameters for the ScopeAccessReviewDefaultSettingsClient.Put +// method. +type ScopeAccessReviewDefaultSettingsClientPutOptions struct { + // placeholder for future optional parameters +} + +// ScopeAccessReviewHistoryDefinitionClientCreateOptions contains the optional parameters for the ScopeAccessReviewHistoryDefinitionClient.Create +// method. +type ScopeAccessReviewHistoryDefinitionClientCreateOptions struct { + // placeholder for future optional parameters +} + +// ScopeAccessReviewHistoryDefinitionClientDeleteByIDOptions contains the optional parameters for the ScopeAccessReviewHistoryDefinitionClient.DeleteByID +// method. +type ScopeAccessReviewHistoryDefinitionClientDeleteByIDOptions struct { + // placeholder for future optional parameters +} + +// ScopeAccessReviewHistoryDefinitionInstanceClientGenerateDownloadURIOptions contains the optional parameters for the ScopeAccessReviewHistoryDefinitionInstanceClient.GenerateDownloadURI +// method. +type ScopeAccessReviewHistoryDefinitionInstanceClientGenerateDownloadURIOptions struct { + // placeholder for future optional parameters +} + +// ScopeAccessReviewHistoryDefinitionInstancesClientListOptions contains the optional parameters for the ScopeAccessReviewHistoryDefinitionInstancesClient.NewListPager +// method. +type ScopeAccessReviewHistoryDefinitionInstancesClientListOptions struct { + // placeholder for future optional parameters +} + +// ScopeAccessReviewHistoryDefinitionsClientGetByIDOptions contains the optional parameters for the ScopeAccessReviewHistoryDefinitionsClient.GetByID +// method. +type ScopeAccessReviewHistoryDefinitionsClientGetByIDOptions struct { + // placeholder for future optional parameters +} + +// ScopeAccessReviewHistoryDefinitionsClientListOptions contains the optional parameters for the ScopeAccessReviewHistoryDefinitionsClient.NewListPager +// method. +type ScopeAccessReviewHistoryDefinitionsClientListOptions struct { + // The filter to apply on the operation. Only standard filters on definition name and created date are supported + Filter *string +} + +// ScopeAccessReviewInstanceClientApplyDecisionsOptions contains the optional parameters for the ScopeAccessReviewInstanceClient.ApplyDecisions +// method. +type ScopeAccessReviewInstanceClientApplyDecisionsOptions struct { + // placeholder for future optional parameters +} + +// ScopeAccessReviewInstanceClientRecordAllDecisionsOptions contains the optional parameters for the ScopeAccessReviewInstanceClient.RecordAllDecisions +// method. +type ScopeAccessReviewInstanceClientRecordAllDecisionsOptions struct { + // placeholder for future optional parameters +} + +// ScopeAccessReviewInstanceClientResetDecisionsOptions contains the optional parameters for the ScopeAccessReviewInstanceClient.ResetDecisions +// method. +type ScopeAccessReviewInstanceClientResetDecisionsOptions struct { + // placeholder for future optional parameters +} + +// ScopeAccessReviewInstanceClientSendRemindersOptions contains the optional parameters for the ScopeAccessReviewInstanceClient.SendReminders +// method. +type ScopeAccessReviewInstanceClientSendRemindersOptions struct { + // placeholder for future optional parameters +} + +// ScopeAccessReviewInstanceClientStopOptions contains the optional parameters for the ScopeAccessReviewInstanceClient.Stop +// method. +type ScopeAccessReviewInstanceClientStopOptions struct { + // placeholder for future optional parameters +} + +// ScopeAccessReviewInstanceContactedReviewersClientListOptions contains the optional parameters for the ScopeAccessReviewInstanceContactedReviewersClient.NewListPager +// method. +type ScopeAccessReviewInstanceContactedReviewersClientListOptions struct { + // placeholder for future optional parameters +} + +// ScopeAccessReviewInstanceDecisionsClientListOptions contains the optional parameters for the ScopeAccessReviewInstanceDecisionsClient.NewListPager +// method. +type ScopeAccessReviewInstanceDecisionsClientListOptions struct { + // The filter to apply on the operation. Other than standard filters, one custom filter option is supported : 'assignedToMeToReview()'. + // When one specified $filter=assignedToMeToReview(), only items that + // are assigned to the calling user to review are returned + Filter *string +} + +// ScopeAccessReviewInstancesClientCreateOptions contains the optional parameters for the ScopeAccessReviewInstancesClient.Create +// method. +type ScopeAccessReviewInstancesClientCreateOptions struct { + // placeholder for future optional parameters +} + +// ScopeAccessReviewInstancesClientGetByIDOptions contains the optional parameters for the ScopeAccessReviewInstancesClient.GetByID +// method. +type ScopeAccessReviewInstancesClientGetByIDOptions struct { + // placeholder for future optional parameters +} + +// ScopeAccessReviewInstancesClientListOptions contains the optional parameters for the ScopeAccessReviewInstancesClient.NewListPager +// method. +type ScopeAccessReviewInstancesClientListOptions struct { + // The filter to apply on the operation. Other than standard filters, one custom filter option is supported : 'assignedToMeToReview()'. + // When one specified $filter=assignedToMeToReview(), only items that + // are assigned to the calling user to review are returned + Filter *string +} + +// ScopeAccessReviewScheduleDefinitionsClientCreateOrUpdateByIDOptions contains the optional parameters for the ScopeAccessReviewScheduleDefinitionsClient.CreateOrUpdateByID +// method. +type ScopeAccessReviewScheduleDefinitionsClientCreateOrUpdateByIDOptions struct { + // placeholder for future optional parameters +} + +// ScopeAccessReviewScheduleDefinitionsClientDeleteByIDOptions contains the optional parameters for the ScopeAccessReviewScheduleDefinitionsClient.DeleteByID +// method. +type ScopeAccessReviewScheduleDefinitionsClientDeleteByIDOptions struct { + // placeholder for future optional parameters +} + +// ScopeAccessReviewScheduleDefinitionsClientGetByIDOptions contains the optional parameters for the ScopeAccessReviewScheduleDefinitionsClient.GetByID +// method. +type ScopeAccessReviewScheduleDefinitionsClientGetByIDOptions struct { + // placeholder for future optional parameters +} + +// ScopeAccessReviewScheduleDefinitionsClientListOptions contains the optional parameters for the ScopeAccessReviewScheduleDefinitionsClient.NewListPager +// method. +type ScopeAccessReviewScheduleDefinitionsClientListOptions struct { + // The filter to apply on the operation. Other than standard filters, one custom filter option is supported : 'assignedToMeToReview()'. + // When one specified $filter=assignedToMeToReview(), only items that + // are assigned to the calling user to review are returned + Filter *string +} + +// ScopeAccessReviewScheduleDefinitionsClientStopOptions contains the optional parameters for the ScopeAccessReviewScheduleDefinitionsClient.Stop +// method. +type ScopeAccessReviewScheduleDefinitionsClientStopOptions struct { + // placeholder for future optional parameters +} + +// TenantLevelAccessReviewInstanceContactedReviewersClientListOptions contains the optional parameters for the TenantLevelAccessReviewInstanceContactedReviewersClient.NewListPager +// method. +type TenantLevelAccessReviewInstanceContactedReviewersClientListOptions struct { + // placeholder for future optional parameters +} diff --git a/vendor/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3/permissions_client.go b/vendor/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3/permissions_client.go new file mode 100644 index 00000000000..8b2a427d455 --- /dev/null +++ b/vendor/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3/permissions_client.go @@ -0,0 +1,175 @@ +//go:build go1.18 +// +build go1.18 + +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package armauthorization + +import ( + "context" + "errors" + "github.com/Azure/azure-sdk-for-go/sdk/azcore" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/arm" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/policy" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "net/http" + "net/url" + "strings" +) + +// PermissionsClient contains the methods for the Permissions group. +// Don't use this type directly, use NewPermissionsClient() instead. +type PermissionsClient struct { + internal *arm.Client + subscriptionID string +} + +// NewPermissionsClient creates a new instance of PermissionsClient with the specified values. +// - subscriptionID - The ID of the target subscription. +// - credential - used to authorize requests. Usually a credential from azidentity. +// - options - pass nil to accept the default values. +func NewPermissionsClient(subscriptionID string, credential azcore.TokenCredential, options *arm.ClientOptions) (*PermissionsClient, error) { + cl, err := arm.NewClient(moduleName, moduleVersion, credential, options) + if err != nil { + return nil, err + } + client := &PermissionsClient{ + subscriptionID: subscriptionID, + internal: cl, + } + return client, nil +} + +// NewListForResourcePager - Gets all permissions the caller has for a resource. +// +// Generated from API version 2022-05-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - resourceProviderNamespace - The namespace of the resource provider. +// - parentResourcePath - The parent resource identity. +// - resourceType - The resource type of the resource. +// - resourceName - The name of the resource to get the permissions for. +// - options - PermissionsClientListForResourceOptions contains the optional parameters for the PermissionsClient.NewListForResourcePager +// method. +func (client *PermissionsClient) NewListForResourcePager(resourceGroupName string, resourceProviderNamespace string, parentResourcePath string, resourceType string, resourceName string, options *PermissionsClientListForResourceOptions) *runtime.Pager[PermissionsClientListForResourceResponse] { + return runtime.NewPager(runtime.PagingHandler[PermissionsClientListForResourceResponse]{ + More: func(page PermissionsClientListForResourceResponse) bool { + return page.NextLink != nil && len(*page.NextLink) > 0 + }, + Fetcher: func(ctx context.Context, page *PermissionsClientListForResourceResponse) (PermissionsClientListForResourceResponse, error) { + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, "PermissionsClient.NewListForResourcePager") + nextLink := "" + if page != nil { + nextLink = *page.NextLink + } + resp, err := runtime.FetcherForNextLink(ctx, client.internal.Pipeline(), nextLink, func(ctx context.Context) (*policy.Request, error) { + return client.listForResourceCreateRequest(ctx, resourceGroupName, resourceProviderNamespace, parentResourcePath, resourceType, resourceName, options) + }, nil) + if err != nil { + return PermissionsClientListForResourceResponse{}, err + } + return client.listForResourceHandleResponse(resp) + }, + Tracer: client.internal.Tracer(), + }) +} + +// listForResourceCreateRequest creates the ListForResource request. +func (client *PermissionsClient) listForResourceCreateRequest(ctx context.Context, resourceGroupName string, resourceProviderNamespace string, parentResourcePath string, resourceType string, resourceName string, options *PermissionsClientListForResourceOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourcegroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{parentResourcePath}/{resourceType}/{resourceName}/providers/Microsoft.Authorization/permissions" + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + urlPath = strings.ReplaceAll(urlPath, "{resourceProviderNamespace}", resourceProviderNamespace) + urlPath = strings.ReplaceAll(urlPath, "{parentResourcePath}", parentResourcePath) + urlPath = strings.ReplaceAll(urlPath, "{resourceType}", resourceType) + if resourceName == "" { + return nil, errors.New("parameter resourceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceName}", url.PathEscape(resourceName)) + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2022-05-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// listForResourceHandleResponse handles the ListForResource response. +func (client *PermissionsClient) listForResourceHandleResponse(resp *http.Response) (PermissionsClientListForResourceResponse, error) { + result := PermissionsClientListForResourceResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.PermissionGetResult); err != nil { + return PermissionsClientListForResourceResponse{}, err + } + return result, nil +} + +// NewListForResourceGroupPager - Gets all permissions the caller has for a resource group. +// +// Generated from API version 2022-05-01-preview +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - options - PermissionsClientListForResourceGroupOptions contains the optional parameters for the PermissionsClient.NewListForResourceGroupPager +// method. +func (client *PermissionsClient) NewListForResourceGroupPager(resourceGroupName string, options *PermissionsClientListForResourceGroupOptions) *runtime.Pager[PermissionsClientListForResourceGroupResponse] { + return runtime.NewPager(runtime.PagingHandler[PermissionsClientListForResourceGroupResponse]{ + More: func(page PermissionsClientListForResourceGroupResponse) bool { + return page.NextLink != nil && len(*page.NextLink) > 0 + }, + Fetcher: func(ctx context.Context, page *PermissionsClientListForResourceGroupResponse) (PermissionsClientListForResourceGroupResponse, error) { + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, "PermissionsClient.NewListForResourceGroupPager") + nextLink := "" + if page != nil { + nextLink = *page.NextLink + } + resp, err := runtime.FetcherForNextLink(ctx, client.internal.Pipeline(), nextLink, func(ctx context.Context) (*policy.Request, error) { + return client.listForResourceGroupCreateRequest(ctx, resourceGroupName, options) + }, nil) + if err != nil { + return PermissionsClientListForResourceGroupResponse{}, err + } + return client.listForResourceGroupHandleResponse(resp) + }, + Tracer: client.internal.Tracer(), + }) +} + +// listForResourceGroupCreateRequest creates the ListForResourceGroup request. +func (client *PermissionsClient) listForResourceGroupCreateRequest(ctx context.Context, resourceGroupName string, options *PermissionsClientListForResourceGroupOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourcegroups/{resourceGroupName}/providers/Microsoft.Authorization/permissions" + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2022-05-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// listForResourceGroupHandleResponse handles the ListForResourceGroup response. +func (client *PermissionsClient) listForResourceGroupHandleResponse(resp *http.Response) (PermissionsClientListForResourceGroupResponse, error) { + result := PermissionsClientListForResourceGroupResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.PermissionGetResult); err != nil { + return PermissionsClientListForResourceGroupResponse{}, err + } + return result, nil +} diff --git a/vendor/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3/polymorphic_helpers.go b/vendor/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3/polymorphic_helpers.go new file mode 100644 index 00000000000..696fca1e693 --- /dev/null +++ b/vendor/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3/polymorphic_helpers.go @@ -0,0 +1,157 @@ +//go:build go1.18 +// +build go1.18 + +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package armauthorization + +import "encoding/json" + +func unmarshalAccessReviewDecisionIdentityClassification(rawMsg json.RawMessage) (AccessReviewDecisionIdentityClassification, error) { + if rawMsg == nil { + return nil, nil + } + var m map[string]any + if err := json.Unmarshal(rawMsg, &m); err != nil { + return nil, err + } + var b AccessReviewDecisionIdentityClassification + switch m["type"] { + case string(DecisionTargetTypeServicePrincipal): + b = &AccessReviewDecisionServicePrincipalIdentity{} + case string(DecisionTargetTypeUser): + b = &AccessReviewDecisionUserIdentity{} + default: + b = &AccessReviewDecisionIdentity{} + } + if err := json.Unmarshal(rawMsg, b); err != nil { + return nil, err + } + return b, nil +} + +func unmarshalAccessReviewDecisionInsightPropertiesClassification(rawMsg json.RawMessage) (AccessReviewDecisionInsightPropertiesClassification, error) { + if rawMsg == nil { + return nil, nil + } + var m map[string]any + if err := json.Unmarshal(rawMsg, &m); err != nil { + return nil, err + } + var b AccessReviewDecisionInsightPropertiesClassification + switch m["type"] { + case string(AccessReviewDecisionInsightTypeUserSignInInsight): + b = &AccessReviewDecisionUserSignInInsightProperties{} + default: + b = &AccessReviewDecisionInsightProperties{} + } + if err := json.Unmarshal(rawMsg, b); err != nil { + return nil, err + } + return b, nil +} + +func unmarshalAlertConfigurationPropertiesClassification(rawMsg json.RawMessage) (AlertConfigurationPropertiesClassification, error) { + if rawMsg == nil { + return nil, nil + } + var m map[string]any + if err := json.Unmarshal(rawMsg, &m); err != nil { + return nil, err + } + var b AlertConfigurationPropertiesClassification + switch m["alertConfigurationType"] { + case "AzureRolesAssignedOutsidePimAlertConfiguration": + b = &AzureRolesAssignedOutsidePimAlertConfigurationProperties{} + case "DuplicateRoleCreatedAlertConfiguration": + b = &DuplicateRoleCreatedAlertConfigurationProperties{} + case "TooManyOwnersAssignedToResourceAlertConfiguration": + b = &TooManyOwnersAssignedToResourceAlertConfigurationProperties{} + case "TooManyPermanentOwnersAssignedToResourceAlertConfiguration": + b = &TooManyPermanentOwnersAssignedToResourceAlertConfigurationProperties{} + default: + b = &AlertConfigurationProperties{} + } + if err := json.Unmarshal(rawMsg, b); err != nil { + return nil, err + } + return b, nil +} + +func unmarshalAlertIncidentPropertiesClassification(rawMsg json.RawMessage) (AlertIncidentPropertiesClassification, error) { + if rawMsg == nil { + return nil, nil + } + var m map[string]any + if err := json.Unmarshal(rawMsg, &m); err != nil { + return nil, err + } + var b AlertIncidentPropertiesClassification + switch m["alertIncidentType"] { + case "AzureRolesAssignedOutsidePimAlertIncident": + b = &AzureRolesAssignedOutsidePimAlertIncidentProperties{} + case "DuplicateRoleCreatedAlertIncident": + b = &DuplicateRoleCreatedAlertIncidentProperties{} + case "TooManyOwnersAssignedToResourceAlertIncident": + b = &TooManyOwnersAssignedToResourceAlertIncidentProperties{} + case "TooManyPermanentOwnersAssignedToResourceAlertIncident": + b = &TooManyPermanentOwnersAssignedToResourceAlertIncidentProperties{} + default: + b = &AlertIncidentProperties{} + } + if err := json.Unmarshal(rawMsg, b); err != nil { + return nil, err + } + return b, nil +} + +func unmarshalRoleManagementPolicyRuleClassification(rawMsg json.RawMessage) (RoleManagementPolicyRuleClassification, error) { + if rawMsg == nil { + return nil, nil + } + var m map[string]any + if err := json.Unmarshal(rawMsg, &m); err != nil { + return nil, err + } + var b RoleManagementPolicyRuleClassification + switch m["ruleType"] { + case string(RoleManagementPolicyRuleTypeRoleManagementPolicyApprovalRule): + b = &RoleManagementPolicyApprovalRule{} + case string(RoleManagementPolicyRuleTypeRoleManagementPolicyAuthenticationContextRule): + b = &RoleManagementPolicyAuthenticationContextRule{} + case string(RoleManagementPolicyRuleTypeRoleManagementPolicyEnablementRule): + b = &RoleManagementPolicyEnablementRule{} + case string(RoleManagementPolicyRuleTypeRoleManagementPolicyExpirationRule): + b = &RoleManagementPolicyExpirationRule{} + case string(RoleManagementPolicyRuleTypeRoleManagementPolicyNotificationRule): + b = &RoleManagementPolicyNotificationRule{} + default: + b = &RoleManagementPolicyRule{} + } + if err := json.Unmarshal(rawMsg, b); err != nil { + return nil, err + } + return b, nil +} + +func unmarshalRoleManagementPolicyRuleClassificationArray(rawMsg json.RawMessage) ([]RoleManagementPolicyRuleClassification, error) { + if rawMsg == nil { + return nil, nil + } + var rawMessages []json.RawMessage + if err := json.Unmarshal(rawMsg, &rawMessages); err != nil { + return nil, err + } + fArray := make([]RoleManagementPolicyRuleClassification, len(rawMessages)) + for index, rawMessage := range rawMessages { + f, err := unmarshalRoleManagementPolicyRuleClassification(rawMessage) + if err != nil { + return nil, err + } + fArray[index] = f + } + return fArray, nil +} diff --git a/vendor/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3/provideroperationsmetadata_client.go b/vendor/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3/provideroperationsmetadata_client.go new file mode 100644 index 00000000000..dccd8687a1f --- /dev/null +++ b/vendor/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3/provideroperationsmetadata_client.go @@ -0,0 +1,149 @@ +//go:build go1.18 +// +build go1.18 + +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package armauthorization + +import ( + "context" + "github.com/Azure/azure-sdk-for-go/sdk/azcore" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/arm" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/policy" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "net/http" + "strings" +) + +// ProviderOperationsMetadataClient contains the methods for the ProviderOperationsMetadata group. +// Don't use this type directly, use NewProviderOperationsMetadataClient() instead. +type ProviderOperationsMetadataClient struct { + internal *arm.Client +} + +// NewProviderOperationsMetadataClient creates a new instance of ProviderOperationsMetadataClient with the specified values. +// - credential - used to authorize requests. Usually a credential from azidentity. +// - options - pass nil to accept the default values. +func NewProviderOperationsMetadataClient(credential azcore.TokenCredential, options *arm.ClientOptions) (*ProviderOperationsMetadataClient, error) { + cl, err := arm.NewClient(moduleName, moduleVersion, credential, options) + if err != nil { + return nil, err + } + client := &ProviderOperationsMetadataClient{ + internal: cl, + } + return client, nil +} + +// Get - Gets provider operations metadata for the specified resource provider. +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2022-04-01 +// - resourceProviderNamespace - The namespace of the resource provider. +// - options - ProviderOperationsMetadataClientGetOptions contains the optional parameters for the ProviderOperationsMetadataClient.Get +// method. +func (client *ProviderOperationsMetadataClient) Get(ctx context.Context, resourceProviderNamespace string, options *ProviderOperationsMetadataClientGetOptions) (ProviderOperationsMetadataClientGetResponse, error) { + var err error + const operationName = "ProviderOperationsMetadataClient.Get" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.getCreateRequest(ctx, resourceProviderNamespace, options) + if err != nil { + return ProviderOperationsMetadataClientGetResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return ProviderOperationsMetadataClientGetResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK) { + err = runtime.NewResponseError(httpResp) + return ProviderOperationsMetadataClientGetResponse{}, err + } + resp, err := client.getHandleResponse(httpResp) + return resp, err +} + +// getCreateRequest creates the Get request. +func (client *ProviderOperationsMetadataClient) getCreateRequest(ctx context.Context, resourceProviderNamespace string, options *ProviderOperationsMetadataClientGetOptions) (*policy.Request, error) { + urlPath := "/providers/Microsoft.Authorization/providerOperations/{resourceProviderNamespace}" + urlPath = strings.ReplaceAll(urlPath, "{resourceProviderNamespace}", resourceProviderNamespace) + req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2022-04-01") + if options != nil && options.Expand != nil { + reqQP.Set("$expand", *options.Expand) + } + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// getHandleResponse handles the Get response. +func (client *ProviderOperationsMetadataClient) getHandleResponse(resp *http.Response) (ProviderOperationsMetadataClientGetResponse, error) { + result := ProviderOperationsMetadataClientGetResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.ProviderOperationsMetadata); err != nil { + return ProviderOperationsMetadataClientGetResponse{}, err + } + return result, nil +} + +// NewListPager - Gets provider operations metadata for all resource providers. +// +// Generated from API version 2022-04-01 +// - options - ProviderOperationsMetadataClientListOptions contains the optional parameters for the ProviderOperationsMetadataClient.NewListPager +// method. +func (client *ProviderOperationsMetadataClient) NewListPager(options *ProviderOperationsMetadataClientListOptions) *runtime.Pager[ProviderOperationsMetadataClientListResponse] { + return runtime.NewPager(runtime.PagingHandler[ProviderOperationsMetadataClientListResponse]{ + More: func(page ProviderOperationsMetadataClientListResponse) bool { + return page.NextLink != nil && len(*page.NextLink) > 0 + }, + Fetcher: func(ctx context.Context, page *ProviderOperationsMetadataClientListResponse) (ProviderOperationsMetadataClientListResponse, error) { + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, "ProviderOperationsMetadataClient.NewListPager") + nextLink := "" + if page != nil { + nextLink = *page.NextLink + } + resp, err := runtime.FetcherForNextLink(ctx, client.internal.Pipeline(), nextLink, func(ctx context.Context) (*policy.Request, error) { + return client.listCreateRequest(ctx, options) + }, nil) + if err != nil { + return ProviderOperationsMetadataClientListResponse{}, err + } + return client.listHandleResponse(resp) + }, + Tracer: client.internal.Tracer(), + }) +} + +// listCreateRequest creates the List request. +func (client *ProviderOperationsMetadataClient) listCreateRequest(ctx context.Context, options *ProviderOperationsMetadataClientListOptions) (*policy.Request, error) { + urlPath := "/providers/Microsoft.Authorization/providerOperations" + req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2022-04-01") + if options != nil && options.Expand != nil { + reqQP.Set("$expand", *options.Expand) + } + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// listHandleResponse handles the List response. +func (client *ProviderOperationsMetadataClient) listHandleResponse(resp *http.Response) (ProviderOperationsMetadataClientListResponse, error) { + result := ProviderOperationsMetadataClientListResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.ProviderOperationsMetadataListResult); err != nil { + return ProviderOperationsMetadataClientListResponse{}, err + } + return result, nil +} diff --git a/vendor/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3/response_types.go b/vendor/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3/response_types.go new file mode 100644 index 00000000000..2c2789c56ff --- /dev/null +++ b/vendor/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3/response_types.go @@ -0,0 +1,717 @@ +//go:build go1.18 +// +build go1.18 + +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package armauthorization + +// AccessReviewDefaultSettingsClientGetResponse contains the response from method AccessReviewDefaultSettingsClient.Get. +type AccessReviewDefaultSettingsClientGetResponse struct { + // Access Review Default Settings. + AccessReviewDefaultSettings +} + +// AccessReviewDefaultSettingsClientPutResponse contains the response from method AccessReviewDefaultSettingsClient.Put. +type AccessReviewDefaultSettingsClientPutResponse struct { + // Access Review Default Settings. + AccessReviewDefaultSettings +} + +// AccessReviewHistoryDefinitionClientCreateResponse contains the response from method AccessReviewHistoryDefinitionClient.Create. +type AccessReviewHistoryDefinitionClientCreateResponse struct { + // Access Review History Definition. + AccessReviewHistoryDefinition +} + +// AccessReviewHistoryDefinitionClientDeleteByIDResponse contains the response from method AccessReviewHistoryDefinitionClient.DeleteByID. +type AccessReviewHistoryDefinitionClientDeleteByIDResponse struct { + // placeholder for future response values +} + +// AccessReviewHistoryDefinitionInstanceClientGenerateDownloadURIResponse contains the response from method AccessReviewHistoryDefinitionInstanceClient.GenerateDownloadURI. +type AccessReviewHistoryDefinitionInstanceClientGenerateDownloadURIResponse struct { + // Access Review History Definition Instance. + AccessReviewHistoryInstance +} + +// AccessReviewHistoryDefinitionInstancesClientListResponse contains the response from method AccessReviewHistoryDefinitionInstancesClient.NewListPager. +type AccessReviewHistoryDefinitionInstancesClientListResponse struct { + // List of Access Review History Instances. + AccessReviewHistoryDefinitionInstanceListResult +} + +// AccessReviewHistoryDefinitionsClientGetByIDResponse contains the response from method AccessReviewHistoryDefinitionsClient.GetByID. +type AccessReviewHistoryDefinitionsClientGetByIDResponse struct { + // Access Review History Definition. + AccessReviewHistoryDefinition +} + +// AccessReviewHistoryDefinitionsClientListResponse contains the response from method AccessReviewHistoryDefinitionsClient.NewListPager. +type AccessReviewHistoryDefinitionsClientListResponse struct { + // List of Access Review History Definitions. + AccessReviewHistoryDefinitionListResult +} + +// AccessReviewInstanceClientAcceptRecommendationsResponse contains the response from method AccessReviewInstanceClient.AcceptRecommendations. +type AccessReviewInstanceClientAcceptRecommendationsResponse struct { + // placeholder for future response values +} + +// AccessReviewInstanceClientApplyDecisionsResponse contains the response from method AccessReviewInstanceClient.ApplyDecisions. +type AccessReviewInstanceClientApplyDecisionsResponse struct { + // placeholder for future response values +} + +// AccessReviewInstanceClientResetDecisionsResponse contains the response from method AccessReviewInstanceClient.ResetDecisions. +type AccessReviewInstanceClientResetDecisionsResponse struct { + // placeholder for future response values +} + +// AccessReviewInstanceClientSendRemindersResponse contains the response from method AccessReviewInstanceClient.SendReminders. +type AccessReviewInstanceClientSendRemindersResponse struct { + // placeholder for future response values +} + +// AccessReviewInstanceClientStopResponse contains the response from method AccessReviewInstanceClient.Stop. +type AccessReviewInstanceClientStopResponse struct { + // placeholder for future response values +} + +// AccessReviewInstanceContactedReviewersClientListResponse contains the response from method AccessReviewInstanceContactedReviewersClient.NewListPager. +type AccessReviewInstanceContactedReviewersClientListResponse struct { + // List of access review contacted reviewers. + AccessReviewContactedReviewerListResult +} + +// AccessReviewInstanceDecisionsClientListResponse contains the response from method AccessReviewInstanceDecisionsClient.NewListPager. +type AccessReviewInstanceDecisionsClientListResponse struct { + // List of access review decisions. + AccessReviewDecisionListResult +} + +// AccessReviewInstanceMyDecisionsClientGetByIDResponse contains the response from method AccessReviewInstanceMyDecisionsClient.GetByID. +type AccessReviewInstanceMyDecisionsClientGetByIDResponse struct { + // Access Review. + AccessReviewDecision +} + +// AccessReviewInstanceMyDecisionsClientListResponse contains the response from method AccessReviewInstanceMyDecisionsClient.NewListPager. +type AccessReviewInstanceMyDecisionsClientListResponse struct { + // List of access review decisions. + AccessReviewDecisionListResult +} + +// AccessReviewInstanceMyDecisionsClientPatchResponse contains the response from method AccessReviewInstanceMyDecisionsClient.Patch. +type AccessReviewInstanceMyDecisionsClientPatchResponse struct { + // Access Review. + AccessReviewDecision +} + +// AccessReviewInstancesAssignedForMyApprovalClientGetByIDResponse contains the response from method AccessReviewInstancesAssignedForMyApprovalClient.GetByID. +type AccessReviewInstancesAssignedForMyApprovalClientGetByIDResponse struct { + // Access Review Instance. + AccessReviewInstance +} + +// AccessReviewInstancesAssignedForMyApprovalClientListResponse contains the response from method AccessReviewInstancesAssignedForMyApprovalClient.NewListPager. +type AccessReviewInstancesAssignedForMyApprovalClientListResponse struct { + // List of Access Review Instances. + AccessReviewInstanceListResult +} + +// AccessReviewInstancesClientCreateResponse contains the response from method AccessReviewInstancesClient.Create. +type AccessReviewInstancesClientCreateResponse struct { + // Access Review Instance. + AccessReviewInstance +} + +// AccessReviewInstancesClientGetByIDResponse contains the response from method AccessReviewInstancesClient.GetByID. +type AccessReviewInstancesClientGetByIDResponse struct { + // Access Review Instance. + AccessReviewInstance +} + +// AccessReviewInstancesClientListResponse contains the response from method AccessReviewInstancesClient.NewListPager. +type AccessReviewInstancesClientListResponse struct { + // List of Access Review Instances. + AccessReviewInstanceListResult +} + +// AccessReviewScheduleDefinitionsAssignedForMyApprovalClientListResponse contains the response from method AccessReviewScheduleDefinitionsAssignedForMyApprovalClient.NewListPager. +type AccessReviewScheduleDefinitionsAssignedForMyApprovalClientListResponse struct { + // List of Access Review Schedule Definitions. + AccessReviewScheduleDefinitionListResult +} + +// AccessReviewScheduleDefinitionsClientCreateOrUpdateByIDResponse contains the response from method AccessReviewScheduleDefinitionsClient.CreateOrUpdateByID. +type AccessReviewScheduleDefinitionsClientCreateOrUpdateByIDResponse struct { + // Access Review Schedule Definition. + AccessReviewScheduleDefinition +} + +// AccessReviewScheduleDefinitionsClientDeleteByIDResponse contains the response from method AccessReviewScheduleDefinitionsClient.DeleteByID. +type AccessReviewScheduleDefinitionsClientDeleteByIDResponse struct { + // placeholder for future response values +} + +// AccessReviewScheduleDefinitionsClientGetByIDResponse contains the response from method AccessReviewScheduleDefinitionsClient.GetByID. +type AccessReviewScheduleDefinitionsClientGetByIDResponse struct { + // Access Review Schedule Definition. + AccessReviewScheduleDefinition +} + +// AccessReviewScheduleDefinitionsClientListResponse contains the response from method AccessReviewScheduleDefinitionsClient.NewListPager. +type AccessReviewScheduleDefinitionsClientListResponse struct { + // List of Access Review Schedule Definitions. + AccessReviewScheduleDefinitionListResult +} + +// AccessReviewScheduleDefinitionsClientStopResponse contains the response from method AccessReviewScheduleDefinitionsClient.Stop. +type AccessReviewScheduleDefinitionsClientStopResponse struct { + // placeholder for future response values +} + +// AlertConfigurationsClientGetResponse contains the response from method AlertConfigurationsClient.Get. +type AlertConfigurationsClientGetResponse struct { + // Alert configuration. + AlertConfiguration +} + +// AlertConfigurationsClientListForScopeResponse contains the response from method AlertConfigurationsClient.NewListForScopePager. +type AlertConfigurationsClientListForScopeResponse struct { + // Alert configuration list operation result. + AlertConfigurationListResult +} + +// AlertConfigurationsClientUpdateResponse contains the response from method AlertConfigurationsClient.Update. +type AlertConfigurationsClientUpdateResponse struct { + // placeholder for future response values +} + +// AlertDefinitionsClientGetResponse contains the response from method AlertDefinitionsClient.Get. +type AlertDefinitionsClientGetResponse struct { + // Alert definition + AlertDefinition +} + +// AlertDefinitionsClientListForScopeResponse contains the response from method AlertDefinitionsClient.NewListForScopePager. +type AlertDefinitionsClientListForScopeResponse struct { + // Alert definition list operation result. + AlertDefinitionListResult +} + +// AlertIncidentsClientGetResponse contains the response from method AlertIncidentsClient.Get. +type AlertIncidentsClientGetResponse struct { + // Alert incident + AlertIncident +} + +// AlertIncidentsClientListForScopeResponse contains the response from method AlertIncidentsClient.NewListForScopePager. +type AlertIncidentsClientListForScopeResponse struct { + // Alert incident list operation result. + AlertIncidentListResult +} + +// AlertIncidentsClientRemediateResponse contains the response from method AlertIncidentsClient.Remediate. +type AlertIncidentsClientRemediateResponse struct { + // placeholder for future response values +} + +// AlertOperationClientGetResponse contains the response from method AlertOperationClient.Get. +type AlertOperationClientGetResponse struct { + // Alert operation result + AlertOperationResult +} + +// AlertsClientGetResponse contains the response from method AlertsClient.Get. +type AlertsClientGetResponse struct { + // The alert. + Alert +} + +// AlertsClientListForScopeResponse contains the response from method AlertsClient.NewListForScopePager. +type AlertsClientListForScopeResponse struct { + // Alert list operation result. + AlertListResult +} + +// AlertsClientRefreshAllResponse contains the response from method AlertsClient.BeginRefreshAll. +type AlertsClientRefreshAllResponse struct { + // Alert operation result + AlertOperationResult +} + +// AlertsClientRefreshResponse contains the response from method AlertsClient.BeginRefresh. +type AlertsClientRefreshResponse struct { + // Alert operation result + AlertOperationResult +} + +// AlertsClientUpdateResponse contains the response from method AlertsClient.Update. +type AlertsClientUpdateResponse struct { + // placeholder for future response values +} + +// ClassicAdministratorsClientListResponse contains the response from method ClassicAdministratorsClient.NewListPager. +type ClassicAdministratorsClientListResponse struct { + // ClassicAdministrator list result information. + ClassicAdministratorListResult +} + +// DenyAssignmentsClientGetByIDResponse contains the response from method DenyAssignmentsClient.GetByID. +type DenyAssignmentsClientGetByIDResponse struct { + // Deny Assignment + DenyAssignment +} + +// DenyAssignmentsClientGetResponse contains the response from method DenyAssignmentsClient.Get. +type DenyAssignmentsClientGetResponse struct { + // Deny Assignment + DenyAssignment +} + +// DenyAssignmentsClientListForResourceGroupResponse contains the response from method DenyAssignmentsClient.NewListForResourceGroupPager. +type DenyAssignmentsClientListForResourceGroupResponse struct { + // Deny assignment list operation result. + DenyAssignmentListResult +} + +// DenyAssignmentsClientListForResourceResponse contains the response from method DenyAssignmentsClient.NewListForResourcePager. +type DenyAssignmentsClientListForResourceResponse struct { + // Deny assignment list operation result. + DenyAssignmentListResult +} + +// DenyAssignmentsClientListForScopeResponse contains the response from method DenyAssignmentsClient.NewListForScopePager. +type DenyAssignmentsClientListForScopeResponse struct { + // Deny assignment list operation result. + DenyAssignmentListResult +} + +// DenyAssignmentsClientListResponse contains the response from method DenyAssignmentsClient.NewListPager. +type DenyAssignmentsClientListResponse struct { + // Deny assignment list operation result. + DenyAssignmentListResult +} + +// EligibleChildResourcesClientGetResponse contains the response from method EligibleChildResourcesClient.NewGetPager. +type EligibleChildResourcesClientGetResponse struct { + // Eligible child resources list operation result. + EligibleChildResourcesListResult +} + +// GlobalAdministratorClientElevateAccessResponse contains the response from method GlobalAdministratorClient.ElevateAccess. +type GlobalAdministratorClientElevateAccessResponse struct { + // placeholder for future response values +} + +// OperationsClientListResponse contains the response from method OperationsClient.NewListPager. +type OperationsClientListResponse struct { + // The result of a request to list Microsoft.Authorization operations. + OperationListResult +} + +// PermissionsClientListForResourceGroupResponse contains the response from method PermissionsClient.NewListForResourceGroupPager. +type PermissionsClientListForResourceGroupResponse struct { + // Permissions information. + PermissionGetResult +} + +// PermissionsClientListForResourceResponse contains the response from method PermissionsClient.NewListForResourcePager. +type PermissionsClientListForResourceResponse struct { + // Permissions information. + PermissionGetResult +} + +// ProviderOperationsMetadataClientGetResponse contains the response from method ProviderOperationsMetadataClient.Get. +type ProviderOperationsMetadataClientGetResponse struct { + // Provider Operations metadata + ProviderOperationsMetadata +} + +// ProviderOperationsMetadataClientListResponse contains the response from method ProviderOperationsMetadataClient.NewListPager. +type ProviderOperationsMetadataClientListResponse struct { + // Provider operations metadata list + ProviderOperationsMetadataListResult +} + +// RoleAssignmentScheduleInstancesClientGetResponse contains the response from method RoleAssignmentScheduleInstancesClient.Get. +type RoleAssignmentScheduleInstancesClientGetResponse struct { + // Information about current or upcoming role assignment schedule instance + RoleAssignmentScheduleInstance +} + +// RoleAssignmentScheduleInstancesClientListForScopeResponse contains the response from method RoleAssignmentScheduleInstancesClient.NewListForScopePager. +type RoleAssignmentScheduleInstancesClientListForScopeResponse struct { + // Role assignment schedule instance list operation result. + RoleAssignmentScheduleInstanceListResult +} + +// RoleAssignmentScheduleRequestsClientCancelResponse contains the response from method RoleAssignmentScheduleRequestsClient.Cancel. +type RoleAssignmentScheduleRequestsClientCancelResponse struct { + // placeholder for future response values +} + +// RoleAssignmentScheduleRequestsClientCreateResponse contains the response from method RoleAssignmentScheduleRequestsClient.Create. +type RoleAssignmentScheduleRequestsClientCreateResponse struct { + // Role Assignment schedule request + RoleAssignmentScheduleRequest +} + +// RoleAssignmentScheduleRequestsClientGetResponse contains the response from method RoleAssignmentScheduleRequestsClient.Get. +type RoleAssignmentScheduleRequestsClientGetResponse struct { + // Role Assignment schedule request + RoleAssignmentScheduleRequest +} + +// RoleAssignmentScheduleRequestsClientListForScopeResponse contains the response from method RoleAssignmentScheduleRequestsClient.NewListForScopePager. +type RoleAssignmentScheduleRequestsClientListForScopeResponse struct { + // Role assignment schedule request list operation result. + RoleAssignmentScheduleRequestListResult +} + +// RoleAssignmentScheduleRequestsClientValidateResponse contains the response from method RoleAssignmentScheduleRequestsClient.Validate. +type RoleAssignmentScheduleRequestsClientValidateResponse struct { + // Role Assignment schedule request + RoleAssignmentScheduleRequest +} + +// RoleAssignmentSchedulesClientGetResponse contains the response from method RoleAssignmentSchedulesClient.Get. +type RoleAssignmentSchedulesClientGetResponse struct { + // Role Assignment schedule + RoleAssignmentSchedule +} + +// RoleAssignmentSchedulesClientListForScopeResponse contains the response from method RoleAssignmentSchedulesClient.NewListForScopePager. +type RoleAssignmentSchedulesClientListForScopeResponse struct { + // Role assignment schedule list operation result. + RoleAssignmentScheduleListResult +} + +// RoleAssignmentsClientCreateByIDResponse contains the response from method RoleAssignmentsClient.CreateByID. +type RoleAssignmentsClientCreateByIDResponse struct { + // Role Assignments + RoleAssignment +} + +// RoleAssignmentsClientCreateResponse contains the response from method RoleAssignmentsClient.Create. +type RoleAssignmentsClientCreateResponse struct { + // Role Assignments + RoleAssignment +} + +// RoleAssignmentsClientDeleteByIDResponse contains the response from method RoleAssignmentsClient.DeleteByID. +type RoleAssignmentsClientDeleteByIDResponse struct { + // Role Assignments + RoleAssignment +} + +// RoleAssignmentsClientDeleteResponse contains the response from method RoleAssignmentsClient.Delete. +type RoleAssignmentsClientDeleteResponse struct { + // Role Assignments + RoleAssignment +} + +// RoleAssignmentsClientGetByIDResponse contains the response from method RoleAssignmentsClient.GetByID. +type RoleAssignmentsClientGetByIDResponse struct { + // Role Assignments + RoleAssignment +} + +// RoleAssignmentsClientGetResponse contains the response from method RoleAssignmentsClient.Get. +type RoleAssignmentsClientGetResponse struct { + // Role Assignments + RoleAssignment +} + +// RoleAssignmentsClientListForResourceGroupResponse contains the response from method RoleAssignmentsClient.NewListForResourceGroupPager. +type RoleAssignmentsClientListForResourceGroupResponse struct { + // Role assignment list operation result. + RoleAssignmentListResult +} + +// RoleAssignmentsClientListForResourceResponse contains the response from method RoleAssignmentsClient.NewListForResourcePager. +type RoleAssignmentsClientListForResourceResponse struct { + // Role assignment list operation result. + RoleAssignmentListResult +} + +// RoleAssignmentsClientListForScopeResponse contains the response from method RoleAssignmentsClient.NewListForScopePager. +type RoleAssignmentsClientListForScopeResponse struct { + // Role assignment list operation result. + RoleAssignmentListResult +} + +// RoleAssignmentsClientListForSubscriptionResponse contains the response from method RoleAssignmentsClient.NewListForSubscriptionPager. +type RoleAssignmentsClientListForSubscriptionResponse struct { + // Role assignment list operation result. + RoleAssignmentListResult +} + +// RoleDefinitionsClientCreateOrUpdateResponse contains the response from method RoleDefinitionsClient.CreateOrUpdate. +type RoleDefinitionsClientCreateOrUpdateResponse struct { + // Role definition. + RoleDefinition +} + +// RoleDefinitionsClientDeleteResponse contains the response from method RoleDefinitionsClient.Delete. +type RoleDefinitionsClientDeleteResponse struct { + // Role definition. + RoleDefinition +} + +// RoleDefinitionsClientGetByIDResponse contains the response from method RoleDefinitionsClient.GetByID. +type RoleDefinitionsClientGetByIDResponse struct { + // Role definition. + RoleDefinition +} + +// RoleDefinitionsClientGetResponse contains the response from method RoleDefinitionsClient.Get. +type RoleDefinitionsClientGetResponse struct { + // Role definition. + RoleDefinition +} + +// RoleDefinitionsClientListResponse contains the response from method RoleDefinitionsClient.NewListPager. +type RoleDefinitionsClientListResponse struct { + // Role definition list operation result. + RoleDefinitionListResult +} + +// RoleEligibilityScheduleInstancesClientGetResponse contains the response from method RoleEligibilityScheduleInstancesClient.Get. +type RoleEligibilityScheduleInstancesClientGetResponse struct { + // Information about current or upcoming role eligibility schedule instance + RoleEligibilityScheduleInstance +} + +// RoleEligibilityScheduleInstancesClientListForScopeResponse contains the response from method RoleEligibilityScheduleInstancesClient.NewListForScopePager. +type RoleEligibilityScheduleInstancesClientListForScopeResponse struct { + // Role eligibility schedule instance list operation result. + RoleEligibilityScheduleInstanceListResult +} + +// RoleEligibilityScheduleRequestsClientCancelResponse contains the response from method RoleEligibilityScheduleRequestsClient.Cancel. +type RoleEligibilityScheduleRequestsClientCancelResponse struct { + // placeholder for future response values +} + +// RoleEligibilityScheduleRequestsClientCreateResponse contains the response from method RoleEligibilityScheduleRequestsClient.Create. +type RoleEligibilityScheduleRequestsClientCreateResponse struct { + // Role Eligibility schedule request + RoleEligibilityScheduleRequest +} + +// RoleEligibilityScheduleRequestsClientGetResponse contains the response from method RoleEligibilityScheduleRequestsClient.Get. +type RoleEligibilityScheduleRequestsClientGetResponse struct { + // Role Eligibility schedule request + RoleEligibilityScheduleRequest +} + +// RoleEligibilityScheduleRequestsClientListForScopeResponse contains the response from method RoleEligibilityScheduleRequestsClient.NewListForScopePager. +type RoleEligibilityScheduleRequestsClientListForScopeResponse struct { + // Role eligibility schedule request list operation result. + RoleEligibilityScheduleRequestListResult +} + +// RoleEligibilityScheduleRequestsClientValidateResponse contains the response from method RoleEligibilityScheduleRequestsClient.Validate. +type RoleEligibilityScheduleRequestsClientValidateResponse struct { + // Role Eligibility schedule request + RoleEligibilityScheduleRequest +} + +// RoleEligibilitySchedulesClientGetResponse contains the response from method RoleEligibilitySchedulesClient.Get. +type RoleEligibilitySchedulesClientGetResponse struct { + // Role eligibility schedule + RoleEligibilitySchedule +} + +// RoleEligibilitySchedulesClientListForScopeResponse contains the response from method RoleEligibilitySchedulesClient.NewListForScopePager. +type RoleEligibilitySchedulesClientListForScopeResponse struct { + // role eligibility schedule list operation result. + RoleEligibilityScheduleListResult +} + +// RoleManagementPoliciesClientDeleteResponse contains the response from method RoleManagementPoliciesClient.Delete. +type RoleManagementPoliciesClientDeleteResponse struct { + // placeholder for future response values +} + +// RoleManagementPoliciesClientGetResponse contains the response from method RoleManagementPoliciesClient.Get. +type RoleManagementPoliciesClientGetResponse struct { + // Role management policy + RoleManagementPolicy +} + +// RoleManagementPoliciesClientListForScopeResponse contains the response from method RoleManagementPoliciesClient.NewListForScopePager. +type RoleManagementPoliciesClientListForScopeResponse struct { + // Role management policy list operation result. + RoleManagementPolicyListResult +} + +// RoleManagementPoliciesClientUpdateResponse contains the response from method RoleManagementPoliciesClient.Update. +type RoleManagementPoliciesClientUpdateResponse struct { + // Role management policy + RoleManagementPolicy +} + +// RoleManagementPolicyAssignmentsClientCreateResponse contains the response from method RoleManagementPolicyAssignmentsClient.Create. +type RoleManagementPolicyAssignmentsClientCreateResponse struct { + // Role management policy + RoleManagementPolicyAssignment +} + +// RoleManagementPolicyAssignmentsClientDeleteResponse contains the response from method RoleManagementPolicyAssignmentsClient.Delete. +type RoleManagementPolicyAssignmentsClientDeleteResponse struct { + // placeholder for future response values +} + +// RoleManagementPolicyAssignmentsClientGetResponse contains the response from method RoleManagementPolicyAssignmentsClient.Get. +type RoleManagementPolicyAssignmentsClientGetResponse struct { + // Role management policy + RoleManagementPolicyAssignment +} + +// RoleManagementPolicyAssignmentsClientListForScopeResponse contains the response from method RoleManagementPolicyAssignmentsClient.NewListForScopePager. +type RoleManagementPolicyAssignmentsClientListForScopeResponse struct { + // Role management policy assignment list operation result. + RoleManagementPolicyAssignmentListResult +} + +// ScopeAccessReviewDefaultSettingsClientGetResponse contains the response from method ScopeAccessReviewDefaultSettingsClient.Get. +type ScopeAccessReviewDefaultSettingsClientGetResponse struct { + // Access Review Default Settings. + AccessReviewDefaultSettings +} + +// ScopeAccessReviewDefaultSettingsClientPutResponse contains the response from method ScopeAccessReviewDefaultSettingsClient.Put. +type ScopeAccessReviewDefaultSettingsClientPutResponse struct { + // Access Review Default Settings. + AccessReviewDefaultSettings +} + +// ScopeAccessReviewHistoryDefinitionClientCreateResponse contains the response from method ScopeAccessReviewHistoryDefinitionClient.Create. +type ScopeAccessReviewHistoryDefinitionClientCreateResponse struct { + // Access Review History Definition. + AccessReviewHistoryDefinition +} + +// ScopeAccessReviewHistoryDefinitionClientDeleteByIDResponse contains the response from method ScopeAccessReviewHistoryDefinitionClient.DeleteByID. +type ScopeAccessReviewHistoryDefinitionClientDeleteByIDResponse struct { + // placeholder for future response values +} + +// ScopeAccessReviewHistoryDefinitionInstanceClientGenerateDownloadURIResponse contains the response from method ScopeAccessReviewHistoryDefinitionInstanceClient.GenerateDownloadURI. +type ScopeAccessReviewHistoryDefinitionInstanceClientGenerateDownloadURIResponse struct { + // Access Review History Definition Instance. + AccessReviewHistoryInstance +} + +// ScopeAccessReviewHistoryDefinitionInstancesClientListResponse contains the response from method ScopeAccessReviewHistoryDefinitionInstancesClient.NewListPager. +type ScopeAccessReviewHistoryDefinitionInstancesClientListResponse struct { + // List of Access Review History Instances. + AccessReviewHistoryDefinitionInstanceListResult +} + +// ScopeAccessReviewHistoryDefinitionsClientGetByIDResponse contains the response from method ScopeAccessReviewHistoryDefinitionsClient.GetByID. +type ScopeAccessReviewHistoryDefinitionsClientGetByIDResponse struct { + // Access Review History Definition. + AccessReviewHistoryDefinition +} + +// ScopeAccessReviewHistoryDefinitionsClientListResponse contains the response from method ScopeAccessReviewHistoryDefinitionsClient.NewListPager. +type ScopeAccessReviewHistoryDefinitionsClientListResponse struct { + // List of Access Review History Definitions. + AccessReviewHistoryDefinitionListResult +} + +// ScopeAccessReviewInstanceClientApplyDecisionsResponse contains the response from method ScopeAccessReviewInstanceClient.ApplyDecisions. +type ScopeAccessReviewInstanceClientApplyDecisionsResponse struct { + // placeholder for future response values +} + +// ScopeAccessReviewInstanceClientRecordAllDecisionsResponse contains the response from method ScopeAccessReviewInstanceClient.RecordAllDecisions. +type ScopeAccessReviewInstanceClientRecordAllDecisionsResponse struct { + // placeholder for future response values +} + +// ScopeAccessReviewInstanceClientResetDecisionsResponse contains the response from method ScopeAccessReviewInstanceClient.ResetDecisions. +type ScopeAccessReviewInstanceClientResetDecisionsResponse struct { + // placeholder for future response values +} + +// ScopeAccessReviewInstanceClientSendRemindersResponse contains the response from method ScopeAccessReviewInstanceClient.SendReminders. +type ScopeAccessReviewInstanceClientSendRemindersResponse struct { + // placeholder for future response values +} + +// ScopeAccessReviewInstanceClientStopResponse contains the response from method ScopeAccessReviewInstanceClient.Stop. +type ScopeAccessReviewInstanceClientStopResponse struct { + // placeholder for future response values +} + +// ScopeAccessReviewInstanceContactedReviewersClientListResponse contains the response from method ScopeAccessReviewInstanceContactedReviewersClient.NewListPager. +type ScopeAccessReviewInstanceContactedReviewersClientListResponse struct { + // List of access review contacted reviewers. + AccessReviewContactedReviewerListResult +} + +// ScopeAccessReviewInstanceDecisionsClientListResponse contains the response from method ScopeAccessReviewInstanceDecisionsClient.NewListPager. +type ScopeAccessReviewInstanceDecisionsClientListResponse struct { + // List of access review decisions. + AccessReviewDecisionListResult +} + +// ScopeAccessReviewInstancesClientCreateResponse contains the response from method ScopeAccessReviewInstancesClient.Create. +type ScopeAccessReviewInstancesClientCreateResponse struct { + // Access Review Instance. + AccessReviewInstance +} + +// ScopeAccessReviewInstancesClientGetByIDResponse contains the response from method ScopeAccessReviewInstancesClient.GetByID. +type ScopeAccessReviewInstancesClientGetByIDResponse struct { + // Access Review Instance. + AccessReviewInstance +} + +// ScopeAccessReviewInstancesClientListResponse contains the response from method ScopeAccessReviewInstancesClient.NewListPager. +type ScopeAccessReviewInstancesClientListResponse struct { + // List of Access Review Instances. + AccessReviewInstanceListResult +} + +// ScopeAccessReviewScheduleDefinitionsClientCreateOrUpdateByIDResponse contains the response from method ScopeAccessReviewScheduleDefinitionsClient.CreateOrUpdateByID. +type ScopeAccessReviewScheduleDefinitionsClientCreateOrUpdateByIDResponse struct { + // Access Review Schedule Definition. + AccessReviewScheduleDefinition +} + +// ScopeAccessReviewScheduleDefinitionsClientDeleteByIDResponse contains the response from method ScopeAccessReviewScheduleDefinitionsClient.DeleteByID. +type ScopeAccessReviewScheduleDefinitionsClientDeleteByIDResponse struct { + // placeholder for future response values +} + +// ScopeAccessReviewScheduleDefinitionsClientGetByIDResponse contains the response from method ScopeAccessReviewScheduleDefinitionsClient.GetByID. +type ScopeAccessReviewScheduleDefinitionsClientGetByIDResponse struct { + // Access Review Schedule Definition. + AccessReviewScheduleDefinition +} + +// ScopeAccessReviewScheduleDefinitionsClientListResponse contains the response from method ScopeAccessReviewScheduleDefinitionsClient.NewListPager. +type ScopeAccessReviewScheduleDefinitionsClientListResponse struct { + // List of Access Review Schedule Definitions. + AccessReviewScheduleDefinitionListResult +} + +// ScopeAccessReviewScheduleDefinitionsClientStopResponse contains the response from method ScopeAccessReviewScheduleDefinitionsClient.Stop. +type ScopeAccessReviewScheduleDefinitionsClientStopResponse struct { + // placeholder for future response values +} + +// TenantLevelAccessReviewInstanceContactedReviewersClientListResponse contains the response from method TenantLevelAccessReviewInstanceContactedReviewersClient.NewListPager. +type TenantLevelAccessReviewInstanceContactedReviewersClientListResponse struct { + // List of access review contacted reviewers. + AccessReviewContactedReviewerListResult +} diff --git a/vendor/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3/roleassignments_client.go b/vendor/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3/roleassignments_client.go new file mode 100644 index 00000000000..808b83f0afa --- /dev/null +++ b/vendor/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3/roleassignments_client.go @@ -0,0 +1,671 @@ +//go:build go1.18 +// +build go1.18 + +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package armauthorization + +import ( + "context" + "errors" + "github.com/Azure/azure-sdk-for-go/sdk/azcore" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/arm" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/policy" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "net/http" + "net/url" + "strings" +) + +// RoleAssignmentsClient contains the methods for the RoleAssignments group. +// Don't use this type directly, use NewRoleAssignmentsClient() instead. +type RoleAssignmentsClient struct { + internal *arm.Client + subscriptionID string +} + +// NewRoleAssignmentsClient creates a new instance of RoleAssignmentsClient with the specified values. +// - subscriptionID - The ID of the target subscription. +// - credential - used to authorize requests. Usually a credential from azidentity. +// - options - pass nil to accept the default values. +func NewRoleAssignmentsClient(subscriptionID string, credential azcore.TokenCredential, options *arm.ClientOptions) (*RoleAssignmentsClient, error) { + cl, err := arm.NewClient(moduleName, moduleVersion, credential, options) + if err != nil { + return nil, err + } + client := &RoleAssignmentsClient{ + subscriptionID: subscriptionID, + internal: cl, + } + return client, nil +} + +// Create - Create or update a role assignment by scope and name. +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2022-04-01 +// - scope - The scope of the operation or resource. Valid scopes are: subscription (format: '/subscriptions/{subscriptionId}'), +// resource group (format: +// '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}', or resource (format: +// '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/[{parentResourcePath}/]{resourceType}/{resourceName}' +// - roleAssignmentName - The name of the role assignment. It can be any valid GUID. +// - parameters - Parameters for the role assignment. +// - options - RoleAssignmentsClientCreateOptions contains the optional parameters for the RoleAssignmentsClient.Create method. +func (client *RoleAssignmentsClient) Create(ctx context.Context, scope string, roleAssignmentName string, parameters RoleAssignmentCreateParameters, options *RoleAssignmentsClientCreateOptions) (RoleAssignmentsClientCreateResponse, error) { + var err error + const operationName = "RoleAssignmentsClient.Create" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.createCreateRequest(ctx, scope, roleAssignmentName, parameters, options) + if err != nil { + return RoleAssignmentsClientCreateResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return RoleAssignmentsClientCreateResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK, http.StatusCreated) { + err = runtime.NewResponseError(httpResp) + return RoleAssignmentsClientCreateResponse{}, err + } + resp, err := client.createHandleResponse(httpResp) + return resp, err +} + +// createCreateRequest creates the Create request. +func (client *RoleAssignmentsClient) createCreateRequest(ctx context.Context, scope string, roleAssignmentName string, parameters RoleAssignmentCreateParameters, options *RoleAssignmentsClientCreateOptions) (*policy.Request, error) { + urlPath := "/{scope}/providers/Microsoft.Authorization/roleAssignments/{roleAssignmentName}" + urlPath = strings.ReplaceAll(urlPath, "{scope}", scope) + urlPath = strings.ReplaceAll(urlPath, "{roleAssignmentName}", roleAssignmentName) + req, err := runtime.NewRequest(ctx, http.MethodPut, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2022-04-01") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + if err := runtime.MarshalAsJSON(req, parameters); err != nil { + return nil, err + } + return req, nil +} + +// createHandleResponse handles the Create response. +func (client *RoleAssignmentsClient) createHandleResponse(resp *http.Response) (RoleAssignmentsClientCreateResponse, error) { + result := RoleAssignmentsClientCreateResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.RoleAssignment); err != nil { + return RoleAssignmentsClientCreateResponse{}, err + } + return result, nil +} + +// CreateByID - Create or update a role assignment by ID. +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2022-04-01 +// - roleAssignmentID - The fully qualified ID of the role assignment including scope, resource name, and resource type. Format: +// /{scope}/providers/Microsoft.Authorization/roleAssignments/{roleAssignmentName}. Example: +// /subscriptions//resourcegroups//providers/Microsoft.Authorization/roleAssignments/ +// - parameters - Parameters for the role assignment. +// - options - RoleAssignmentsClientCreateByIDOptions contains the optional parameters for the RoleAssignmentsClient.CreateByID +// method. +func (client *RoleAssignmentsClient) CreateByID(ctx context.Context, roleAssignmentID string, parameters RoleAssignmentCreateParameters, options *RoleAssignmentsClientCreateByIDOptions) (RoleAssignmentsClientCreateByIDResponse, error) { + var err error + const operationName = "RoleAssignmentsClient.CreateByID" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.createByIDCreateRequest(ctx, roleAssignmentID, parameters, options) + if err != nil { + return RoleAssignmentsClientCreateByIDResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return RoleAssignmentsClientCreateByIDResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK, http.StatusCreated) { + err = runtime.NewResponseError(httpResp) + return RoleAssignmentsClientCreateByIDResponse{}, err + } + resp, err := client.createByIDHandleResponse(httpResp) + return resp, err +} + +// createByIDCreateRequest creates the CreateByID request. +func (client *RoleAssignmentsClient) createByIDCreateRequest(ctx context.Context, roleAssignmentID string, parameters RoleAssignmentCreateParameters, options *RoleAssignmentsClientCreateByIDOptions) (*policy.Request, error) { + urlPath := "/{roleAssignmentId}" + urlPath = strings.ReplaceAll(urlPath, "{roleAssignmentId}", roleAssignmentID) + req, err := runtime.NewRequest(ctx, http.MethodPut, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2022-04-01") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + if err := runtime.MarshalAsJSON(req, parameters); err != nil { + return nil, err + } + return req, nil +} + +// createByIDHandleResponse handles the CreateByID response. +func (client *RoleAssignmentsClient) createByIDHandleResponse(resp *http.Response) (RoleAssignmentsClientCreateByIDResponse, error) { + result := RoleAssignmentsClientCreateByIDResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.RoleAssignment); err != nil { + return RoleAssignmentsClientCreateByIDResponse{}, err + } + return result, nil +} + +// Delete - Delete a role assignment by scope and name. +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2022-04-01 +// - scope - The scope of the operation or resource. Valid scopes are: subscription (format: '/subscriptions/{subscriptionId}'), +// resource group (format: +// '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}', or resource (format: +// '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/[{parentResourcePath}/]{resourceType}/{resourceName}' +// - roleAssignmentName - The name of the role assignment. It can be any valid GUID. +// - options - RoleAssignmentsClientDeleteOptions contains the optional parameters for the RoleAssignmentsClient.Delete method. +func (client *RoleAssignmentsClient) Delete(ctx context.Context, scope string, roleAssignmentName string, options *RoleAssignmentsClientDeleteOptions) (RoleAssignmentsClientDeleteResponse, error) { + var err error + const operationName = "RoleAssignmentsClient.Delete" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.deleteCreateRequest(ctx, scope, roleAssignmentName, options) + if err != nil { + return RoleAssignmentsClientDeleteResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return RoleAssignmentsClientDeleteResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK, http.StatusNoContent) { + err = runtime.NewResponseError(httpResp) + return RoleAssignmentsClientDeleteResponse{}, err + } + resp, err := client.deleteHandleResponse(httpResp) + return resp, err +} + +// deleteCreateRequest creates the Delete request. +func (client *RoleAssignmentsClient) deleteCreateRequest(ctx context.Context, scope string, roleAssignmentName string, options *RoleAssignmentsClientDeleteOptions) (*policy.Request, error) { + urlPath := "/{scope}/providers/Microsoft.Authorization/roleAssignments/{roleAssignmentName}" + urlPath = strings.ReplaceAll(urlPath, "{scope}", scope) + urlPath = strings.ReplaceAll(urlPath, "{roleAssignmentName}", roleAssignmentName) + req, err := runtime.NewRequest(ctx, http.MethodDelete, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2022-04-01") + if options != nil && options.TenantID != nil { + reqQP.Set("tenantId", *options.TenantID) + } + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// deleteHandleResponse handles the Delete response. +func (client *RoleAssignmentsClient) deleteHandleResponse(resp *http.Response) (RoleAssignmentsClientDeleteResponse, error) { + result := RoleAssignmentsClientDeleteResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.RoleAssignment); err != nil { + return RoleAssignmentsClientDeleteResponse{}, err + } + return result, nil +} + +// DeleteByID - Delete a role assignment by ID. +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2022-04-01 +// - roleAssignmentID - The fully qualified ID of the role assignment including scope, resource name, and resource type. Format: +// /{scope}/providers/Microsoft.Authorization/roleAssignments/{roleAssignmentName}. Example: +// /subscriptions//resourcegroups//providers/Microsoft.Authorization/roleAssignments/ +// - options - RoleAssignmentsClientDeleteByIDOptions contains the optional parameters for the RoleAssignmentsClient.DeleteByID +// method. +func (client *RoleAssignmentsClient) DeleteByID(ctx context.Context, roleAssignmentID string, options *RoleAssignmentsClientDeleteByIDOptions) (RoleAssignmentsClientDeleteByIDResponse, error) { + var err error + const operationName = "RoleAssignmentsClient.DeleteByID" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.deleteByIDCreateRequest(ctx, roleAssignmentID, options) + if err != nil { + return RoleAssignmentsClientDeleteByIDResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return RoleAssignmentsClientDeleteByIDResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK, http.StatusNoContent) { + err = runtime.NewResponseError(httpResp) + return RoleAssignmentsClientDeleteByIDResponse{}, err + } + resp, err := client.deleteByIDHandleResponse(httpResp) + return resp, err +} + +// deleteByIDCreateRequest creates the DeleteByID request. +func (client *RoleAssignmentsClient) deleteByIDCreateRequest(ctx context.Context, roleAssignmentID string, options *RoleAssignmentsClientDeleteByIDOptions) (*policy.Request, error) { + urlPath := "/{roleAssignmentId}" + urlPath = strings.ReplaceAll(urlPath, "{roleAssignmentId}", roleAssignmentID) + req, err := runtime.NewRequest(ctx, http.MethodDelete, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2022-04-01") + if options != nil && options.TenantID != nil { + reqQP.Set("tenantId", *options.TenantID) + } + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// deleteByIDHandleResponse handles the DeleteByID response. +func (client *RoleAssignmentsClient) deleteByIDHandleResponse(resp *http.Response) (RoleAssignmentsClientDeleteByIDResponse, error) { + result := RoleAssignmentsClientDeleteByIDResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.RoleAssignment); err != nil { + return RoleAssignmentsClientDeleteByIDResponse{}, err + } + return result, nil +} + +// Get - Get a role assignment by scope and name. +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2022-04-01 +// - scope - The scope of the operation or resource. Valid scopes are: subscription (format: '/subscriptions/{subscriptionId}'), +// resource group (format: +// '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}', or resource (format: +// '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/[{parentResourcePath}/]{resourceType}/{resourceName}' +// - roleAssignmentName - The name of the role assignment. It can be any valid GUID. +// - options - RoleAssignmentsClientGetOptions contains the optional parameters for the RoleAssignmentsClient.Get method. +func (client *RoleAssignmentsClient) Get(ctx context.Context, scope string, roleAssignmentName string, options *RoleAssignmentsClientGetOptions) (RoleAssignmentsClientGetResponse, error) { + var err error + const operationName = "RoleAssignmentsClient.Get" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.getCreateRequest(ctx, scope, roleAssignmentName, options) + if err != nil { + return RoleAssignmentsClientGetResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return RoleAssignmentsClientGetResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK) { + err = runtime.NewResponseError(httpResp) + return RoleAssignmentsClientGetResponse{}, err + } + resp, err := client.getHandleResponse(httpResp) + return resp, err +} + +// getCreateRequest creates the Get request. +func (client *RoleAssignmentsClient) getCreateRequest(ctx context.Context, scope string, roleAssignmentName string, options *RoleAssignmentsClientGetOptions) (*policy.Request, error) { + urlPath := "/{scope}/providers/Microsoft.Authorization/roleAssignments/{roleAssignmentName}" + urlPath = strings.ReplaceAll(urlPath, "{scope}", scope) + urlPath = strings.ReplaceAll(urlPath, "{roleAssignmentName}", roleAssignmentName) + req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2022-04-01") + if options != nil && options.TenantID != nil { + reqQP.Set("tenantId", *options.TenantID) + } + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// getHandleResponse handles the Get response. +func (client *RoleAssignmentsClient) getHandleResponse(resp *http.Response) (RoleAssignmentsClientGetResponse, error) { + result := RoleAssignmentsClientGetResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.RoleAssignment); err != nil { + return RoleAssignmentsClientGetResponse{}, err + } + return result, nil +} + +// GetByID - Get a role assignment by ID. +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2022-04-01 +// - roleAssignmentID - The fully qualified ID of the role assignment including scope, resource name, and resource type. Format: +// /{scope}/providers/Microsoft.Authorization/roleAssignments/{roleAssignmentName}. Example: +// /subscriptions//resourcegroups//providers/Microsoft.Authorization/roleAssignments/ +// - options - RoleAssignmentsClientGetByIDOptions contains the optional parameters for the RoleAssignmentsClient.GetByID method. +func (client *RoleAssignmentsClient) GetByID(ctx context.Context, roleAssignmentID string, options *RoleAssignmentsClientGetByIDOptions) (RoleAssignmentsClientGetByIDResponse, error) { + var err error + const operationName = "RoleAssignmentsClient.GetByID" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.getByIDCreateRequest(ctx, roleAssignmentID, options) + if err != nil { + return RoleAssignmentsClientGetByIDResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return RoleAssignmentsClientGetByIDResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK) { + err = runtime.NewResponseError(httpResp) + return RoleAssignmentsClientGetByIDResponse{}, err + } + resp, err := client.getByIDHandleResponse(httpResp) + return resp, err +} + +// getByIDCreateRequest creates the GetByID request. +func (client *RoleAssignmentsClient) getByIDCreateRequest(ctx context.Context, roleAssignmentID string, options *RoleAssignmentsClientGetByIDOptions) (*policy.Request, error) { + urlPath := "/{roleAssignmentId}" + urlPath = strings.ReplaceAll(urlPath, "{roleAssignmentId}", roleAssignmentID) + req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2022-04-01") + if options != nil && options.TenantID != nil { + reqQP.Set("tenantId", *options.TenantID) + } + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// getByIDHandleResponse handles the GetByID response. +func (client *RoleAssignmentsClient) getByIDHandleResponse(resp *http.Response) (RoleAssignmentsClientGetByIDResponse, error) { + result := RoleAssignmentsClientGetByIDResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.RoleAssignment); err != nil { + return RoleAssignmentsClientGetByIDResponse{}, err + } + return result, nil +} + +// NewListForResourcePager - List all role assignments that apply to a resource. +// +// Generated from API version 2022-04-01 +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - resourceProviderNamespace - The namespace of the resource provider. +// - resourceType - The resource type name. For example the type name of a web app is 'sites' (from Microsoft.Web/sites). +// - resourceName - The resource name. +// - options - RoleAssignmentsClientListForResourceOptions contains the optional parameters for the RoleAssignmentsClient.NewListForResourcePager +// method. +func (client *RoleAssignmentsClient) NewListForResourcePager(resourceGroupName string, resourceProviderNamespace string, resourceType string, resourceName string, options *RoleAssignmentsClientListForResourceOptions) *runtime.Pager[RoleAssignmentsClientListForResourceResponse] { + return runtime.NewPager(runtime.PagingHandler[RoleAssignmentsClientListForResourceResponse]{ + More: func(page RoleAssignmentsClientListForResourceResponse) bool { + return page.NextLink != nil && len(*page.NextLink) > 0 + }, + Fetcher: func(ctx context.Context, page *RoleAssignmentsClientListForResourceResponse) (RoleAssignmentsClientListForResourceResponse, error) { + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, "RoleAssignmentsClient.NewListForResourcePager") + nextLink := "" + if page != nil { + nextLink = *page.NextLink + } + resp, err := runtime.FetcherForNextLink(ctx, client.internal.Pipeline(), nextLink, func(ctx context.Context) (*policy.Request, error) { + return client.listForResourceCreateRequest(ctx, resourceGroupName, resourceProviderNamespace, resourceType, resourceName, options) + }, nil) + if err != nil { + return RoleAssignmentsClientListForResourceResponse{}, err + } + return client.listForResourceHandleResponse(resp) + }, + Tracer: client.internal.Tracer(), + }) +} + +// listForResourceCreateRequest creates the ListForResource request. +func (client *RoleAssignmentsClient) listForResourceCreateRequest(ctx context.Context, resourceGroupName string, resourceProviderNamespace string, resourceType string, resourceName string, options *RoleAssignmentsClientListForResourceOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}/providers/Microsoft.Authorization/roleAssignments" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + urlPath = strings.ReplaceAll(urlPath, "{resourceProviderNamespace}", resourceProviderNamespace) + urlPath = strings.ReplaceAll(urlPath, "{resourceType}", resourceType) + urlPath = strings.ReplaceAll(urlPath, "{resourceName}", resourceName) + req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2022-04-01") + if options != nil && options.TenantID != nil { + reqQP.Set("tenantId", *options.TenantID) + } + req.Raw().URL.RawQuery = reqQP.Encode() + unencodedParams := []string{req.Raw().URL.RawQuery} + if options != nil && options.Filter != nil { + unencodedParams = append(unencodedParams, "$filter="+*options.Filter) + } + req.Raw().URL.RawQuery = strings.Join(unencodedParams, "&") + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// listForResourceHandleResponse handles the ListForResource response. +func (client *RoleAssignmentsClient) listForResourceHandleResponse(resp *http.Response) (RoleAssignmentsClientListForResourceResponse, error) { + result := RoleAssignmentsClientListForResourceResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.RoleAssignmentListResult); err != nil { + return RoleAssignmentsClientListForResourceResponse{}, err + } + return result, nil +} + +// NewListForResourceGroupPager - List all role assignments that apply to a resource group. +// +// Generated from API version 2022-04-01 +// - resourceGroupName - The name of the resource group. The name is case insensitive. +// - options - RoleAssignmentsClientListForResourceGroupOptions contains the optional parameters for the RoleAssignmentsClient.NewListForResourceGroupPager +// method. +func (client *RoleAssignmentsClient) NewListForResourceGroupPager(resourceGroupName string, options *RoleAssignmentsClientListForResourceGroupOptions) *runtime.Pager[RoleAssignmentsClientListForResourceGroupResponse] { + return runtime.NewPager(runtime.PagingHandler[RoleAssignmentsClientListForResourceGroupResponse]{ + More: func(page RoleAssignmentsClientListForResourceGroupResponse) bool { + return page.NextLink != nil && len(*page.NextLink) > 0 + }, + Fetcher: func(ctx context.Context, page *RoleAssignmentsClientListForResourceGroupResponse) (RoleAssignmentsClientListForResourceGroupResponse, error) { + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, "RoleAssignmentsClient.NewListForResourceGroupPager") + nextLink := "" + if page != nil { + nextLink = *page.NextLink + } + resp, err := runtime.FetcherForNextLink(ctx, client.internal.Pipeline(), nextLink, func(ctx context.Context) (*policy.Request, error) { + return client.listForResourceGroupCreateRequest(ctx, resourceGroupName, options) + }, nil) + if err != nil { + return RoleAssignmentsClientListForResourceGroupResponse{}, err + } + return client.listForResourceGroupHandleResponse(resp) + }, + Tracer: client.internal.Tracer(), + }) +} + +// listForResourceGroupCreateRequest creates the ListForResourceGroup request. +func (client *RoleAssignmentsClient) listForResourceGroupCreateRequest(ctx context.Context, resourceGroupName string, options *RoleAssignmentsClientListForResourceGroupOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Authorization/roleAssignments" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + if resourceGroupName == "" { + return nil, errors.New("parameter resourceGroupName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{resourceGroupName}", url.PathEscape(resourceGroupName)) + req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2022-04-01") + if options != nil && options.TenantID != nil { + reqQP.Set("tenantId", *options.TenantID) + } + req.Raw().URL.RawQuery = reqQP.Encode() + unencodedParams := []string{req.Raw().URL.RawQuery} + if options != nil && options.Filter != nil { + unencodedParams = append(unencodedParams, "$filter="+*options.Filter) + } + req.Raw().URL.RawQuery = strings.Join(unencodedParams, "&") + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// listForResourceGroupHandleResponse handles the ListForResourceGroup response. +func (client *RoleAssignmentsClient) listForResourceGroupHandleResponse(resp *http.Response) (RoleAssignmentsClientListForResourceGroupResponse, error) { + result := RoleAssignmentsClientListForResourceGroupResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.RoleAssignmentListResult); err != nil { + return RoleAssignmentsClientListForResourceGroupResponse{}, err + } + return result, nil +} + +// NewListForScopePager - List all role assignments that apply to a scope. +// +// Generated from API version 2022-04-01 +// - scope - The scope of the operation or resource. Valid scopes are: subscription (format: '/subscriptions/{subscriptionId}'), +// resource group (format: +// '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}', or resource (format: +// '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/[{parentResourcePath}/]{resourceType}/{resourceName}' +// - options - RoleAssignmentsClientListForScopeOptions contains the optional parameters for the RoleAssignmentsClient.NewListForScopePager +// method. +func (client *RoleAssignmentsClient) NewListForScopePager(scope string, options *RoleAssignmentsClientListForScopeOptions) *runtime.Pager[RoleAssignmentsClientListForScopeResponse] { + return runtime.NewPager(runtime.PagingHandler[RoleAssignmentsClientListForScopeResponse]{ + More: func(page RoleAssignmentsClientListForScopeResponse) bool { + return page.NextLink != nil && len(*page.NextLink) > 0 + }, + Fetcher: func(ctx context.Context, page *RoleAssignmentsClientListForScopeResponse) (RoleAssignmentsClientListForScopeResponse, error) { + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, "RoleAssignmentsClient.NewListForScopePager") + nextLink := "" + if page != nil { + nextLink = *page.NextLink + } + resp, err := runtime.FetcherForNextLink(ctx, client.internal.Pipeline(), nextLink, func(ctx context.Context) (*policy.Request, error) { + return client.listForScopeCreateRequest(ctx, scope, options) + }, nil) + if err != nil { + return RoleAssignmentsClientListForScopeResponse{}, err + } + return client.listForScopeHandleResponse(resp) + }, + Tracer: client.internal.Tracer(), + }) +} + +// listForScopeCreateRequest creates the ListForScope request. +func (client *RoleAssignmentsClient) listForScopeCreateRequest(ctx context.Context, scope string, options *RoleAssignmentsClientListForScopeOptions) (*policy.Request, error) { + urlPath := "/{scope}/providers/Microsoft.Authorization/roleAssignments" + urlPath = strings.ReplaceAll(urlPath, "{scope}", scope) + req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2022-04-01") + if options != nil && options.TenantID != nil { + reqQP.Set("tenantId", *options.TenantID) + } + req.Raw().URL.RawQuery = reqQP.Encode() + unencodedParams := []string{req.Raw().URL.RawQuery} + if options != nil && options.Filter != nil { + unencodedParams = append(unencodedParams, "$filter="+*options.Filter) + } + if options != nil && options.SkipToken != nil { + unencodedParams = append(unencodedParams, "$skipToken="+*options.SkipToken) + } + req.Raw().URL.RawQuery = strings.Join(unencodedParams, "&") + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// listForScopeHandleResponse handles the ListForScope response. +func (client *RoleAssignmentsClient) listForScopeHandleResponse(resp *http.Response) (RoleAssignmentsClientListForScopeResponse, error) { + result := RoleAssignmentsClientListForScopeResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.RoleAssignmentListResult); err != nil { + return RoleAssignmentsClientListForScopeResponse{}, err + } + return result, nil +} + +// NewListForSubscriptionPager - List all role assignments that apply to a subscription. +// +// Generated from API version 2022-04-01 +// - options - RoleAssignmentsClientListForSubscriptionOptions contains the optional parameters for the RoleAssignmentsClient.NewListForSubscriptionPager +// method. +func (client *RoleAssignmentsClient) NewListForSubscriptionPager(options *RoleAssignmentsClientListForSubscriptionOptions) *runtime.Pager[RoleAssignmentsClientListForSubscriptionResponse] { + return runtime.NewPager(runtime.PagingHandler[RoleAssignmentsClientListForSubscriptionResponse]{ + More: func(page RoleAssignmentsClientListForSubscriptionResponse) bool { + return page.NextLink != nil && len(*page.NextLink) > 0 + }, + Fetcher: func(ctx context.Context, page *RoleAssignmentsClientListForSubscriptionResponse) (RoleAssignmentsClientListForSubscriptionResponse, error) { + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, "RoleAssignmentsClient.NewListForSubscriptionPager") + nextLink := "" + if page != nil { + nextLink = *page.NextLink + } + resp, err := runtime.FetcherForNextLink(ctx, client.internal.Pipeline(), nextLink, func(ctx context.Context) (*policy.Request, error) { + return client.listForSubscriptionCreateRequest(ctx, options) + }, nil) + if err != nil { + return RoleAssignmentsClientListForSubscriptionResponse{}, err + } + return client.listForSubscriptionHandleResponse(resp) + }, + Tracer: client.internal.Tracer(), + }) +} + +// listForSubscriptionCreateRequest creates the ListForSubscription request. +func (client *RoleAssignmentsClient) listForSubscriptionCreateRequest(ctx context.Context, options *RoleAssignmentsClientListForSubscriptionOptions) (*policy.Request, error) { + urlPath := "/subscriptions/{subscriptionId}/providers/Microsoft.Authorization/roleAssignments" + if client.subscriptionID == "" { + return nil, errors.New("parameter client.subscriptionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{subscriptionId}", url.PathEscape(client.subscriptionID)) + req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2022-04-01") + if options != nil && options.TenantID != nil { + reqQP.Set("tenantId", *options.TenantID) + } + req.Raw().URL.RawQuery = reqQP.Encode() + unencodedParams := []string{req.Raw().URL.RawQuery} + if options != nil && options.Filter != nil { + unencodedParams = append(unencodedParams, "$filter="+*options.Filter) + } + req.Raw().URL.RawQuery = strings.Join(unencodedParams, "&") + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// listForSubscriptionHandleResponse handles the ListForSubscription response. +func (client *RoleAssignmentsClient) listForSubscriptionHandleResponse(resp *http.Response) (RoleAssignmentsClientListForSubscriptionResponse, error) { + result := RoleAssignmentsClientListForSubscriptionResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.RoleAssignmentListResult); err != nil { + return RoleAssignmentsClientListForSubscriptionResponse{}, err + } + return result, nil +} diff --git a/vendor/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3/roleassignmentscheduleinstances_client.go b/vendor/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3/roleassignmentscheduleinstances_client.go new file mode 100644 index 00000000000..f85bba1e81e --- /dev/null +++ b/vendor/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3/roleassignmentscheduleinstances_client.go @@ -0,0 +1,155 @@ +//go:build go1.18 +// +build go1.18 + +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package armauthorization + +import ( + "context" + "errors" + "github.com/Azure/azure-sdk-for-go/sdk/azcore" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/arm" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/policy" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "net/http" + "net/url" + "strings" +) + +// RoleAssignmentScheduleInstancesClient contains the methods for the RoleAssignmentScheduleInstances group. +// Don't use this type directly, use NewRoleAssignmentScheduleInstancesClient() instead. +type RoleAssignmentScheduleInstancesClient struct { + internal *arm.Client +} + +// NewRoleAssignmentScheduleInstancesClient creates a new instance of RoleAssignmentScheduleInstancesClient with the specified values. +// - credential - used to authorize requests. Usually a credential from azidentity. +// - options - pass nil to accept the default values. +func NewRoleAssignmentScheduleInstancesClient(credential azcore.TokenCredential, options *arm.ClientOptions) (*RoleAssignmentScheduleInstancesClient, error) { + cl, err := arm.NewClient(moduleName, moduleVersion, credential, options) + if err != nil { + return nil, err + } + client := &RoleAssignmentScheduleInstancesClient{ + internal: cl, + } + return client, nil +} + +// Get - Gets the specified role assignment schedule instance. +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2020-10-01-preview +// - scope - The scope of the role assignments schedules. +// - roleAssignmentScheduleInstanceName - The name (hash of schedule name + time) of the role assignment schedule to get. +// - options - RoleAssignmentScheduleInstancesClientGetOptions contains the optional parameters for the RoleAssignmentScheduleInstancesClient.Get +// method. +func (client *RoleAssignmentScheduleInstancesClient) Get(ctx context.Context, scope string, roleAssignmentScheduleInstanceName string, options *RoleAssignmentScheduleInstancesClientGetOptions) (RoleAssignmentScheduleInstancesClientGetResponse, error) { + var err error + const operationName = "RoleAssignmentScheduleInstancesClient.Get" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.getCreateRequest(ctx, scope, roleAssignmentScheduleInstanceName, options) + if err != nil { + return RoleAssignmentScheduleInstancesClientGetResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return RoleAssignmentScheduleInstancesClientGetResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK) { + err = runtime.NewResponseError(httpResp) + return RoleAssignmentScheduleInstancesClientGetResponse{}, err + } + resp, err := client.getHandleResponse(httpResp) + return resp, err +} + +// getCreateRequest creates the Get request. +func (client *RoleAssignmentScheduleInstancesClient) getCreateRequest(ctx context.Context, scope string, roleAssignmentScheduleInstanceName string, options *RoleAssignmentScheduleInstancesClientGetOptions) (*policy.Request, error) { + urlPath := "/{scope}/providers/Microsoft.Authorization/roleAssignmentScheduleInstances/{roleAssignmentScheduleInstanceName}" + urlPath = strings.ReplaceAll(urlPath, "{scope}", scope) + if roleAssignmentScheduleInstanceName == "" { + return nil, errors.New("parameter roleAssignmentScheduleInstanceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{roleAssignmentScheduleInstanceName}", url.PathEscape(roleAssignmentScheduleInstanceName)) + req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2020-10-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// getHandleResponse handles the Get response. +func (client *RoleAssignmentScheduleInstancesClient) getHandleResponse(resp *http.Response) (RoleAssignmentScheduleInstancesClientGetResponse, error) { + result := RoleAssignmentScheduleInstancesClientGetResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.RoleAssignmentScheduleInstance); err != nil { + return RoleAssignmentScheduleInstancesClientGetResponse{}, err + } + return result, nil +} + +// NewListForScopePager - Gets role assignment schedule instances of a role assignment schedule. +// +// Generated from API version 2020-10-01-preview +// - scope - The scope of the role assignment schedule. +// - options - RoleAssignmentScheduleInstancesClientListForScopeOptions contains the optional parameters for the RoleAssignmentScheduleInstancesClient.NewListForScopePager +// method. +func (client *RoleAssignmentScheduleInstancesClient) NewListForScopePager(scope string, options *RoleAssignmentScheduleInstancesClientListForScopeOptions) *runtime.Pager[RoleAssignmentScheduleInstancesClientListForScopeResponse] { + return runtime.NewPager(runtime.PagingHandler[RoleAssignmentScheduleInstancesClientListForScopeResponse]{ + More: func(page RoleAssignmentScheduleInstancesClientListForScopeResponse) bool { + return page.NextLink != nil && len(*page.NextLink) > 0 + }, + Fetcher: func(ctx context.Context, page *RoleAssignmentScheduleInstancesClientListForScopeResponse) (RoleAssignmentScheduleInstancesClientListForScopeResponse, error) { + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, "RoleAssignmentScheduleInstancesClient.NewListForScopePager") + nextLink := "" + if page != nil { + nextLink = *page.NextLink + } + resp, err := runtime.FetcherForNextLink(ctx, client.internal.Pipeline(), nextLink, func(ctx context.Context) (*policy.Request, error) { + return client.listForScopeCreateRequest(ctx, scope, options) + }, nil) + if err != nil { + return RoleAssignmentScheduleInstancesClientListForScopeResponse{}, err + } + return client.listForScopeHandleResponse(resp) + }, + Tracer: client.internal.Tracer(), + }) +} + +// listForScopeCreateRequest creates the ListForScope request. +func (client *RoleAssignmentScheduleInstancesClient) listForScopeCreateRequest(ctx context.Context, scope string, options *RoleAssignmentScheduleInstancesClientListForScopeOptions) (*policy.Request, error) { + urlPath := "/{scope}/providers/Microsoft.Authorization/roleAssignmentScheduleInstances" + urlPath = strings.ReplaceAll(urlPath, "{scope}", scope) + req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + if options != nil && options.Filter != nil { + reqQP.Set("$filter", *options.Filter) + } + reqQP.Set("api-version", "2020-10-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// listForScopeHandleResponse handles the ListForScope response. +func (client *RoleAssignmentScheduleInstancesClient) listForScopeHandleResponse(resp *http.Response) (RoleAssignmentScheduleInstancesClientListForScopeResponse, error) { + result := RoleAssignmentScheduleInstancesClientListForScopeResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.RoleAssignmentScheduleInstanceListResult); err != nil { + return RoleAssignmentScheduleInstancesClientListForScopeResponse{}, err + } + return result, nil +} diff --git a/vendor/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3/roleassignmentschedulerequests_client.go b/vendor/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3/roleassignmentschedulerequests_client.go new file mode 100644 index 00000000000..fd99a61adc5 --- /dev/null +++ b/vendor/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3/roleassignmentschedulerequests_client.go @@ -0,0 +1,333 @@ +//go:build go1.18 +// +build go1.18 + +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package armauthorization + +import ( + "context" + "errors" + "github.com/Azure/azure-sdk-for-go/sdk/azcore" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/arm" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/policy" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "net/http" + "net/url" + "strings" +) + +// RoleAssignmentScheduleRequestsClient contains the methods for the RoleAssignmentScheduleRequests group. +// Don't use this type directly, use NewRoleAssignmentScheduleRequestsClient() instead. +type RoleAssignmentScheduleRequestsClient struct { + internal *arm.Client +} + +// NewRoleAssignmentScheduleRequestsClient creates a new instance of RoleAssignmentScheduleRequestsClient with the specified values. +// - credential - used to authorize requests. Usually a credential from azidentity. +// - options - pass nil to accept the default values. +func NewRoleAssignmentScheduleRequestsClient(credential azcore.TokenCredential, options *arm.ClientOptions) (*RoleAssignmentScheduleRequestsClient, error) { + cl, err := arm.NewClient(moduleName, moduleVersion, credential, options) + if err != nil { + return nil, err + } + client := &RoleAssignmentScheduleRequestsClient{ + internal: cl, + } + return client, nil +} + +// Cancel - Cancels a pending role assignment schedule request. +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2022-04-01-preview +// - scope - The scope of the role assignment request to cancel. +// - roleAssignmentScheduleRequestName - The name of the role assignment request to cancel. +// - options - RoleAssignmentScheduleRequestsClientCancelOptions contains the optional parameters for the RoleAssignmentScheduleRequestsClient.Cancel +// method. +func (client *RoleAssignmentScheduleRequestsClient) Cancel(ctx context.Context, scope string, roleAssignmentScheduleRequestName string, options *RoleAssignmentScheduleRequestsClientCancelOptions) (RoleAssignmentScheduleRequestsClientCancelResponse, error) { + var err error + const operationName = "RoleAssignmentScheduleRequestsClient.Cancel" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.cancelCreateRequest(ctx, scope, roleAssignmentScheduleRequestName, options) + if err != nil { + return RoleAssignmentScheduleRequestsClientCancelResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return RoleAssignmentScheduleRequestsClientCancelResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK) { + err = runtime.NewResponseError(httpResp) + return RoleAssignmentScheduleRequestsClientCancelResponse{}, err + } + return RoleAssignmentScheduleRequestsClientCancelResponse{}, nil +} + +// cancelCreateRequest creates the Cancel request. +func (client *RoleAssignmentScheduleRequestsClient) cancelCreateRequest(ctx context.Context, scope string, roleAssignmentScheduleRequestName string, options *RoleAssignmentScheduleRequestsClientCancelOptions) (*policy.Request, error) { + urlPath := "/{scope}/providers/Microsoft.Authorization/roleAssignmentScheduleRequests/{roleAssignmentScheduleRequestName}/cancel" + urlPath = strings.ReplaceAll(urlPath, "{scope}", scope) + if roleAssignmentScheduleRequestName == "" { + return nil, errors.New("parameter roleAssignmentScheduleRequestName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{roleAssignmentScheduleRequestName}", url.PathEscape(roleAssignmentScheduleRequestName)) + req, err := runtime.NewRequest(ctx, http.MethodPost, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2022-04-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// Create - Creates a role assignment schedule request. +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2022-04-01-preview +// - scope - The scope of the role assignment schedule request to create. The scope can be any REST resource instance. For example, +// use '/providers/Microsoft.Subscription/subscriptions/{subscription-id}/' for a +// subscription, '/providers/Microsoft.Subscription/subscriptions/{subscription-id}/resourceGroups/{resource-group-name}' +// for a resource group, and +// '/providers/Microsoft.Subscription/subscriptions/{subscription-id}/resourceGroups/{resource-group-name}/providers/{resource-provider}/{resource-type}/{resource-name}' +// for a resource. +// - roleAssignmentScheduleRequestName - A GUID for the role assignment to create. The name must be unique and different for +// each role assignment. +// - parameters - Parameters for the role assignment schedule request. +// - options - RoleAssignmentScheduleRequestsClientCreateOptions contains the optional parameters for the RoleAssignmentScheduleRequestsClient.Create +// method. +func (client *RoleAssignmentScheduleRequestsClient) Create(ctx context.Context, scope string, roleAssignmentScheduleRequestName string, parameters RoleAssignmentScheduleRequest, options *RoleAssignmentScheduleRequestsClientCreateOptions) (RoleAssignmentScheduleRequestsClientCreateResponse, error) { + var err error + const operationName = "RoleAssignmentScheduleRequestsClient.Create" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.createCreateRequest(ctx, scope, roleAssignmentScheduleRequestName, parameters, options) + if err != nil { + return RoleAssignmentScheduleRequestsClientCreateResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return RoleAssignmentScheduleRequestsClientCreateResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusCreated) { + err = runtime.NewResponseError(httpResp) + return RoleAssignmentScheduleRequestsClientCreateResponse{}, err + } + resp, err := client.createHandleResponse(httpResp) + return resp, err +} + +// createCreateRequest creates the Create request. +func (client *RoleAssignmentScheduleRequestsClient) createCreateRequest(ctx context.Context, scope string, roleAssignmentScheduleRequestName string, parameters RoleAssignmentScheduleRequest, options *RoleAssignmentScheduleRequestsClientCreateOptions) (*policy.Request, error) { + urlPath := "/{scope}/providers/Microsoft.Authorization/roleAssignmentScheduleRequests/{roleAssignmentScheduleRequestName}" + urlPath = strings.ReplaceAll(urlPath, "{scope}", scope) + if roleAssignmentScheduleRequestName == "" { + return nil, errors.New("parameter roleAssignmentScheduleRequestName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{roleAssignmentScheduleRequestName}", url.PathEscape(roleAssignmentScheduleRequestName)) + req, err := runtime.NewRequest(ctx, http.MethodPut, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2022-04-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + if err := runtime.MarshalAsJSON(req, parameters); err != nil { + return nil, err + } + return req, nil +} + +// createHandleResponse handles the Create response. +func (client *RoleAssignmentScheduleRequestsClient) createHandleResponse(resp *http.Response) (RoleAssignmentScheduleRequestsClientCreateResponse, error) { + result := RoleAssignmentScheduleRequestsClientCreateResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.RoleAssignmentScheduleRequest); err != nil { + return RoleAssignmentScheduleRequestsClientCreateResponse{}, err + } + return result, nil +} + +// Get - Get the specified role assignment schedule request. +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2022-04-01-preview +// - scope - The scope of the role assignment schedule request. +// - roleAssignmentScheduleRequestName - The name (guid) of the role assignment schedule request to get. +// - options - RoleAssignmentScheduleRequestsClientGetOptions contains the optional parameters for the RoleAssignmentScheduleRequestsClient.Get +// method. +func (client *RoleAssignmentScheduleRequestsClient) Get(ctx context.Context, scope string, roleAssignmentScheduleRequestName string, options *RoleAssignmentScheduleRequestsClientGetOptions) (RoleAssignmentScheduleRequestsClientGetResponse, error) { + var err error + const operationName = "RoleAssignmentScheduleRequestsClient.Get" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.getCreateRequest(ctx, scope, roleAssignmentScheduleRequestName, options) + if err != nil { + return RoleAssignmentScheduleRequestsClientGetResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return RoleAssignmentScheduleRequestsClientGetResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK) { + err = runtime.NewResponseError(httpResp) + return RoleAssignmentScheduleRequestsClientGetResponse{}, err + } + resp, err := client.getHandleResponse(httpResp) + return resp, err +} + +// getCreateRequest creates the Get request. +func (client *RoleAssignmentScheduleRequestsClient) getCreateRequest(ctx context.Context, scope string, roleAssignmentScheduleRequestName string, options *RoleAssignmentScheduleRequestsClientGetOptions) (*policy.Request, error) { + urlPath := "/{scope}/providers/Microsoft.Authorization/roleAssignmentScheduleRequests/{roleAssignmentScheduleRequestName}" + urlPath = strings.ReplaceAll(urlPath, "{scope}", scope) + if roleAssignmentScheduleRequestName == "" { + return nil, errors.New("parameter roleAssignmentScheduleRequestName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{roleAssignmentScheduleRequestName}", url.PathEscape(roleAssignmentScheduleRequestName)) + req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2022-04-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// getHandleResponse handles the Get response. +func (client *RoleAssignmentScheduleRequestsClient) getHandleResponse(resp *http.Response) (RoleAssignmentScheduleRequestsClientGetResponse, error) { + result := RoleAssignmentScheduleRequestsClientGetResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.RoleAssignmentScheduleRequest); err != nil { + return RoleAssignmentScheduleRequestsClientGetResponse{}, err + } + return result, nil +} + +// NewListForScopePager - Gets role assignment schedule requests for a scope. +// +// Generated from API version 2022-04-01-preview +// - scope - The scope of the role assignments schedule requests. +// - options - RoleAssignmentScheduleRequestsClientListForScopeOptions contains the optional parameters for the RoleAssignmentScheduleRequestsClient.NewListForScopePager +// method. +func (client *RoleAssignmentScheduleRequestsClient) NewListForScopePager(scope string, options *RoleAssignmentScheduleRequestsClientListForScopeOptions) *runtime.Pager[RoleAssignmentScheduleRequestsClientListForScopeResponse] { + return runtime.NewPager(runtime.PagingHandler[RoleAssignmentScheduleRequestsClientListForScopeResponse]{ + More: func(page RoleAssignmentScheduleRequestsClientListForScopeResponse) bool { + return page.NextLink != nil && len(*page.NextLink) > 0 + }, + Fetcher: func(ctx context.Context, page *RoleAssignmentScheduleRequestsClientListForScopeResponse) (RoleAssignmentScheduleRequestsClientListForScopeResponse, error) { + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, "RoleAssignmentScheduleRequestsClient.NewListForScopePager") + nextLink := "" + if page != nil { + nextLink = *page.NextLink + } + resp, err := runtime.FetcherForNextLink(ctx, client.internal.Pipeline(), nextLink, func(ctx context.Context) (*policy.Request, error) { + return client.listForScopeCreateRequest(ctx, scope, options) + }, nil) + if err != nil { + return RoleAssignmentScheduleRequestsClientListForScopeResponse{}, err + } + return client.listForScopeHandleResponse(resp) + }, + Tracer: client.internal.Tracer(), + }) +} + +// listForScopeCreateRequest creates the ListForScope request. +func (client *RoleAssignmentScheduleRequestsClient) listForScopeCreateRequest(ctx context.Context, scope string, options *RoleAssignmentScheduleRequestsClientListForScopeOptions) (*policy.Request, error) { + urlPath := "/{scope}/providers/Microsoft.Authorization/roleAssignmentScheduleRequests" + urlPath = strings.ReplaceAll(urlPath, "{scope}", scope) + req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + if options != nil && options.Filter != nil { + reqQP.Set("$filter", *options.Filter) + } + reqQP.Set("api-version", "2022-04-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// listForScopeHandleResponse handles the ListForScope response. +func (client *RoleAssignmentScheduleRequestsClient) listForScopeHandleResponse(resp *http.Response) (RoleAssignmentScheduleRequestsClientListForScopeResponse, error) { + result := RoleAssignmentScheduleRequestsClientListForScopeResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.RoleAssignmentScheduleRequestListResult); err != nil { + return RoleAssignmentScheduleRequestsClientListForScopeResponse{}, err + } + return result, nil +} + +// Validate - Validates a new role assignment schedule request. +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2022-04-01-preview +// - scope - The scope of the role assignment request to validate. +// - roleAssignmentScheduleRequestName - The name of the role assignment request to validate. +// - parameters - Parameters for the role assignment schedule request. +// - options - RoleAssignmentScheduleRequestsClientValidateOptions contains the optional parameters for the RoleAssignmentScheduleRequestsClient.Validate +// method. +func (client *RoleAssignmentScheduleRequestsClient) Validate(ctx context.Context, scope string, roleAssignmentScheduleRequestName string, parameters RoleAssignmentScheduleRequest, options *RoleAssignmentScheduleRequestsClientValidateOptions) (RoleAssignmentScheduleRequestsClientValidateResponse, error) { + var err error + const operationName = "RoleAssignmentScheduleRequestsClient.Validate" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.validateCreateRequest(ctx, scope, roleAssignmentScheduleRequestName, parameters, options) + if err != nil { + return RoleAssignmentScheduleRequestsClientValidateResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return RoleAssignmentScheduleRequestsClientValidateResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK) { + err = runtime.NewResponseError(httpResp) + return RoleAssignmentScheduleRequestsClientValidateResponse{}, err + } + resp, err := client.validateHandleResponse(httpResp) + return resp, err +} + +// validateCreateRequest creates the Validate request. +func (client *RoleAssignmentScheduleRequestsClient) validateCreateRequest(ctx context.Context, scope string, roleAssignmentScheduleRequestName string, parameters RoleAssignmentScheduleRequest, options *RoleAssignmentScheduleRequestsClientValidateOptions) (*policy.Request, error) { + urlPath := "/{scope}/providers/Microsoft.Authorization/roleAssignmentScheduleRequests/{roleAssignmentScheduleRequestName}/validate" + urlPath = strings.ReplaceAll(urlPath, "{scope}", scope) + if roleAssignmentScheduleRequestName == "" { + return nil, errors.New("parameter roleAssignmentScheduleRequestName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{roleAssignmentScheduleRequestName}", url.PathEscape(roleAssignmentScheduleRequestName)) + req, err := runtime.NewRequest(ctx, http.MethodPost, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2022-04-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + if err := runtime.MarshalAsJSON(req, parameters); err != nil { + return nil, err + } + return req, nil +} + +// validateHandleResponse handles the Validate response. +func (client *RoleAssignmentScheduleRequestsClient) validateHandleResponse(resp *http.Response) (RoleAssignmentScheduleRequestsClientValidateResponse, error) { + result := RoleAssignmentScheduleRequestsClientValidateResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.RoleAssignmentScheduleRequest); err != nil { + return RoleAssignmentScheduleRequestsClientValidateResponse{}, err + } + return result, nil +} diff --git a/vendor/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3/roleassignmentschedules_client.go b/vendor/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3/roleassignmentschedules_client.go new file mode 100644 index 00000000000..e40cf464808 --- /dev/null +++ b/vendor/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3/roleassignmentschedules_client.go @@ -0,0 +1,155 @@ +//go:build go1.18 +// +build go1.18 + +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package armauthorization + +import ( + "context" + "errors" + "github.com/Azure/azure-sdk-for-go/sdk/azcore" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/arm" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/policy" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "net/http" + "net/url" + "strings" +) + +// RoleAssignmentSchedulesClient contains the methods for the RoleAssignmentSchedules group. +// Don't use this type directly, use NewRoleAssignmentSchedulesClient() instead. +type RoleAssignmentSchedulesClient struct { + internal *arm.Client +} + +// NewRoleAssignmentSchedulesClient creates a new instance of RoleAssignmentSchedulesClient with the specified values. +// - credential - used to authorize requests. Usually a credential from azidentity. +// - options - pass nil to accept the default values. +func NewRoleAssignmentSchedulesClient(credential azcore.TokenCredential, options *arm.ClientOptions) (*RoleAssignmentSchedulesClient, error) { + cl, err := arm.NewClient(moduleName, moduleVersion, credential, options) + if err != nil { + return nil, err + } + client := &RoleAssignmentSchedulesClient{ + internal: cl, + } + return client, nil +} + +// Get - Get the specified role assignment schedule for a resource scope +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2020-10-01-preview +// - scope - The scope of the role assignment schedule. +// - roleAssignmentScheduleName - The name (guid) of the role assignment schedule to get. +// - options - RoleAssignmentSchedulesClientGetOptions contains the optional parameters for the RoleAssignmentSchedulesClient.Get +// method. +func (client *RoleAssignmentSchedulesClient) Get(ctx context.Context, scope string, roleAssignmentScheduleName string, options *RoleAssignmentSchedulesClientGetOptions) (RoleAssignmentSchedulesClientGetResponse, error) { + var err error + const operationName = "RoleAssignmentSchedulesClient.Get" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.getCreateRequest(ctx, scope, roleAssignmentScheduleName, options) + if err != nil { + return RoleAssignmentSchedulesClientGetResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return RoleAssignmentSchedulesClientGetResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK) { + err = runtime.NewResponseError(httpResp) + return RoleAssignmentSchedulesClientGetResponse{}, err + } + resp, err := client.getHandleResponse(httpResp) + return resp, err +} + +// getCreateRequest creates the Get request. +func (client *RoleAssignmentSchedulesClient) getCreateRequest(ctx context.Context, scope string, roleAssignmentScheduleName string, options *RoleAssignmentSchedulesClientGetOptions) (*policy.Request, error) { + urlPath := "/{scope}/providers/Microsoft.Authorization/roleAssignmentSchedules/{roleAssignmentScheduleName}" + urlPath = strings.ReplaceAll(urlPath, "{scope}", scope) + if roleAssignmentScheduleName == "" { + return nil, errors.New("parameter roleAssignmentScheduleName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{roleAssignmentScheduleName}", url.PathEscape(roleAssignmentScheduleName)) + req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2020-10-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// getHandleResponse handles the Get response. +func (client *RoleAssignmentSchedulesClient) getHandleResponse(resp *http.Response) (RoleAssignmentSchedulesClientGetResponse, error) { + result := RoleAssignmentSchedulesClientGetResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.RoleAssignmentSchedule); err != nil { + return RoleAssignmentSchedulesClientGetResponse{}, err + } + return result, nil +} + +// NewListForScopePager - Gets role assignment schedules for a resource scope. +// +// Generated from API version 2020-10-01-preview +// - scope - The scope of the role assignments schedules. +// - options - RoleAssignmentSchedulesClientListForScopeOptions contains the optional parameters for the RoleAssignmentSchedulesClient.NewListForScopePager +// method. +func (client *RoleAssignmentSchedulesClient) NewListForScopePager(scope string, options *RoleAssignmentSchedulesClientListForScopeOptions) *runtime.Pager[RoleAssignmentSchedulesClientListForScopeResponse] { + return runtime.NewPager(runtime.PagingHandler[RoleAssignmentSchedulesClientListForScopeResponse]{ + More: func(page RoleAssignmentSchedulesClientListForScopeResponse) bool { + return page.NextLink != nil && len(*page.NextLink) > 0 + }, + Fetcher: func(ctx context.Context, page *RoleAssignmentSchedulesClientListForScopeResponse) (RoleAssignmentSchedulesClientListForScopeResponse, error) { + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, "RoleAssignmentSchedulesClient.NewListForScopePager") + nextLink := "" + if page != nil { + nextLink = *page.NextLink + } + resp, err := runtime.FetcherForNextLink(ctx, client.internal.Pipeline(), nextLink, func(ctx context.Context) (*policy.Request, error) { + return client.listForScopeCreateRequest(ctx, scope, options) + }, nil) + if err != nil { + return RoleAssignmentSchedulesClientListForScopeResponse{}, err + } + return client.listForScopeHandleResponse(resp) + }, + Tracer: client.internal.Tracer(), + }) +} + +// listForScopeCreateRequest creates the ListForScope request. +func (client *RoleAssignmentSchedulesClient) listForScopeCreateRequest(ctx context.Context, scope string, options *RoleAssignmentSchedulesClientListForScopeOptions) (*policy.Request, error) { + urlPath := "/{scope}/providers/Microsoft.Authorization/roleAssignmentSchedules" + urlPath = strings.ReplaceAll(urlPath, "{scope}", scope) + req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + if options != nil && options.Filter != nil { + reqQP.Set("$filter", *options.Filter) + } + reqQP.Set("api-version", "2020-10-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// listForScopeHandleResponse handles the ListForScope response. +func (client *RoleAssignmentSchedulesClient) listForScopeHandleResponse(resp *http.Response) (RoleAssignmentSchedulesClientListForScopeResponse, error) { + result := RoleAssignmentSchedulesClientListForScopeResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.RoleAssignmentScheduleListResult); err != nil { + return RoleAssignmentSchedulesClientListForScopeResponse{}, err + } + return result, nil +} diff --git a/vendor/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3/roledefinitions_client.go b/vendor/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3/roledefinitions_client.go new file mode 100644 index 00000000000..189c09c3973 --- /dev/null +++ b/vendor/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3/roledefinitions_client.go @@ -0,0 +1,339 @@ +//go:build go1.18 +// +build go1.18 + +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package armauthorization + +import ( + "context" + "errors" + "github.com/Azure/azure-sdk-for-go/sdk/azcore" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/arm" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/policy" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "net/http" + "net/url" + "strings" +) + +// RoleDefinitionsClient contains the methods for the RoleDefinitions group. +// Don't use this type directly, use NewRoleDefinitionsClient() instead. +type RoleDefinitionsClient struct { + internal *arm.Client +} + +// NewRoleDefinitionsClient creates a new instance of RoleDefinitionsClient with the specified values. +// - credential - used to authorize requests. Usually a credential from azidentity. +// - options - pass nil to accept the default values. +func NewRoleDefinitionsClient(credential azcore.TokenCredential, options *arm.ClientOptions) (*RoleDefinitionsClient, error) { + cl, err := arm.NewClient(moduleName, moduleVersion, credential, options) + if err != nil { + return nil, err + } + client := &RoleDefinitionsClient{ + internal: cl, + } + return client, nil +} + +// CreateOrUpdate - Creates or updates a role definition. +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2022-05-01-preview +// - scope - The scope of the operation or resource. Valid scopes are: subscription (format: '/subscriptions/{subscriptionId}'), +// resource group (format: +// '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}', or resource (format: +// '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/[{parentResourcePath}/]{resourceType}/{resourceName}' +// - roleDefinitionID - The ID of the role definition. +// - roleDefinition - The values for the role definition. +// - options - RoleDefinitionsClientCreateOrUpdateOptions contains the optional parameters for the RoleDefinitionsClient.CreateOrUpdate +// method. +func (client *RoleDefinitionsClient) CreateOrUpdate(ctx context.Context, scope string, roleDefinitionID string, roleDefinition RoleDefinition, options *RoleDefinitionsClientCreateOrUpdateOptions) (RoleDefinitionsClientCreateOrUpdateResponse, error) { + var err error + const operationName = "RoleDefinitionsClient.CreateOrUpdate" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.createOrUpdateCreateRequest(ctx, scope, roleDefinitionID, roleDefinition, options) + if err != nil { + return RoleDefinitionsClientCreateOrUpdateResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return RoleDefinitionsClientCreateOrUpdateResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusCreated) { + err = runtime.NewResponseError(httpResp) + return RoleDefinitionsClientCreateOrUpdateResponse{}, err + } + resp, err := client.createOrUpdateHandleResponse(httpResp) + return resp, err +} + +// createOrUpdateCreateRequest creates the CreateOrUpdate request. +func (client *RoleDefinitionsClient) createOrUpdateCreateRequest(ctx context.Context, scope string, roleDefinitionID string, roleDefinition RoleDefinition, options *RoleDefinitionsClientCreateOrUpdateOptions) (*policy.Request, error) { + urlPath := "/{scope}/providers/Microsoft.Authorization/roleDefinitions/{roleDefinitionId}" + urlPath = strings.ReplaceAll(urlPath, "{scope}", scope) + if roleDefinitionID == "" { + return nil, errors.New("parameter roleDefinitionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{roleDefinitionId}", url.PathEscape(roleDefinitionID)) + req, err := runtime.NewRequest(ctx, http.MethodPut, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2022-05-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + if err := runtime.MarshalAsJSON(req, roleDefinition); err != nil { + return nil, err + } + return req, nil +} + +// createOrUpdateHandleResponse handles the CreateOrUpdate response. +func (client *RoleDefinitionsClient) createOrUpdateHandleResponse(resp *http.Response) (RoleDefinitionsClientCreateOrUpdateResponse, error) { + result := RoleDefinitionsClientCreateOrUpdateResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.RoleDefinition); err != nil { + return RoleDefinitionsClientCreateOrUpdateResponse{}, err + } + return result, nil +} + +// Delete - Deletes a role definition. +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2022-05-01-preview +// - scope - The scope of the operation or resource. Valid scopes are: subscription (format: '/subscriptions/{subscriptionId}'), +// resource group (format: +// '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}', or resource (format: +// '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/[{parentResourcePath}/]{resourceType}/{resourceName}' +// - roleDefinitionID - The ID of the role definition to delete. +// - options - RoleDefinitionsClientDeleteOptions contains the optional parameters for the RoleDefinitionsClient.Delete method. +func (client *RoleDefinitionsClient) Delete(ctx context.Context, scope string, roleDefinitionID string, options *RoleDefinitionsClientDeleteOptions) (RoleDefinitionsClientDeleteResponse, error) { + var err error + const operationName = "RoleDefinitionsClient.Delete" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.deleteCreateRequest(ctx, scope, roleDefinitionID, options) + if err != nil { + return RoleDefinitionsClientDeleteResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return RoleDefinitionsClientDeleteResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK, http.StatusNoContent) { + err = runtime.NewResponseError(httpResp) + return RoleDefinitionsClientDeleteResponse{}, err + } + resp, err := client.deleteHandleResponse(httpResp) + return resp, err +} + +// deleteCreateRequest creates the Delete request. +func (client *RoleDefinitionsClient) deleteCreateRequest(ctx context.Context, scope string, roleDefinitionID string, options *RoleDefinitionsClientDeleteOptions) (*policy.Request, error) { + urlPath := "/{scope}/providers/Microsoft.Authorization/roleDefinitions/{roleDefinitionId}" + urlPath = strings.ReplaceAll(urlPath, "{scope}", scope) + if roleDefinitionID == "" { + return nil, errors.New("parameter roleDefinitionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{roleDefinitionId}", url.PathEscape(roleDefinitionID)) + req, err := runtime.NewRequest(ctx, http.MethodDelete, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2022-05-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// deleteHandleResponse handles the Delete response. +func (client *RoleDefinitionsClient) deleteHandleResponse(resp *http.Response) (RoleDefinitionsClientDeleteResponse, error) { + result := RoleDefinitionsClientDeleteResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.RoleDefinition); err != nil { + return RoleDefinitionsClientDeleteResponse{}, err + } + return result, nil +} + +// Get - Get role definition by ID (GUID). +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2022-05-01-preview +// - scope - The scope of the operation or resource. Valid scopes are: subscription (format: '/subscriptions/{subscriptionId}'), +// resource group (format: +// '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}', or resource (format: +// '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/[{parentResourcePath}/]{resourceType}/{resourceName}' +// - roleDefinitionID - The ID of the role definition. +// - options - RoleDefinitionsClientGetOptions contains the optional parameters for the RoleDefinitionsClient.Get method. +func (client *RoleDefinitionsClient) Get(ctx context.Context, scope string, roleDefinitionID string, options *RoleDefinitionsClientGetOptions) (RoleDefinitionsClientGetResponse, error) { + var err error + const operationName = "RoleDefinitionsClient.Get" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.getCreateRequest(ctx, scope, roleDefinitionID, options) + if err != nil { + return RoleDefinitionsClientGetResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return RoleDefinitionsClientGetResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK) { + err = runtime.NewResponseError(httpResp) + return RoleDefinitionsClientGetResponse{}, err + } + resp, err := client.getHandleResponse(httpResp) + return resp, err +} + +// getCreateRequest creates the Get request. +func (client *RoleDefinitionsClient) getCreateRequest(ctx context.Context, scope string, roleDefinitionID string, options *RoleDefinitionsClientGetOptions) (*policy.Request, error) { + urlPath := "/{scope}/providers/Microsoft.Authorization/roleDefinitions/{roleDefinitionId}" + urlPath = strings.ReplaceAll(urlPath, "{scope}", scope) + if roleDefinitionID == "" { + return nil, errors.New("parameter roleDefinitionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{roleDefinitionId}", url.PathEscape(roleDefinitionID)) + req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2022-05-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// getHandleResponse handles the Get response. +func (client *RoleDefinitionsClient) getHandleResponse(resp *http.Response) (RoleDefinitionsClientGetResponse, error) { + result := RoleDefinitionsClientGetResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.RoleDefinition); err != nil { + return RoleDefinitionsClientGetResponse{}, err + } + return result, nil +} + +// GetByID - Gets a role definition by ID. +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2022-05-01-preview +// - roleID - The fully qualified role definition ID. Use the format, /subscriptions/{guid}/providers/Microsoft.Authorization/roleDefinitions/{roleDefinitionId} +// for subscription level role definitions, or +// /providers/Microsoft.Authorization/roleDefinitions/{roleDefinitionId} for tenant level role definitions. +// - options - RoleDefinitionsClientGetByIDOptions contains the optional parameters for the RoleDefinitionsClient.GetByID method. +func (client *RoleDefinitionsClient) GetByID(ctx context.Context, roleID string, options *RoleDefinitionsClientGetByIDOptions) (RoleDefinitionsClientGetByIDResponse, error) { + var err error + const operationName = "RoleDefinitionsClient.GetByID" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.getByIDCreateRequest(ctx, roleID, options) + if err != nil { + return RoleDefinitionsClientGetByIDResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return RoleDefinitionsClientGetByIDResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK) { + err = runtime.NewResponseError(httpResp) + return RoleDefinitionsClientGetByIDResponse{}, err + } + resp, err := client.getByIDHandleResponse(httpResp) + return resp, err +} + +// getByIDCreateRequest creates the GetByID request. +func (client *RoleDefinitionsClient) getByIDCreateRequest(ctx context.Context, roleID string, options *RoleDefinitionsClientGetByIDOptions) (*policy.Request, error) { + urlPath := "/{roleId}" + urlPath = strings.ReplaceAll(urlPath, "{roleId}", roleID) + req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2022-05-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// getByIDHandleResponse handles the GetByID response. +func (client *RoleDefinitionsClient) getByIDHandleResponse(resp *http.Response) (RoleDefinitionsClientGetByIDResponse, error) { + result := RoleDefinitionsClientGetByIDResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.RoleDefinition); err != nil { + return RoleDefinitionsClientGetByIDResponse{}, err + } + return result, nil +} + +// NewListPager - Get all role definitions that are applicable at scope and above. +// +// Generated from API version 2022-05-01-preview +// - scope - The scope of the operation or resource. Valid scopes are: subscription (format: '/subscriptions/{subscriptionId}'), +// resource group (format: +// '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}', or resource (format: +// '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/[{parentResourcePath}/]{resourceType}/{resourceName}' +// - options - RoleDefinitionsClientListOptions contains the optional parameters for the RoleDefinitionsClient.NewListPager +// method. +func (client *RoleDefinitionsClient) NewListPager(scope string, options *RoleDefinitionsClientListOptions) *runtime.Pager[RoleDefinitionsClientListResponse] { + return runtime.NewPager(runtime.PagingHandler[RoleDefinitionsClientListResponse]{ + More: func(page RoleDefinitionsClientListResponse) bool { + return page.NextLink != nil && len(*page.NextLink) > 0 + }, + Fetcher: func(ctx context.Context, page *RoleDefinitionsClientListResponse) (RoleDefinitionsClientListResponse, error) { + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, "RoleDefinitionsClient.NewListPager") + nextLink := "" + if page != nil { + nextLink = *page.NextLink + } + resp, err := runtime.FetcherForNextLink(ctx, client.internal.Pipeline(), nextLink, func(ctx context.Context) (*policy.Request, error) { + return client.listCreateRequest(ctx, scope, options) + }, nil) + if err != nil { + return RoleDefinitionsClientListResponse{}, err + } + return client.listHandleResponse(resp) + }, + Tracer: client.internal.Tracer(), + }) +} + +// listCreateRequest creates the List request. +func (client *RoleDefinitionsClient) listCreateRequest(ctx context.Context, scope string, options *RoleDefinitionsClientListOptions) (*policy.Request, error) { + urlPath := "/{scope}/providers/Microsoft.Authorization/roleDefinitions" + urlPath = strings.ReplaceAll(urlPath, "{scope}", scope) + req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + if options != nil && options.Filter != nil { + reqQP.Set("$filter", *options.Filter) + } + reqQP.Set("api-version", "2022-05-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// listHandleResponse handles the List response. +func (client *RoleDefinitionsClient) listHandleResponse(resp *http.Response) (RoleDefinitionsClientListResponse, error) { + result := RoleDefinitionsClientListResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.RoleDefinitionListResult); err != nil { + return RoleDefinitionsClientListResponse{}, err + } + return result, nil +} diff --git a/vendor/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3/roleeligibilityscheduleinstances_client.go b/vendor/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3/roleeligibilityscheduleinstances_client.go new file mode 100644 index 00000000000..f1685e3bf5e --- /dev/null +++ b/vendor/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3/roleeligibilityscheduleinstances_client.go @@ -0,0 +1,155 @@ +//go:build go1.18 +// +build go1.18 + +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package armauthorization + +import ( + "context" + "errors" + "github.com/Azure/azure-sdk-for-go/sdk/azcore" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/arm" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/policy" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "net/http" + "net/url" + "strings" +) + +// RoleEligibilityScheduleInstancesClient contains the methods for the RoleEligibilityScheduleInstances group. +// Don't use this type directly, use NewRoleEligibilityScheduleInstancesClient() instead. +type RoleEligibilityScheduleInstancesClient struct { + internal *arm.Client +} + +// NewRoleEligibilityScheduleInstancesClient creates a new instance of RoleEligibilityScheduleInstancesClient with the specified values. +// - credential - used to authorize requests. Usually a credential from azidentity. +// - options - pass nil to accept the default values. +func NewRoleEligibilityScheduleInstancesClient(credential azcore.TokenCredential, options *arm.ClientOptions) (*RoleEligibilityScheduleInstancesClient, error) { + cl, err := arm.NewClient(moduleName, moduleVersion, credential, options) + if err != nil { + return nil, err + } + client := &RoleEligibilityScheduleInstancesClient{ + internal: cl, + } + return client, nil +} + +// Get - Gets the specified role eligibility schedule instance. +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2020-10-01-preview +// - scope - The scope of the role eligibility schedules. +// - roleEligibilityScheduleInstanceName - The name (hash of schedule name + time) of the role eligibility schedule to get. +// - options - RoleEligibilityScheduleInstancesClientGetOptions contains the optional parameters for the RoleEligibilityScheduleInstancesClient.Get +// method. +func (client *RoleEligibilityScheduleInstancesClient) Get(ctx context.Context, scope string, roleEligibilityScheduleInstanceName string, options *RoleEligibilityScheduleInstancesClientGetOptions) (RoleEligibilityScheduleInstancesClientGetResponse, error) { + var err error + const operationName = "RoleEligibilityScheduleInstancesClient.Get" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.getCreateRequest(ctx, scope, roleEligibilityScheduleInstanceName, options) + if err != nil { + return RoleEligibilityScheduleInstancesClientGetResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return RoleEligibilityScheduleInstancesClientGetResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK) { + err = runtime.NewResponseError(httpResp) + return RoleEligibilityScheduleInstancesClientGetResponse{}, err + } + resp, err := client.getHandleResponse(httpResp) + return resp, err +} + +// getCreateRequest creates the Get request. +func (client *RoleEligibilityScheduleInstancesClient) getCreateRequest(ctx context.Context, scope string, roleEligibilityScheduleInstanceName string, options *RoleEligibilityScheduleInstancesClientGetOptions) (*policy.Request, error) { + urlPath := "/{scope}/providers/Microsoft.Authorization/roleEligibilityScheduleInstances/{roleEligibilityScheduleInstanceName}" + urlPath = strings.ReplaceAll(urlPath, "{scope}", scope) + if roleEligibilityScheduleInstanceName == "" { + return nil, errors.New("parameter roleEligibilityScheduleInstanceName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{roleEligibilityScheduleInstanceName}", url.PathEscape(roleEligibilityScheduleInstanceName)) + req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2020-10-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// getHandleResponse handles the Get response. +func (client *RoleEligibilityScheduleInstancesClient) getHandleResponse(resp *http.Response) (RoleEligibilityScheduleInstancesClientGetResponse, error) { + result := RoleEligibilityScheduleInstancesClientGetResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.RoleEligibilityScheduleInstance); err != nil { + return RoleEligibilityScheduleInstancesClientGetResponse{}, err + } + return result, nil +} + +// NewListForScopePager - Gets role eligibility schedule instances of a role eligibility schedule. +// +// Generated from API version 2020-10-01-preview +// - scope - The scope of the role eligibility schedule. +// - options - RoleEligibilityScheduleInstancesClientListForScopeOptions contains the optional parameters for the RoleEligibilityScheduleInstancesClient.NewListForScopePager +// method. +func (client *RoleEligibilityScheduleInstancesClient) NewListForScopePager(scope string, options *RoleEligibilityScheduleInstancesClientListForScopeOptions) *runtime.Pager[RoleEligibilityScheduleInstancesClientListForScopeResponse] { + return runtime.NewPager(runtime.PagingHandler[RoleEligibilityScheduleInstancesClientListForScopeResponse]{ + More: func(page RoleEligibilityScheduleInstancesClientListForScopeResponse) bool { + return page.NextLink != nil && len(*page.NextLink) > 0 + }, + Fetcher: func(ctx context.Context, page *RoleEligibilityScheduleInstancesClientListForScopeResponse) (RoleEligibilityScheduleInstancesClientListForScopeResponse, error) { + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, "RoleEligibilityScheduleInstancesClient.NewListForScopePager") + nextLink := "" + if page != nil { + nextLink = *page.NextLink + } + resp, err := runtime.FetcherForNextLink(ctx, client.internal.Pipeline(), nextLink, func(ctx context.Context) (*policy.Request, error) { + return client.listForScopeCreateRequest(ctx, scope, options) + }, nil) + if err != nil { + return RoleEligibilityScheduleInstancesClientListForScopeResponse{}, err + } + return client.listForScopeHandleResponse(resp) + }, + Tracer: client.internal.Tracer(), + }) +} + +// listForScopeCreateRequest creates the ListForScope request. +func (client *RoleEligibilityScheduleInstancesClient) listForScopeCreateRequest(ctx context.Context, scope string, options *RoleEligibilityScheduleInstancesClientListForScopeOptions) (*policy.Request, error) { + urlPath := "/{scope}/providers/Microsoft.Authorization/roleEligibilityScheduleInstances" + urlPath = strings.ReplaceAll(urlPath, "{scope}", scope) + req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + if options != nil && options.Filter != nil { + reqQP.Set("$filter", *options.Filter) + } + reqQP.Set("api-version", "2020-10-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// listForScopeHandleResponse handles the ListForScope response. +func (client *RoleEligibilityScheduleInstancesClient) listForScopeHandleResponse(resp *http.Response) (RoleEligibilityScheduleInstancesClientListForScopeResponse, error) { + result := RoleEligibilityScheduleInstancesClientListForScopeResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.RoleEligibilityScheduleInstanceListResult); err != nil { + return RoleEligibilityScheduleInstancesClientListForScopeResponse{}, err + } + return result, nil +} diff --git a/vendor/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3/roleeligibilityschedulerequests_client.go b/vendor/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3/roleeligibilityschedulerequests_client.go new file mode 100644 index 00000000000..0354c57bbab --- /dev/null +++ b/vendor/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3/roleeligibilityschedulerequests_client.go @@ -0,0 +1,332 @@ +//go:build go1.18 +// +build go1.18 + +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package armauthorization + +import ( + "context" + "errors" + "github.com/Azure/azure-sdk-for-go/sdk/azcore" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/arm" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/policy" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "net/http" + "net/url" + "strings" +) + +// RoleEligibilityScheduleRequestsClient contains the methods for the RoleEligibilityScheduleRequests group. +// Don't use this type directly, use NewRoleEligibilityScheduleRequestsClient() instead. +type RoleEligibilityScheduleRequestsClient struct { + internal *arm.Client +} + +// NewRoleEligibilityScheduleRequestsClient creates a new instance of RoleEligibilityScheduleRequestsClient with the specified values. +// - credential - used to authorize requests. Usually a credential from azidentity. +// - options - pass nil to accept the default values. +func NewRoleEligibilityScheduleRequestsClient(credential azcore.TokenCredential, options *arm.ClientOptions) (*RoleEligibilityScheduleRequestsClient, error) { + cl, err := arm.NewClient(moduleName, moduleVersion, credential, options) + if err != nil { + return nil, err + } + client := &RoleEligibilityScheduleRequestsClient{ + internal: cl, + } + return client, nil +} + +// Cancel - Cancels a pending role eligibility schedule request. +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2022-04-01-preview +// - scope - The scope of the role eligibility request to cancel. +// - roleEligibilityScheduleRequestName - The name of the role eligibility request to cancel. +// - options - RoleEligibilityScheduleRequestsClientCancelOptions contains the optional parameters for the RoleEligibilityScheduleRequestsClient.Cancel +// method. +func (client *RoleEligibilityScheduleRequestsClient) Cancel(ctx context.Context, scope string, roleEligibilityScheduleRequestName string, options *RoleEligibilityScheduleRequestsClientCancelOptions) (RoleEligibilityScheduleRequestsClientCancelResponse, error) { + var err error + const operationName = "RoleEligibilityScheduleRequestsClient.Cancel" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.cancelCreateRequest(ctx, scope, roleEligibilityScheduleRequestName, options) + if err != nil { + return RoleEligibilityScheduleRequestsClientCancelResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return RoleEligibilityScheduleRequestsClientCancelResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK) { + err = runtime.NewResponseError(httpResp) + return RoleEligibilityScheduleRequestsClientCancelResponse{}, err + } + return RoleEligibilityScheduleRequestsClientCancelResponse{}, nil +} + +// cancelCreateRequest creates the Cancel request. +func (client *RoleEligibilityScheduleRequestsClient) cancelCreateRequest(ctx context.Context, scope string, roleEligibilityScheduleRequestName string, options *RoleEligibilityScheduleRequestsClientCancelOptions) (*policy.Request, error) { + urlPath := "/{scope}/providers/Microsoft.Authorization/roleEligibilityScheduleRequests/{roleEligibilityScheduleRequestName}/cancel" + urlPath = strings.ReplaceAll(urlPath, "{scope}", scope) + if roleEligibilityScheduleRequestName == "" { + return nil, errors.New("parameter roleEligibilityScheduleRequestName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{roleEligibilityScheduleRequestName}", url.PathEscape(roleEligibilityScheduleRequestName)) + req, err := runtime.NewRequest(ctx, http.MethodPost, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2022-04-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// Create - Creates a role eligibility schedule request. +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2022-04-01-preview +// - scope - The scope of the role eligibility schedule request to create. The scope can be any REST resource instance. For +// example, use '/providers/Microsoft.Subscription/subscriptions/{subscription-id}/' for a +// subscription, '/providers/Microsoft.Subscription/subscriptions/{subscription-id}/resourceGroups/{resource-group-name}' +// for a resource group, and +// '/providers/Microsoft.Subscription/subscriptions/{subscription-id}/resourceGroups/{resource-group-name}/providers/{resource-provider}/{resource-type}/{resource-name}' +// for a resource. +// - roleEligibilityScheduleRequestName - The name of the role eligibility to create. It can be any valid GUID. +// - parameters - Parameters for the role eligibility schedule request. +// - options - RoleEligibilityScheduleRequestsClientCreateOptions contains the optional parameters for the RoleEligibilityScheduleRequestsClient.Create +// method. +func (client *RoleEligibilityScheduleRequestsClient) Create(ctx context.Context, scope string, roleEligibilityScheduleRequestName string, parameters RoleEligibilityScheduleRequest, options *RoleEligibilityScheduleRequestsClientCreateOptions) (RoleEligibilityScheduleRequestsClientCreateResponse, error) { + var err error + const operationName = "RoleEligibilityScheduleRequestsClient.Create" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.createCreateRequest(ctx, scope, roleEligibilityScheduleRequestName, parameters, options) + if err != nil { + return RoleEligibilityScheduleRequestsClientCreateResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return RoleEligibilityScheduleRequestsClientCreateResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusCreated) { + err = runtime.NewResponseError(httpResp) + return RoleEligibilityScheduleRequestsClientCreateResponse{}, err + } + resp, err := client.createHandleResponse(httpResp) + return resp, err +} + +// createCreateRequest creates the Create request. +func (client *RoleEligibilityScheduleRequestsClient) createCreateRequest(ctx context.Context, scope string, roleEligibilityScheduleRequestName string, parameters RoleEligibilityScheduleRequest, options *RoleEligibilityScheduleRequestsClientCreateOptions) (*policy.Request, error) { + urlPath := "/{scope}/providers/Microsoft.Authorization/roleEligibilityScheduleRequests/{roleEligibilityScheduleRequestName}" + urlPath = strings.ReplaceAll(urlPath, "{scope}", scope) + if roleEligibilityScheduleRequestName == "" { + return nil, errors.New("parameter roleEligibilityScheduleRequestName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{roleEligibilityScheduleRequestName}", url.PathEscape(roleEligibilityScheduleRequestName)) + req, err := runtime.NewRequest(ctx, http.MethodPut, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2022-04-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + if err := runtime.MarshalAsJSON(req, parameters); err != nil { + return nil, err + } + return req, nil +} + +// createHandleResponse handles the Create response. +func (client *RoleEligibilityScheduleRequestsClient) createHandleResponse(resp *http.Response) (RoleEligibilityScheduleRequestsClientCreateResponse, error) { + result := RoleEligibilityScheduleRequestsClientCreateResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.RoleEligibilityScheduleRequest); err != nil { + return RoleEligibilityScheduleRequestsClientCreateResponse{}, err + } + return result, nil +} + +// Get - Get the specified role eligibility schedule request. +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2022-04-01-preview +// - scope - The scope of the role eligibility schedule request. +// - roleEligibilityScheduleRequestName - The name (guid) of the role eligibility schedule request to get. +// - options - RoleEligibilityScheduleRequestsClientGetOptions contains the optional parameters for the RoleEligibilityScheduleRequestsClient.Get +// method. +func (client *RoleEligibilityScheduleRequestsClient) Get(ctx context.Context, scope string, roleEligibilityScheduleRequestName string, options *RoleEligibilityScheduleRequestsClientGetOptions) (RoleEligibilityScheduleRequestsClientGetResponse, error) { + var err error + const operationName = "RoleEligibilityScheduleRequestsClient.Get" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.getCreateRequest(ctx, scope, roleEligibilityScheduleRequestName, options) + if err != nil { + return RoleEligibilityScheduleRequestsClientGetResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return RoleEligibilityScheduleRequestsClientGetResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK) { + err = runtime.NewResponseError(httpResp) + return RoleEligibilityScheduleRequestsClientGetResponse{}, err + } + resp, err := client.getHandleResponse(httpResp) + return resp, err +} + +// getCreateRequest creates the Get request. +func (client *RoleEligibilityScheduleRequestsClient) getCreateRequest(ctx context.Context, scope string, roleEligibilityScheduleRequestName string, options *RoleEligibilityScheduleRequestsClientGetOptions) (*policy.Request, error) { + urlPath := "/{scope}/providers/Microsoft.Authorization/roleEligibilityScheduleRequests/{roleEligibilityScheduleRequestName}" + urlPath = strings.ReplaceAll(urlPath, "{scope}", scope) + if roleEligibilityScheduleRequestName == "" { + return nil, errors.New("parameter roleEligibilityScheduleRequestName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{roleEligibilityScheduleRequestName}", url.PathEscape(roleEligibilityScheduleRequestName)) + req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2022-04-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// getHandleResponse handles the Get response. +func (client *RoleEligibilityScheduleRequestsClient) getHandleResponse(resp *http.Response) (RoleEligibilityScheduleRequestsClientGetResponse, error) { + result := RoleEligibilityScheduleRequestsClientGetResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.RoleEligibilityScheduleRequest); err != nil { + return RoleEligibilityScheduleRequestsClientGetResponse{}, err + } + return result, nil +} + +// NewListForScopePager - Gets role eligibility schedule requests for a scope. +// +// Generated from API version 2022-04-01-preview +// - scope - The scope of the role eligibility schedule requests. +// - options - RoleEligibilityScheduleRequestsClientListForScopeOptions contains the optional parameters for the RoleEligibilityScheduleRequestsClient.NewListForScopePager +// method. +func (client *RoleEligibilityScheduleRequestsClient) NewListForScopePager(scope string, options *RoleEligibilityScheduleRequestsClientListForScopeOptions) *runtime.Pager[RoleEligibilityScheduleRequestsClientListForScopeResponse] { + return runtime.NewPager(runtime.PagingHandler[RoleEligibilityScheduleRequestsClientListForScopeResponse]{ + More: func(page RoleEligibilityScheduleRequestsClientListForScopeResponse) bool { + return page.NextLink != nil && len(*page.NextLink) > 0 + }, + Fetcher: func(ctx context.Context, page *RoleEligibilityScheduleRequestsClientListForScopeResponse) (RoleEligibilityScheduleRequestsClientListForScopeResponse, error) { + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, "RoleEligibilityScheduleRequestsClient.NewListForScopePager") + nextLink := "" + if page != nil { + nextLink = *page.NextLink + } + resp, err := runtime.FetcherForNextLink(ctx, client.internal.Pipeline(), nextLink, func(ctx context.Context) (*policy.Request, error) { + return client.listForScopeCreateRequest(ctx, scope, options) + }, nil) + if err != nil { + return RoleEligibilityScheduleRequestsClientListForScopeResponse{}, err + } + return client.listForScopeHandleResponse(resp) + }, + Tracer: client.internal.Tracer(), + }) +} + +// listForScopeCreateRequest creates the ListForScope request. +func (client *RoleEligibilityScheduleRequestsClient) listForScopeCreateRequest(ctx context.Context, scope string, options *RoleEligibilityScheduleRequestsClientListForScopeOptions) (*policy.Request, error) { + urlPath := "/{scope}/providers/Microsoft.Authorization/roleEligibilityScheduleRequests" + urlPath = strings.ReplaceAll(urlPath, "{scope}", scope) + req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + if options != nil && options.Filter != nil { + reqQP.Set("$filter", *options.Filter) + } + reqQP.Set("api-version", "2022-04-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// listForScopeHandleResponse handles the ListForScope response. +func (client *RoleEligibilityScheduleRequestsClient) listForScopeHandleResponse(resp *http.Response) (RoleEligibilityScheduleRequestsClientListForScopeResponse, error) { + result := RoleEligibilityScheduleRequestsClientListForScopeResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.RoleEligibilityScheduleRequestListResult); err != nil { + return RoleEligibilityScheduleRequestsClientListForScopeResponse{}, err + } + return result, nil +} + +// Validate - Validates a new role eligibility schedule request. +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2022-04-01-preview +// - scope - The scope of the role eligibility request to validate. +// - roleEligibilityScheduleRequestName - The name of the role eligibility request to validate. +// - parameters - Parameters for the role eligibility schedule request. +// - options - RoleEligibilityScheduleRequestsClientValidateOptions contains the optional parameters for the RoleEligibilityScheduleRequestsClient.Validate +// method. +func (client *RoleEligibilityScheduleRequestsClient) Validate(ctx context.Context, scope string, roleEligibilityScheduleRequestName string, parameters RoleEligibilityScheduleRequest, options *RoleEligibilityScheduleRequestsClientValidateOptions) (RoleEligibilityScheduleRequestsClientValidateResponse, error) { + var err error + const operationName = "RoleEligibilityScheduleRequestsClient.Validate" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.validateCreateRequest(ctx, scope, roleEligibilityScheduleRequestName, parameters, options) + if err != nil { + return RoleEligibilityScheduleRequestsClientValidateResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return RoleEligibilityScheduleRequestsClientValidateResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK) { + err = runtime.NewResponseError(httpResp) + return RoleEligibilityScheduleRequestsClientValidateResponse{}, err + } + resp, err := client.validateHandleResponse(httpResp) + return resp, err +} + +// validateCreateRequest creates the Validate request. +func (client *RoleEligibilityScheduleRequestsClient) validateCreateRequest(ctx context.Context, scope string, roleEligibilityScheduleRequestName string, parameters RoleEligibilityScheduleRequest, options *RoleEligibilityScheduleRequestsClientValidateOptions) (*policy.Request, error) { + urlPath := "/{scope}/providers/Microsoft.Authorization/roleEligibilityScheduleRequests/{roleEligibilityScheduleRequestName}/validate" + urlPath = strings.ReplaceAll(urlPath, "{scope}", scope) + if roleEligibilityScheduleRequestName == "" { + return nil, errors.New("parameter roleEligibilityScheduleRequestName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{roleEligibilityScheduleRequestName}", url.PathEscape(roleEligibilityScheduleRequestName)) + req, err := runtime.NewRequest(ctx, http.MethodPost, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2022-04-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + if err := runtime.MarshalAsJSON(req, parameters); err != nil { + return nil, err + } + return req, nil +} + +// validateHandleResponse handles the Validate response. +func (client *RoleEligibilityScheduleRequestsClient) validateHandleResponse(resp *http.Response) (RoleEligibilityScheduleRequestsClientValidateResponse, error) { + result := RoleEligibilityScheduleRequestsClientValidateResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.RoleEligibilityScheduleRequest); err != nil { + return RoleEligibilityScheduleRequestsClientValidateResponse{}, err + } + return result, nil +} diff --git a/vendor/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3/roleeligibilityschedules_client.go b/vendor/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3/roleeligibilityschedules_client.go new file mode 100644 index 00000000000..11b0fece2f4 --- /dev/null +++ b/vendor/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3/roleeligibilityschedules_client.go @@ -0,0 +1,155 @@ +//go:build go1.18 +// +build go1.18 + +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package armauthorization + +import ( + "context" + "errors" + "github.com/Azure/azure-sdk-for-go/sdk/azcore" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/arm" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/policy" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "net/http" + "net/url" + "strings" +) + +// RoleEligibilitySchedulesClient contains the methods for the RoleEligibilitySchedules group. +// Don't use this type directly, use NewRoleEligibilitySchedulesClient() instead. +type RoleEligibilitySchedulesClient struct { + internal *arm.Client +} + +// NewRoleEligibilitySchedulesClient creates a new instance of RoleEligibilitySchedulesClient with the specified values. +// - credential - used to authorize requests. Usually a credential from azidentity. +// - options - pass nil to accept the default values. +func NewRoleEligibilitySchedulesClient(credential azcore.TokenCredential, options *arm.ClientOptions) (*RoleEligibilitySchedulesClient, error) { + cl, err := arm.NewClient(moduleName, moduleVersion, credential, options) + if err != nil { + return nil, err + } + client := &RoleEligibilitySchedulesClient{ + internal: cl, + } + return client, nil +} + +// Get - Get the specified role eligibility schedule for a resource scope +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2020-10-01-preview +// - scope - The scope of the role eligibility schedule. +// - roleEligibilityScheduleName - The name (guid) of the role eligibility schedule to get. +// - options - RoleEligibilitySchedulesClientGetOptions contains the optional parameters for the RoleEligibilitySchedulesClient.Get +// method. +func (client *RoleEligibilitySchedulesClient) Get(ctx context.Context, scope string, roleEligibilityScheduleName string, options *RoleEligibilitySchedulesClientGetOptions) (RoleEligibilitySchedulesClientGetResponse, error) { + var err error + const operationName = "RoleEligibilitySchedulesClient.Get" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.getCreateRequest(ctx, scope, roleEligibilityScheduleName, options) + if err != nil { + return RoleEligibilitySchedulesClientGetResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return RoleEligibilitySchedulesClientGetResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK) { + err = runtime.NewResponseError(httpResp) + return RoleEligibilitySchedulesClientGetResponse{}, err + } + resp, err := client.getHandleResponse(httpResp) + return resp, err +} + +// getCreateRequest creates the Get request. +func (client *RoleEligibilitySchedulesClient) getCreateRequest(ctx context.Context, scope string, roleEligibilityScheduleName string, options *RoleEligibilitySchedulesClientGetOptions) (*policy.Request, error) { + urlPath := "/{scope}/providers/Microsoft.Authorization/roleEligibilitySchedules/{roleEligibilityScheduleName}" + urlPath = strings.ReplaceAll(urlPath, "{scope}", scope) + if roleEligibilityScheduleName == "" { + return nil, errors.New("parameter roleEligibilityScheduleName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{roleEligibilityScheduleName}", url.PathEscape(roleEligibilityScheduleName)) + req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2020-10-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// getHandleResponse handles the Get response. +func (client *RoleEligibilitySchedulesClient) getHandleResponse(resp *http.Response) (RoleEligibilitySchedulesClientGetResponse, error) { + result := RoleEligibilitySchedulesClientGetResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.RoleEligibilitySchedule); err != nil { + return RoleEligibilitySchedulesClientGetResponse{}, err + } + return result, nil +} + +// NewListForScopePager - Gets role eligibility schedules for a resource scope. +// +// Generated from API version 2020-10-01-preview +// - scope - The scope of the role eligibility schedules. +// - options - RoleEligibilitySchedulesClientListForScopeOptions contains the optional parameters for the RoleEligibilitySchedulesClient.NewListForScopePager +// method. +func (client *RoleEligibilitySchedulesClient) NewListForScopePager(scope string, options *RoleEligibilitySchedulesClientListForScopeOptions) *runtime.Pager[RoleEligibilitySchedulesClientListForScopeResponse] { + return runtime.NewPager(runtime.PagingHandler[RoleEligibilitySchedulesClientListForScopeResponse]{ + More: func(page RoleEligibilitySchedulesClientListForScopeResponse) bool { + return page.NextLink != nil && len(*page.NextLink) > 0 + }, + Fetcher: func(ctx context.Context, page *RoleEligibilitySchedulesClientListForScopeResponse) (RoleEligibilitySchedulesClientListForScopeResponse, error) { + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, "RoleEligibilitySchedulesClient.NewListForScopePager") + nextLink := "" + if page != nil { + nextLink = *page.NextLink + } + resp, err := runtime.FetcherForNextLink(ctx, client.internal.Pipeline(), nextLink, func(ctx context.Context) (*policy.Request, error) { + return client.listForScopeCreateRequest(ctx, scope, options) + }, nil) + if err != nil { + return RoleEligibilitySchedulesClientListForScopeResponse{}, err + } + return client.listForScopeHandleResponse(resp) + }, + Tracer: client.internal.Tracer(), + }) +} + +// listForScopeCreateRequest creates the ListForScope request. +func (client *RoleEligibilitySchedulesClient) listForScopeCreateRequest(ctx context.Context, scope string, options *RoleEligibilitySchedulesClientListForScopeOptions) (*policy.Request, error) { + urlPath := "/{scope}/providers/Microsoft.Authorization/roleEligibilitySchedules" + urlPath = strings.ReplaceAll(urlPath, "{scope}", scope) + req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + if options != nil && options.Filter != nil { + reqQP.Set("$filter", *options.Filter) + } + reqQP.Set("api-version", "2020-10-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// listForScopeHandleResponse handles the ListForScope response. +func (client *RoleEligibilitySchedulesClient) listForScopeHandleResponse(resp *http.Response) (RoleEligibilitySchedulesClientListForScopeResponse, error) { + result := RoleEligibilitySchedulesClientListForScopeResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.RoleEligibilityScheduleListResult); err != nil { + return RoleEligibilitySchedulesClientListForScopeResponse{}, err + } + return result, nil +} diff --git a/vendor/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3/rolemanagementpolicies_client.go b/vendor/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3/rolemanagementpolicies_client.go new file mode 100644 index 00000000000..a12c7d731f4 --- /dev/null +++ b/vendor/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3/rolemanagementpolicies_client.go @@ -0,0 +1,262 @@ +//go:build go1.18 +// +build go1.18 + +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package armauthorization + +import ( + "context" + "errors" + "github.com/Azure/azure-sdk-for-go/sdk/azcore" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/arm" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/policy" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "net/http" + "net/url" + "strings" +) + +// RoleManagementPoliciesClient contains the methods for the RoleManagementPolicies group. +// Don't use this type directly, use NewRoleManagementPoliciesClient() instead. +type RoleManagementPoliciesClient struct { + internal *arm.Client +} + +// NewRoleManagementPoliciesClient creates a new instance of RoleManagementPoliciesClient with the specified values. +// - credential - used to authorize requests. Usually a credential from azidentity. +// - options - pass nil to accept the default values. +func NewRoleManagementPoliciesClient(credential azcore.TokenCredential, options *arm.ClientOptions) (*RoleManagementPoliciesClient, error) { + cl, err := arm.NewClient(moduleName, moduleVersion, credential, options) + if err != nil { + return nil, err + } + client := &RoleManagementPoliciesClient{ + internal: cl, + } + return client, nil +} + +// Delete - Delete a role management policy +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2020-10-01-preview +// - scope - The scope of the role management policy to upsert. +// - roleManagementPolicyName - The name (guid) of the role management policy to upsert. +// - options - RoleManagementPoliciesClientDeleteOptions contains the optional parameters for the RoleManagementPoliciesClient.Delete +// method. +func (client *RoleManagementPoliciesClient) Delete(ctx context.Context, scope string, roleManagementPolicyName string, options *RoleManagementPoliciesClientDeleteOptions) (RoleManagementPoliciesClientDeleteResponse, error) { + var err error + const operationName = "RoleManagementPoliciesClient.Delete" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.deleteCreateRequest(ctx, scope, roleManagementPolicyName, options) + if err != nil { + return RoleManagementPoliciesClientDeleteResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return RoleManagementPoliciesClientDeleteResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK, http.StatusNoContent) { + err = runtime.NewResponseError(httpResp) + return RoleManagementPoliciesClientDeleteResponse{}, err + } + return RoleManagementPoliciesClientDeleteResponse{}, nil +} + +// deleteCreateRequest creates the Delete request. +func (client *RoleManagementPoliciesClient) deleteCreateRequest(ctx context.Context, scope string, roleManagementPolicyName string, options *RoleManagementPoliciesClientDeleteOptions) (*policy.Request, error) { + urlPath := "/{scope}/providers/Microsoft.Authorization/roleManagementPolicies/{roleManagementPolicyName}" + urlPath = strings.ReplaceAll(urlPath, "{scope}", scope) + if roleManagementPolicyName == "" { + return nil, errors.New("parameter roleManagementPolicyName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{roleManagementPolicyName}", url.PathEscape(roleManagementPolicyName)) + req, err := runtime.NewRequest(ctx, http.MethodDelete, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2020-10-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// Get - Get the specified role management policy for a resource scope +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2020-10-01-preview +// - scope - The scope of the role management policy. +// - roleManagementPolicyName - The name (guid) of the role management policy to get. +// - options - RoleManagementPoliciesClientGetOptions contains the optional parameters for the RoleManagementPoliciesClient.Get +// method. +func (client *RoleManagementPoliciesClient) Get(ctx context.Context, scope string, roleManagementPolicyName string, options *RoleManagementPoliciesClientGetOptions) (RoleManagementPoliciesClientGetResponse, error) { + var err error + const operationName = "RoleManagementPoliciesClient.Get" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.getCreateRequest(ctx, scope, roleManagementPolicyName, options) + if err != nil { + return RoleManagementPoliciesClientGetResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return RoleManagementPoliciesClientGetResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK) { + err = runtime.NewResponseError(httpResp) + return RoleManagementPoliciesClientGetResponse{}, err + } + resp, err := client.getHandleResponse(httpResp) + return resp, err +} + +// getCreateRequest creates the Get request. +func (client *RoleManagementPoliciesClient) getCreateRequest(ctx context.Context, scope string, roleManagementPolicyName string, options *RoleManagementPoliciesClientGetOptions) (*policy.Request, error) { + urlPath := "/{scope}/providers/Microsoft.Authorization/roleManagementPolicies/{roleManagementPolicyName}" + urlPath = strings.ReplaceAll(urlPath, "{scope}", scope) + if roleManagementPolicyName == "" { + return nil, errors.New("parameter roleManagementPolicyName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{roleManagementPolicyName}", url.PathEscape(roleManagementPolicyName)) + req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2020-10-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// getHandleResponse handles the Get response. +func (client *RoleManagementPoliciesClient) getHandleResponse(resp *http.Response) (RoleManagementPoliciesClientGetResponse, error) { + result := RoleManagementPoliciesClientGetResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.RoleManagementPolicy); err != nil { + return RoleManagementPoliciesClientGetResponse{}, err + } + return result, nil +} + +// NewListForScopePager - Gets role management policies for a resource scope. +// +// Generated from API version 2020-10-01-preview +// - scope - The scope of the role management policy. +// - options - RoleManagementPoliciesClientListForScopeOptions contains the optional parameters for the RoleManagementPoliciesClient.NewListForScopePager +// method. +func (client *RoleManagementPoliciesClient) NewListForScopePager(scope string, options *RoleManagementPoliciesClientListForScopeOptions) *runtime.Pager[RoleManagementPoliciesClientListForScopeResponse] { + return runtime.NewPager(runtime.PagingHandler[RoleManagementPoliciesClientListForScopeResponse]{ + More: func(page RoleManagementPoliciesClientListForScopeResponse) bool { + return page.NextLink != nil && len(*page.NextLink) > 0 + }, + Fetcher: func(ctx context.Context, page *RoleManagementPoliciesClientListForScopeResponse) (RoleManagementPoliciesClientListForScopeResponse, error) { + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, "RoleManagementPoliciesClient.NewListForScopePager") + nextLink := "" + if page != nil { + nextLink = *page.NextLink + } + resp, err := runtime.FetcherForNextLink(ctx, client.internal.Pipeline(), nextLink, func(ctx context.Context) (*policy.Request, error) { + return client.listForScopeCreateRequest(ctx, scope, options) + }, nil) + if err != nil { + return RoleManagementPoliciesClientListForScopeResponse{}, err + } + return client.listForScopeHandleResponse(resp) + }, + Tracer: client.internal.Tracer(), + }) +} + +// listForScopeCreateRequest creates the ListForScope request. +func (client *RoleManagementPoliciesClient) listForScopeCreateRequest(ctx context.Context, scope string, options *RoleManagementPoliciesClientListForScopeOptions) (*policy.Request, error) { + urlPath := "/{scope}/providers/Microsoft.Authorization/roleManagementPolicies" + urlPath = strings.ReplaceAll(urlPath, "{scope}", scope) + req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2020-10-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// listForScopeHandleResponse handles the ListForScope response. +func (client *RoleManagementPoliciesClient) listForScopeHandleResponse(resp *http.Response) (RoleManagementPoliciesClientListForScopeResponse, error) { + result := RoleManagementPoliciesClientListForScopeResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.RoleManagementPolicyListResult); err != nil { + return RoleManagementPoliciesClientListForScopeResponse{}, err + } + return result, nil +} + +// Update - Update a role management policy +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2020-10-01-preview +// - scope - The scope of the role management policy to upsert. +// - roleManagementPolicyName - The name (guid) of the role management policy to upsert. +// - parameters - Parameters for the role management policy. +// - options - RoleManagementPoliciesClientUpdateOptions contains the optional parameters for the RoleManagementPoliciesClient.Update +// method. +func (client *RoleManagementPoliciesClient) Update(ctx context.Context, scope string, roleManagementPolicyName string, parameters RoleManagementPolicy, options *RoleManagementPoliciesClientUpdateOptions) (RoleManagementPoliciesClientUpdateResponse, error) { + var err error + const operationName = "RoleManagementPoliciesClient.Update" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.updateCreateRequest(ctx, scope, roleManagementPolicyName, parameters, options) + if err != nil { + return RoleManagementPoliciesClientUpdateResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return RoleManagementPoliciesClientUpdateResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK) { + err = runtime.NewResponseError(httpResp) + return RoleManagementPoliciesClientUpdateResponse{}, err + } + resp, err := client.updateHandleResponse(httpResp) + return resp, err +} + +// updateCreateRequest creates the Update request. +func (client *RoleManagementPoliciesClient) updateCreateRequest(ctx context.Context, scope string, roleManagementPolicyName string, parameters RoleManagementPolicy, options *RoleManagementPoliciesClientUpdateOptions) (*policy.Request, error) { + urlPath := "/{scope}/providers/Microsoft.Authorization/roleManagementPolicies/{roleManagementPolicyName}" + urlPath = strings.ReplaceAll(urlPath, "{scope}", scope) + if roleManagementPolicyName == "" { + return nil, errors.New("parameter roleManagementPolicyName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{roleManagementPolicyName}", url.PathEscape(roleManagementPolicyName)) + req, err := runtime.NewRequest(ctx, http.MethodPatch, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2020-10-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + if err := runtime.MarshalAsJSON(req, parameters); err != nil { + return nil, err + } + return req, nil +} + +// updateHandleResponse handles the Update response. +func (client *RoleManagementPoliciesClient) updateHandleResponse(resp *http.Response) (RoleManagementPoliciesClientUpdateResponse, error) { + result := RoleManagementPoliciesClientUpdateResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.RoleManagementPolicy); err != nil { + return RoleManagementPoliciesClientUpdateResponse{}, err + } + return result, nil +} diff --git a/vendor/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3/rolemanagementpolicyassignments_client.go b/vendor/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3/rolemanagementpolicyassignments_client.go new file mode 100644 index 00000000000..a2f7e67309b --- /dev/null +++ b/vendor/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3/rolemanagementpolicyassignments_client.go @@ -0,0 +1,262 @@ +//go:build go1.18 +// +build go1.18 + +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package armauthorization + +import ( + "context" + "errors" + "github.com/Azure/azure-sdk-for-go/sdk/azcore" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/arm" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/policy" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "net/http" + "net/url" + "strings" +) + +// RoleManagementPolicyAssignmentsClient contains the methods for the RoleManagementPolicyAssignments group. +// Don't use this type directly, use NewRoleManagementPolicyAssignmentsClient() instead. +type RoleManagementPolicyAssignmentsClient struct { + internal *arm.Client +} + +// NewRoleManagementPolicyAssignmentsClient creates a new instance of RoleManagementPolicyAssignmentsClient with the specified values. +// - credential - used to authorize requests. Usually a credential from azidentity. +// - options - pass nil to accept the default values. +func NewRoleManagementPolicyAssignmentsClient(credential azcore.TokenCredential, options *arm.ClientOptions) (*RoleManagementPolicyAssignmentsClient, error) { + cl, err := arm.NewClient(moduleName, moduleVersion, credential, options) + if err != nil { + return nil, err + } + client := &RoleManagementPolicyAssignmentsClient{ + internal: cl, + } + return client, nil +} + +// Create - Create a role management policy assignment +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2020-10-01-preview +// - scope - The scope of the role management policy assignment to upsert. +// - roleManagementPolicyAssignmentName - The name of format {guid_guid} the role management policy assignment to upsert. +// - parameters - Parameters for the role management policy assignment. +// - options - RoleManagementPolicyAssignmentsClientCreateOptions contains the optional parameters for the RoleManagementPolicyAssignmentsClient.Create +// method. +func (client *RoleManagementPolicyAssignmentsClient) Create(ctx context.Context, scope string, roleManagementPolicyAssignmentName string, parameters RoleManagementPolicyAssignment, options *RoleManagementPolicyAssignmentsClientCreateOptions) (RoleManagementPolicyAssignmentsClientCreateResponse, error) { + var err error + const operationName = "RoleManagementPolicyAssignmentsClient.Create" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.createCreateRequest(ctx, scope, roleManagementPolicyAssignmentName, parameters, options) + if err != nil { + return RoleManagementPolicyAssignmentsClientCreateResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return RoleManagementPolicyAssignmentsClientCreateResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusCreated) { + err = runtime.NewResponseError(httpResp) + return RoleManagementPolicyAssignmentsClientCreateResponse{}, err + } + resp, err := client.createHandleResponse(httpResp) + return resp, err +} + +// createCreateRequest creates the Create request. +func (client *RoleManagementPolicyAssignmentsClient) createCreateRequest(ctx context.Context, scope string, roleManagementPolicyAssignmentName string, parameters RoleManagementPolicyAssignment, options *RoleManagementPolicyAssignmentsClientCreateOptions) (*policy.Request, error) { + urlPath := "/{scope}/providers/Microsoft.Authorization/roleManagementPolicyAssignments/{roleManagementPolicyAssignmentName}" + urlPath = strings.ReplaceAll(urlPath, "{scope}", scope) + if roleManagementPolicyAssignmentName == "" { + return nil, errors.New("parameter roleManagementPolicyAssignmentName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{roleManagementPolicyAssignmentName}", url.PathEscape(roleManagementPolicyAssignmentName)) + req, err := runtime.NewRequest(ctx, http.MethodPut, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2020-10-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + if err := runtime.MarshalAsJSON(req, parameters); err != nil { + return nil, err + } + return req, nil +} + +// createHandleResponse handles the Create response. +func (client *RoleManagementPolicyAssignmentsClient) createHandleResponse(resp *http.Response) (RoleManagementPolicyAssignmentsClientCreateResponse, error) { + result := RoleManagementPolicyAssignmentsClientCreateResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.RoleManagementPolicyAssignment); err != nil { + return RoleManagementPolicyAssignmentsClientCreateResponse{}, err + } + return result, nil +} + +// Delete - Delete a role management policy assignment +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2020-10-01-preview +// - scope - The scope of the role management policy assignment to delete. +// - roleManagementPolicyAssignmentName - The name of format {guid_guid} the role management policy assignment to delete. +// - options - RoleManagementPolicyAssignmentsClientDeleteOptions contains the optional parameters for the RoleManagementPolicyAssignmentsClient.Delete +// method. +func (client *RoleManagementPolicyAssignmentsClient) Delete(ctx context.Context, scope string, roleManagementPolicyAssignmentName string, options *RoleManagementPolicyAssignmentsClientDeleteOptions) (RoleManagementPolicyAssignmentsClientDeleteResponse, error) { + var err error + const operationName = "RoleManagementPolicyAssignmentsClient.Delete" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.deleteCreateRequest(ctx, scope, roleManagementPolicyAssignmentName, options) + if err != nil { + return RoleManagementPolicyAssignmentsClientDeleteResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return RoleManagementPolicyAssignmentsClientDeleteResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK, http.StatusNoContent) { + err = runtime.NewResponseError(httpResp) + return RoleManagementPolicyAssignmentsClientDeleteResponse{}, err + } + return RoleManagementPolicyAssignmentsClientDeleteResponse{}, nil +} + +// deleteCreateRequest creates the Delete request. +func (client *RoleManagementPolicyAssignmentsClient) deleteCreateRequest(ctx context.Context, scope string, roleManagementPolicyAssignmentName string, options *RoleManagementPolicyAssignmentsClientDeleteOptions) (*policy.Request, error) { + urlPath := "/{scope}/providers/Microsoft.Authorization/roleManagementPolicyAssignments/{roleManagementPolicyAssignmentName}" + urlPath = strings.ReplaceAll(urlPath, "{scope}", scope) + if roleManagementPolicyAssignmentName == "" { + return nil, errors.New("parameter roleManagementPolicyAssignmentName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{roleManagementPolicyAssignmentName}", url.PathEscape(roleManagementPolicyAssignmentName)) + req, err := runtime.NewRequest(ctx, http.MethodDelete, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2020-10-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// Get - Get the specified role management policy assignment for a resource scope +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2020-10-01-preview +// - scope - The scope of the role management policy. +// - roleManagementPolicyAssignmentName - The name of format {guid_guid} the role management policy assignment to get. +// - options - RoleManagementPolicyAssignmentsClientGetOptions contains the optional parameters for the RoleManagementPolicyAssignmentsClient.Get +// method. +func (client *RoleManagementPolicyAssignmentsClient) Get(ctx context.Context, scope string, roleManagementPolicyAssignmentName string, options *RoleManagementPolicyAssignmentsClientGetOptions) (RoleManagementPolicyAssignmentsClientGetResponse, error) { + var err error + const operationName = "RoleManagementPolicyAssignmentsClient.Get" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.getCreateRequest(ctx, scope, roleManagementPolicyAssignmentName, options) + if err != nil { + return RoleManagementPolicyAssignmentsClientGetResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return RoleManagementPolicyAssignmentsClientGetResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK) { + err = runtime.NewResponseError(httpResp) + return RoleManagementPolicyAssignmentsClientGetResponse{}, err + } + resp, err := client.getHandleResponse(httpResp) + return resp, err +} + +// getCreateRequest creates the Get request. +func (client *RoleManagementPolicyAssignmentsClient) getCreateRequest(ctx context.Context, scope string, roleManagementPolicyAssignmentName string, options *RoleManagementPolicyAssignmentsClientGetOptions) (*policy.Request, error) { + urlPath := "/{scope}/providers/Microsoft.Authorization/roleManagementPolicyAssignments/{roleManagementPolicyAssignmentName}" + urlPath = strings.ReplaceAll(urlPath, "{scope}", scope) + if roleManagementPolicyAssignmentName == "" { + return nil, errors.New("parameter roleManagementPolicyAssignmentName cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{roleManagementPolicyAssignmentName}", url.PathEscape(roleManagementPolicyAssignmentName)) + req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2020-10-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// getHandleResponse handles the Get response. +func (client *RoleManagementPolicyAssignmentsClient) getHandleResponse(resp *http.Response) (RoleManagementPolicyAssignmentsClientGetResponse, error) { + result := RoleManagementPolicyAssignmentsClientGetResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.RoleManagementPolicyAssignment); err != nil { + return RoleManagementPolicyAssignmentsClientGetResponse{}, err + } + return result, nil +} + +// NewListForScopePager - Gets role management assignment policies for a resource scope. +// +// Generated from API version 2020-10-01-preview +// - scope - The scope of the role management policy. +// - options - RoleManagementPolicyAssignmentsClientListForScopeOptions contains the optional parameters for the RoleManagementPolicyAssignmentsClient.NewListForScopePager +// method. +func (client *RoleManagementPolicyAssignmentsClient) NewListForScopePager(scope string, options *RoleManagementPolicyAssignmentsClientListForScopeOptions) *runtime.Pager[RoleManagementPolicyAssignmentsClientListForScopeResponse] { + return runtime.NewPager(runtime.PagingHandler[RoleManagementPolicyAssignmentsClientListForScopeResponse]{ + More: func(page RoleManagementPolicyAssignmentsClientListForScopeResponse) bool { + return page.NextLink != nil && len(*page.NextLink) > 0 + }, + Fetcher: func(ctx context.Context, page *RoleManagementPolicyAssignmentsClientListForScopeResponse) (RoleManagementPolicyAssignmentsClientListForScopeResponse, error) { + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, "RoleManagementPolicyAssignmentsClient.NewListForScopePager") + nextLink := "" + if page != nil { + nextLink = *page.NextLink + } + resp, err := runtime.FetcherForNextLink(ctx, client.internal.Pipeline(), nextLink, func(ctx context.Context) (*policy.Request, error) { + return client.listForScopeCreateRequest(ctx, scope, options) + }, nil) + if err != nil { + return RoleManagementPolicyAssignmentsClientListForScopeResponse{}, err + } + return client.listForScopeHandleResponse(resp) + }, + Tracer: client.internal.Tracer(), + }) +} + +// listForScopeCreateRequest creates the ListForScope request. +func (client *RoleManagementPolicyAssignmentsClient) listForScopeCreateRequest(ctx context.Context, scope string, options *RoleManagementPolicyAssignmentsClientListForScopeOptions) (*policy.Request, error) { + urlPath := "/{scope}/providers/Microsoft.Authorization/roleManagementPolicyAssignments" + urlPath = strings.ReplaceAll(urlPath, "{scope}", scope) + req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2020-10-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// listForScopeHandleResponse handles the ListForScope response. +func (client *RoleManagementPolicyAssignmentsClient) listForScopeHandleResponse(resp *http.Response) (RoleManagementPolicyAssignmentsClientListForScopeResponse, error) { + result := RoleManagementPolicyAssignmentsClientListForScopeResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.RoleManagementPolicyAssignmentListResult); err != nil { + return RoleManagementPolicyAssignmentsClientListForScopeResponse{}, err + } + return result, nil +} diff --git a/vendor/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3/scopeaccessreviewdefaultsettings_client.go b/vendor/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3/scopeaccessreviewdefaultsettings_client.go new file mode 100644 index 00000000000..0888c76f3ff --- /dev/null +++ b/vendor/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3/scopeaccessreviewdefaultsettings_client.go @@ -0,0 +1,157 @@ +//go:build go1.18 +// +build go1.18 + +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package armauthorization + +import ( + "context" + "errors" + "github.com/Azure/azure-sdk-for-go/sdk/azcore" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/arm" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/policy" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "net/http" + "net/url" + "strings" +) + +// ScopeAccessReviewDefaultSettingsClient contains the methods for the ScopeAccessReviewDefaultSettings group. +// Don't use this type directly, use NewScopeAccessReviewDefaultSettingsClient() instead. +type ScopeAccessReviewDefaultSettingsClient struct { + internal *arm.Client +} + +// NewScopeAccessReviewDefaultSettingsClient creates a new instance of ScopeAccessReviewDefaultSettingsClient with the specified values. +// - credential - used to authorize requests. Usually a credential from azidentity. +// - options - pass nil to accept the default values. +func NewScopeAccessReviewDefaultSettingsClient(credential azcore.TokenCredential, options *arm.ClientOptions) (*ScopeAccessReviewDefaultSettingsClient, error) { + cl, err := arm.NewClient(moduleName, moduleVersion, credential, options) + if err != nil { + return nil, err + } + client := &ScopeAccessReviewDefaultSettingsClient{ + internal: cl, + } + return client, nil +} + +// Get - Get access review default settings for the subscription +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2021-12-01-preview +// - scope - The scope of the resource. +// - options - ScopeAccessReviewDefaultSettingsClientGetOptions contains the optional parameters for the ScopeAccessReviewDefaultSettingsClient.Get +// method. +func (client *ScopeAccessReviewDefaultSettingsClient) Get(ctx context.Context, scope string, options *ScopeAccessReviewDefaultSettingsClientGetOptions) (ScopeAccessReviewDefaultSettingsClientGetResponse, error) { + var err error + const operationName = "ScopeAccessReviewDefaultSettingsClient.Get" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.getCreateRequest(ctx, scope, options) + if err != nil { + return ScopeAccessReviewDefaultSettingsClientGetResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return ScopeAccessReviewDefaultSettingsClientGetResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK) { + err = runtime.NewResponseError(httpResp) + return ScopeAccessReviewDefaultSettingsClientGetResponse{}, err + } + resp, err := client.getHandleResponse(httpResp) + return resp, err +} + +// getCreateRequest creates the Get request. +func (client *ScopeAccessReviewDefaultSettingsClient) getCreateRequest(ctx context.Context, scope string, options *ScopeAccessReviewDefaultSettingsClientGetOptions) (*policy.Request, error) { + urlPath := "/{scope}/providers/Microsoft.Authorization/accessReviewScheduleSettings/default" + if scope == "" { + return nil, errors.New("parameter scope cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{scope}", url.PathEscape(scope)) + req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2021-12-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// getHandleResponse handles the Get response. +func (client *ScopeAccessReviewDefaultSettingsClient) getHandleResponse(resp *http.Response) (ScopeAccessReviewDefaultSettingsClientGetResponse, error) { + result := ScopeAccessReviewDefaultSettingsClientGetResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.AccessReviewDefaultSettings); err != nil { + return ScopeAccessReviewDefaultSettingsClientGetResponse{}, err + } + return result, nil +} + +// Put - Get access review default settings for the subscription +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2021-12-01-preview +// - scope - The scope of the resource. +// - properties - Access review schedule settings. +// - options - ScopeAccessReviewDefaultSettingsClientPutOptions contains the optional parameters for the ScopeAccessReviewDefaultSettingsClient.Put +// method. +func (client *ScopeAccessReviewDefaultSettingsClient) Put(ctx context.Context, scope string, properties AccessReviewScheduleSettings, options *ScopeAccessReviewDefaultSettingsClientPutOptions) (ScopeAccessReviewDefaultSettingsClientPutResponse, error) { + var err error + const operationName = "ScopeAccessReviewDefaultSettingsClient.Put" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.putCreateRequest(ctx, scope, properties, options) + if err != nil { + return ScopeAccessReviewDefaultSettingsClientPutResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return ScopeAccessReviewDefaultSettingsClientPutResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK) { + err = runtime.NewResponseError(httpResp) + return ScopeAccessReviewDefaultSettingsClientPutResponse{}, err + } + resp, err := client.putHandleResponse(httpResp) + return resp, err +} + +// putCreateRequest creates the Put request. +func (client *ScopeAccessReviewDefaultSettingsClient) putCreateRequest(ctx context.Context, scope string, properties AccessReviewScheduleSettings, options *ScopeAccessReviewDefaultSettingsClientPutOptions) (*policy.Request, error) { + urlPath := "/{scope}/providers/Microsoft.Authorization/accessReviewScheduleSettings/default" + if scope == "" { + return nil, errors.New("parameter scope cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{scope}", url.PathEscape(scope)) + req, err := runtime.NewRequest(ctx, http.MethodPut, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2021-12-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + if err := runtime.MarshalAsJSON(req, properties); err != nil { + return nil, err + } + return req, nil +} + +// putHandleResponse handles the Put response. +func (client *ScopeAccessReviewDefaultSettingsClient) putHandleResponse(resp *http.Response) (ScopeAccessReviewDefaultSettingsClientPutResponse, error) { + result := ScopeAccessReviewDefaultSettingsClientPutResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.AccessReviewDefaultSettings); err != nil { + return ScopeAccessReviewDefaultSettingsClientPutResponse{}, err + } + return result, nil +} diff --git a/vendor/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3/scopeaccessreviewhistorydefinition_client.go b/vendor/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3/scopeaccessreviewhistorydefinition_client.go new file mode 100644 index 00000000000..0856945eea7 --- /dev/null +++ b/vendor/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3/scopeaccessreviewhistorydefinition_client.go @@ -0,0 +1,157 @@ +//go:build go1.18 +// +build go1.18 + +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package armauthorization + +import ( + "context" + "errors" + "github.com/Azure/azure-sdk-for-go/sdk/azcore" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/arm" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/policy" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "net/http" + "net/url" + "strings" +) + +// ScopeAccessReviewHistoryDefinitionClient contains the methods for the ScopeAccessReviewHistoryDefinition group. +// Don't use this type directly, use NewScopeAccessReviewHistoryDefinitionClient() instead. +type ScopeAccessReviewHistoryDefinitionClient struct { + internal *arm.Client +} + +// NewScopeAccessReviewHistoryDefinitionClient creates a new instance of ScopeAccessReviewHistoryDefinitionClient with the specified values. +// - credential - used to authorize requests. Usually a credential from azidentity. +// - options - pass nil to accept the default values. +func NewScopeAccessReviewHistoryDefinitionClient(credential azcore.TokenCredential, options *arm.ClientOptions) (*ScopeAccessReviewHistoryDefinitionClient, error) { + cl, err := arm.NewClient(moduleName, moduleVersion, credential, options) + if err != nil { + return nil, err + } + client := &ScopeAccessReviewHistoryDefinitionClient{ + internal: cl, + } + return client, nil +} + +// Create - Create a scheduled or one-time Access Review History Definition +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2021-12-01-preview +// - scope - The scope of the resource. +// - historyDefinitionID - The id of the access review history definition. +// - properties - Access review history definition properties. +// - options - ScopeAccessReviewHistoryDefinitionClientCreateOptions contains the optional parameters for the ScopeAccessReviewHistoryDefinitionClient.Create +// method. +func (client *ScopeAccessReviewHistoryDefinitionClient) Create(ctx context.Context, scope string, historyDefinitionID string, properties AccessReviewHistoryDefinitionProperties, options *ScopeAccessReviewHistoryDefinitionClientCreateOptions) (ScopeAccessReviewHistoryDefinitionClientCreateResponse, error) { + var err error + const operationName = "ScopeAccessReviewHistoryDefinitionClient.Create" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.createCreateRequest(ctx, scope, historyDefinitionID, properties, options) + if err != nil { + return ScopeAccessReviewHistoryDefinitionClientCreateResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return ScopeAccessReviewHistoryDefinitionClientCreateResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK) { + err = runtime.NewResponseError(httpResp) + return ScopeAccessReviewHistoryDefinitionClientCreateResponse{}, err + } + resp, err := client.createHandleResponse(httpResp) + return resp, err +} + +// createCreateRequest creates the Create request. +func (client *ScopeAccessReviewHistoryDefinitionClient) createCreateRequest(ctx context.Context, scope string, historyDefinitionID string, properties AccessReviewHistoryDefinitionProperties, options *ScopeAccessReviewHistoryDefinitionClientCreateOptions) (*policy.Request, error) { + urlPath := "/{scope}/providers/Microsoft.Authorization/accessReviewHistoryDefinitions/{historyDefinitionId}" + if scope == "" { + return nil, errors.New("parameter scope cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{scope}", url.PathEscape(scope)) + if historyDefinitionID == "" { + return nil, errors.New("parameter historyDefinitionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{historyDefinitionId}", url.PathEscape(historyDefinitionID)) + req, err := runtime.NewRequest(ctx, http.MethodPut, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2021-12-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + if err := runtime.MarshalAsJSON(req, properties); err != nil { + return nil, err + } + return req, nil +} + +// createHandleResponse handles the Create response. +func (client *ScopeAccessReviewHistoryDefinitionClient) createHandleResponse(resp *http.Response) (ScopeAccessReviewHistoryDefinitionClientCreateResponse, error) { + result := ScopeAccessReviewHistoryDefinitionClientCreateResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.AccessReviewHistoryDefinition); err != nil { + return ScopeAccessReviewHistoryDefinitionClientCreateResponse{}, err + } + return result, nil +} + +// DeleteByID - Delete an access review history definition +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2021-12-01-preview +// - scope - The scope of the resource. +// - historyDefinitionID - The id of the access review history definition. +// - options - ScopeAccessReviewHistoryDefinitionClientDeleteByIDOptions contains the optional parameters for the ScopeAccessReviewHistoryDefinitionClient.DeleteByID +// method. +func (client *ScopeAccessReviewHistoryDefinitionClient) DeleteByID(ctx context.Context, scope string, historyDefinitionID string, options *ScopeAccessReviewHistoryDefinitionClientDeleteByIDOptions) (ScopeAccessReviewHistoryDefinitionClientDeleteByIDResponse, error) { + var err error + const operationName = "ScopeAccessReviewHistoryDefinitionClient.DeleteByID" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.deleteByIDCreateRequest(ctx, scope, historyDefinitionID, options) + if err != nil { + return ScopeAccessReviewHistoryDefinitionClientDeleteByIDResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return ScopeAccessReviewHistoryDefinitionClientDeleteByIDResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK, http.StatusNoContent) { + err = runtime.NewResponseError(httpResp) + return ScopeAccessReviewHistoryDefinitionClientDeleteByIDResponse{}, err + } + return ScopeAccessReviewHistoryDefinitionClientDeleteByIDResponse{}, nil +} + +// deleteByIDCreateRequest creates the DeleteByID request. +func (client *ScopeAccessReviewHistoryDefinitionClient) deleteByIDCreateRequest(ctx context.Context, scope string, historyDefinitionID string, options *ScopeAccessReviewHistoryDefinitionClientDeleteByIDOptions) (*policy.Request, error) { + urlPath := "/{scope}/providers/Microsoft.Authorization/accessReviewHistoryDefinitions/{historyDefinitionId}" + if scope == "" { + return nil, errors.New("parameter scope cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{scope}", url.PathEscape(scope)) + if historyDefinitionID == "" { + return nil, errors.New("parameter historyDefinitionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{historyDefinitionId}", url.PathEscape(historyDefinitionID)) + req, err := runtime.NewRequest(ctx, http.MethodDelete, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2021-12-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} diff --git a/vendor/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3/scopeaccessreviewhistorydefinitioninstance_client.go b/vendor/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3/scopeaccessreviewhistorydefinitioninstance_client.go new file mode 100644 index 00000000000..a692a1d0b74 --- /dev/null +++ b/vendor/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3/scopeaccessreviewhistorydefinitioninstance_client.go @@ -0,0 +1,108 @@ +//go:build go1.18 +// +build go1.18 + +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package armauthorization + +import ( + "context" + "errors" + "github.com/Azure/azure-sdk-for-go/sdk/azcore" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/arm" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/policy" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "net/http" + "net/url" + "strings" +) + +// ScopeAccessReviewHistoryDefinitionInstanceClient contains the methods for the ScopeAccessReviewHistoryDefinitionInstance group. +// Don't use this type directly, use NewScopeAccessReviewHistoryDefinitionInstanceClient() instead. +type ScopeAccessReviewHistoryDefinitionInstanceClient struct { + internal *arm.Client +} + +// NewScopeAccessReviewHistoryDefinitionInstanceClient creates a new instance of ScopeAccessReviewHistoryDefinitionInstanceClient with the specified values. +// - credential - used to authorize requests. Usually a credential from azidentity. +// - options - pass nil to accept the default values. +func NewScopeAccessReviewHistoryDefinitionInstanceClient(credential azcore.TokenCredential, options *arm.ClientOptions) (*ScopeAccessReviewHistoryDefinitionInstanceClient, error) { + cl, err := arm.NewClient(moduleName, moduleVersion, credential, options) + if err != nil { + return nil, err + } + client := &ScopeAccessReviewHistoryDefinitionInstanceClient{ + internal: cl, + } + return client, nil +} + +// GenerateDownloadURI - Generates a uri which can be used to retrieve review history data. This URI has a TTL of 1 day and +// can be retrieved by fetching the accessReviewHistoryDefinition object. +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2021-12-01-preview +// - scope - The scope of the resource. +// - historyDefinitionID - The id of the access review history definition. +// - instanceID - The id of the access review history definition instance to generate a URI for. +// - options - ScopeAccessReviewHistoryDefinitionInstanceClientGenerateDownloadURIOptions contains the optional parameters for +// the ScopeAccessReviewHistoryDefinitionInstanceClient.GenerateDownloadURI method. +func (client *ScopeAccessReviewHistoryDefinitionInstanceClient) GenerateDownloadURI(ctx context.Context, scope string, historyDefinitionID string, instanceID string, options *ScopeAccessReviewHistoryDefinitionInstanceClientGenerateDownloadURIOptions) (ScopeAccessReviewHistoryDefinitionInstanceClientGenerateDownloadURIResponse, error) { + var err error + const operationName = "ScopeAccessReviewHistoryDefinitionInstanceClient.GenerateDownloadURI" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.generateDownloadURICreateRequest(ctx, scope, historyDefinitionID, instanceID, options) + if err != nil { + return ScopeAccessReviewHistoryDefinitionInstanceClientGenerateDownloadURIResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return ScopeAccessReviewHistoryDefinitionInstanceClientGenerateDownloadURIResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK) { + err = runtime.NewResponseError(httpResp) + return ScopeAccessReviewHistoryDefinitionInstanceClientGenerateDownloadURIResponse{}, err + } + resp, err := client.generateDownloadURIHandleResponse(httpResp) + return resp, err +} + +// generateDownloadURICreateRequest creates the GenerateDownloadURI request. +func (client *ScopeAccessReviewHistoryDefinitionInstanceClient) generateDownloadURICreateRequest(ctx context.Context, scope string, historyDefinitionID string, instanceID string, options *ScopeAccessReviewHistoryDefinitionInstanceClientGenerateDownloadURIOptions) (*policy.Request, error) { + urlPath := "/{scope}/providers/Microsoft.Authorization/accessReviewHistoryDefinitions/{historyDefinitionId}/instances/{instanceId}/generateDownloadUri" + if scope == "" { + return nil, errors.New("parameter scope cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{scope}", url.PathEscape(scope)) + if historyDefinitionID == "" { + return nil, errors.New("parameter historyDefinitionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{historyDefinitionId}", url.PathEscape(historyDefinitionID)) + if instanceID == "" { + return nil, errors.New("parameter instanceID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{instanceId}", url.PathEscape(instanceID)) + req, err := runtime.NewRequest(ctx, http.MethodPost, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2021-12-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// generateDownloadURIHandleResponse handles the GenerateDownloadURI response. +func (client *ScopeAccessReviewHistoryDefinitionInstanceClient) generateDownloadURIHandleResponse(resp *http.Response) (ScopeAccessReviewHistoryDefinitionInstanceClientGenerateDownloadURIResponse, error) { + result := ScopeAccessReviewHistoryDefinitionInstanceClientGenerateDownloadURIResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.AccessReviewHistoryInstance); err != nil { + return ScopeAccessReviewHistoryDefinitionInstanceClientGenerateDownloadURIResponse{}, err + } + return result, nil +} diff --git a/vendor/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3/scopeaccessreviewhistorydefinitioninstances_client.go b/vendor/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3/scopeaccessreviewhistorydefinitioninstances_client.go new file mode 100644 index 00000000000..ab2ea512972 --- /dev/null +++ b/vendor/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3/scopeaccessreviewhistorydefinitioninstances_client.go @@ -0,0 +1,102 @@ +//go:build go1.18 +// +build go1.18 + +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package armauthorization + +import ( + "context" + "errors" + "github.com/Azure/azure-sdk-for-go/sdk/azcore" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/arm" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/policy" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "net/http" + "net/url" + "strings" +) + +// ScopeAccessReviewHistoryDefinitionInstancesClient contains the methods for the ScopeAccessReviewHistoryDefinitionInstances group. +// Don't use this type directly, use NewScopeAccessReviewHistoryDefinitionInstancesClient() instead. +type ScopeAccessReviewHistoryDefinitionInstancesClient struct { + internal *arm.Client +} + +// NewScopeAccessReviewHistoryDefinitionInstancesClient creates a new instance of ScopeAccessReviewHistoryDefinitionInstancesClient with the specified values. +// - credential - used to authorize requests. Usually a credential from azidentity. +// - options - pass nil to accept the default values. +func NewScopeAccessReviewHistoryDefinitionInstancesClient(credential azcore.TokenCredential, options *arm.ClientOptions) (*ScopeAccessReviewHistoryDefinitionInstancesClient, error) { + cl, err := arm.NewClient(moduleName, moduleVersion, credential, options) + if err != nil { + return nil, err + } + client := &ScopeAccessReviewHistoryDefinitionInstancesClient{ + internal: cl, + } + return client, nil +} + +// NewListPager - Get access review history definition instances by definition Id +// +// Generated from API version 2021-12-01-preview +// - scope - The scope of the resource. +// - historyDefinitionID - The id of the access review history definition. +// - options - ScopeAccessReviewHistoryDefinitionInstancesClientListOptions contains the optional parameters for the ScopeAccessReviewHistoryDefinitionInstancesClient.NewListPager +// method. +func (client *ScopeAccessReviewHistoryDefinitionInstancesClient) NewListPager(scope string, historyDefinitionID string, options *ScopeAccessReviewHistoryDefinitionInstancesClientListOptions) *runtime.Pager[ScopeAccessReviewHistoryDefinitionInstancesClientListResponse] { + return runtime.NewPager(runtime.PagingHandler[ScopeAccessReviewHistoryDefinitionInstancesClientListResponse]{ + More: func(page ScopeAccessReviewHistoryDefinitionInstancesClientListResponse) bool { + return page.NextLink != nil && len(*page.NextLink) > 0 + }, + Fetcher: func(ctx context.Context, page *ScopeAccessReviewHistoryDefinitionInstancesClientListResponse) (ScopeAccessReviewHistoryDefinitionInstancesClientListResponse, error) { + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, "ScopeAccessReviewHistoryDefinitionInstancesClient.NewListPager") + nextLink := "" + if page != nil { + nextLink = *page.NextLink + } + resp, err := runtime.FetcherForNextLink(ctx, client.internal.Pipeline(), nextLink, func(ctx context.Context) (*policy.Request, error) { + return client.listCreateRequest(ctx, scope, historyDefinitionID, options) + }, nil) + if err != nil { + return ScopeAccessReviewHistoryDefinitionInstancesClientListResponse{}, err + } + return client.listHandleResponse(resp) + }, + Tracer: client.internal.Tracer(), + }) +} + +// listCreateRequest creates the List request. +func (client *ScopeAccessReviewHistoryDefinitionInstancesClient) listCreateRequest(ctx context.Context, scope string, historyDefinitionID string, options *ScopeAccessReviewHistoryDefinitionInstancesClientListOptions) (*policy.Request, error) { + urlPath := "/{scope}/providers/Microsoft.Authorization/accessReviewHistoryDefinitions/{historyDefinitionId}/instances" + if scope == "" { + return nil, errors.New("parameter scope cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{scope}", url.PathEscape(scope)) + if historyDefinitionID == "" { + return nil, errors.New("parameter historyDefinitionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{historyDefinitionId}", url.PathEscape(historyDefinitionID)) + req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2021-12-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// listHandleResponse handles the List response. +func (client *ScopeAccessReviewHistoryDefinitionInstancesClient) listHandleResponse(resp *http.Response) (ScopeAccessReviewHistoryDefinitionInstancesClientListResponse, error) { + result := ScopeAccessReviewHistoryDefinitionInstancesClientListResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.AccessReviewHistoryDefinitionInstanceListResult); err != nil { + return ScopeAccessReviewHistoryDefinitionInstancesClientListResponse{}, err + } + return result, nil +} diff --git a/vendor/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3/scopeaccessreviewhistorydefinitions_client.go b/vendor/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3/scopeaccessreviewhistorydefinitions_client.go new file mode 100644 index 00000000000..b0765846831 --- /dev/null +++ b/vendor/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3/scopeaccessreviewhistorydefinitions_client.go @@ -0,0 +1,164 @@ +//go:build go1.18 +// +build go1.18 + +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package armauthorization + +import ( + "context" + "errors" + "github.com/Azure/azure-sdk-for-go/sdk/azcore" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/arm" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/policy" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "net/http" + "net/url" + "strings" +) + +// ScopeAccessReviewHistoryDefinitionsClient contains the methods for the ScopeAccessReviewHistoryDefinitions group. +// Don't use this type directly, use NewScopeAccessReviewHistoryDefinitionsClient() instead. +type ScopeAccessReviewHistoryDefinitionsClient struct { + internal *arm.Client +} + +// NewScopeAccessReviewHistoryDefinitionsClient creates a new instance of ScopeAccessReviewHistoryDefinitionsClient with the specified values. +// - credential - used to authorize requests. Usually a credential from azidentity. +// - options - pass nil to accept the default values. +func NewScopeAccessReviewHistoryDefinitionsClient(credential azcore.TokenCredential, options *arm.ClientOptions) (*ScopeAccessReviewHistoryDefinitionsClient, error) { + cl, err := arm.NewClient(moduleName, moduleVersion, credential, options) + if err != nil { + return nil, err + } + client := &ScopeAccessReviewHistoryDefinitionsClient{ + internal: cl, + } + return client, nil +} + +// GetByID - Get access review history definition by definition Id +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2021-12-01-preview +// - scope - The scope of the resource. +// - historyDefinitionID - The id of the access review history definition. +// - options - ScopeAccessReviewHistoryDefinitionsClientGetByIDOptions contains the optional parameters for the ScopeAccessReviewHistoryDefinitionsClient.GetByID +// method. +func (client *ScopeAccessReviewHistoryDefinitionsClient) GetByID(ctx context.Context, scope string, historyDefinitionID string, options *ScopeAccessReviewHistoryDefinitionsClientGetByIDOptions) (ScopeAccessReviewHistoryDefinitionsClientGetByIDResponse, error) { + var err error + const operationName = "ScopeAccessReviewHistoryDefinitionsClient.GetByID" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.getByIDCreateRequest(ctx, scope, historyDefinitionID, options) + if err != nil { + return ScopeAccessReviewHistoryDefinitionsClientGetByIDResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return ScopeAccessReviewHistoryDefinitionsClientGetByIDResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK) { + err = runtime.NewResponseError(httpResp) + return ScopeAccessReviewHistoryDefinitionsClientGetByIDResponse{}, err + } + resp, err := client.getByIDHandleResponse(httpResp) + return resp, err +} + +// getByIDCreateRequest creates the GetByID request. +func (client *ScopeAccessReviewHistoryDefinitionsClient) getByIDCreateRequest(ctx context.Context, scope string, historyDefinitionID string, options *ScopeAccessReviewHistoryDefinitionsClientGetByIDOptions) (*policy.Request, error) { + urlPath := "/{scope}/providers/Microsoft.Authorization/accessReviewHistoryDefinitions/{historyDefinitionId}" + if scope == "" { + return nil, errors.New("parameter scope cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{scope}", url.PathEscape(scope)) + if historyDefinitionID == "" { + return nil, errors.New("parameter historyDefinitionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{historyDefinitionId}", url.PathEscape(historyDefinitionID)) + req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2021-12-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// getByIDHandleResponse handles the GetByID response. +func (client *ScopeAccessReviewHistoryDefinitionsClient) getByIDHandleResponse(resp *http.Response) (ScopeAccessReviewHistoryDefinitionsClientGetByIDResponse, error) { + result := ScopeAccessReviewHistoryDefinitionsClientGetByIDResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.AccessReviewHistoryDefinition); err != nil { + return ScopeAccessReviewHistoryDefinitionsClientGetByIDResponse{}, err + } + return result, nil +} + +// NewListPager - Lists the accessReviewHistoryDefinitions available from this provider, definition instances are only available +// for 30 days after creation. +// +// Generated from API version 2021-12-01-preview +// - scope - The scope of the resource. +// - options - ScopeAccessReviewHistoryDefinitionsClientListOptions contains the optional parameters for the ScopeAccessReviewHistoryDefinitionsClient.NewListPager +// method. +func (client *ScopeAccessReviewHistoryDefinitionsClient) NewListPager(scope string, options *ScopeAccessReviewHistoryDefinitionsClientListOptions) *runtime.Pager[ScopeAccessReviewHistoryDefinitionsClientListResponse] { + return runtime.NewPager(runtime.PagingHandler[ScopeAccessReviewHistoryDefinitionsClientListResponse]{ + More: func(page ScopeAccessReviewHistoryDefinitionsClientListResponse) bool { + return page.NextLink != nil && len(*page.NextLink) > 0 + }, + Fetcher: func(ctx context.Context, page *ScopeAccessReviewHistoryDefinitionsClientListResponse) (ScopeAccessReviewHistoryDefinitionsClientListResponse, error) { + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, "ScopeAccessReviewHistoryDefinitionsClient.NewListPager") + nextLink := "" + if page != nil { + nextLink = *page.NextLink + } + resp, err := runtime.FetcherForNextLink(ctx, client.internal.Pipeline(), nextLink, func(ctx context.Context) (*policy.Request, error) { + return client.listCreateRequest(ctx, scope, options) + }, nil) + if err != nil { + return ScopeAccessReviewHistoryDefinitionsClientListResponse{}, err + } + return client.listHandleResponse(resp) + }, + Tracer: client.internal.Tracer(), + }) +} + +// listCreateRequest creates the List request. +func (client *ScopeAccessReviewHistoryDefinitionsClient) listCreateRequest(ctx context.Context, scope string, options *ScopeAccessReviewHistoryDefinitionsClientListOptions) (*policy.Request, error) { + urlPath := "/{scope}/providers/Microsoft.Authorization/accessReviewHistoryDefinitions" + if scope == "" { + return nil, errors.New("parameter scope cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{scope}", url.PathEscape(scope)) + req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2021-12-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + unencodedParams := []string{req.Raw().URL.RawQuery} + if options != nil && options.Filter != nil { + unencodedParams = append(unencodedParams, "$filter="+*options.Filter) + } + req.Raw().URL.RawQuery = strings.Join(unencodedParams, "&") + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// listHandleResponse handles the List response. +func (client *ScopeAccessReviewHistoryDefinitionsClient) listHandleResponse(resp *http.Response) (ScopeAccessReviewHistoryDefinitionsClientListResponse, error) { + result := ScopeAccessReviewHistoryDefinitionsClientListResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.AccessReviewHistoryDefinitionListResult); err != nil { + return ScopeAccessReviewHistoryDefinitionsClientListResponse{}, err + } + return result, nil +} diff --git a/vendor/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3/scopeaccessreviewinstance_client.go b/vendor/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3/scopeaccessreviewinstance_client.go new file mode 100644 index 00000000000..ed82939bf84 --- /dev/null +++ b/vendor/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3/scopeaccessreviewinstance_client.go @@ -0,0 +1,325 @@ +//go:build go1.18 +// +build go1.18 + +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package armauthorization + +import ( + "context" + "errors" + "github.com/Azure/azure-sdk-for-go/sdk/azcore" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/arm" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/policy" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "net/http" + "net/url" + "strings" +) + +// ScopeAccessReviewInstanceClient contains the methods for the ScopeAccessReviewInstance group. +// Don't use this type directly, use NewScopeAccessReviewInstanceClient() instead. +type ScopeAccessReviewInstanceClient struct { + internal *arm.Client +} + +// NewScopeAccessReviewInstanceClient creates a new instance of ScopeAccessReviewInstanceClient with the specified values. +// - credential - used to authorize requests. Usually a credential from azidentity. +// - options - pass nil to accept the default values. +func NewScopeAccessReviewInstanceClient(credential azcore.TokenCredential, options *arm.ClientOptions) (*ScopeAccessReviewInstanceClient, error) { + cl, err := arm.NewClient(moduleName, moduleVersion, credential, options) + if err != nil { + return nil, err + } + client := &ScopeAccessReviewInstanceClient{ + internal: cl, + } + return client, nil +} + +// ApplyDecisions - An action to apply all decisions for an access review instance. +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2021-12-01-preview +// - scope - The scope of the resource. +// - scheduleDefinitionID - The id of the access review schedule definition. +// - id - The id of the access review instance. +// - options - ScopeAccessReviewInstanceClientApplyDecisionsOptions contains the optional parameters for the ScopeAccessReviewInstanceClient.ApplyDecisions +// method. +func (client *ScopeAccessReviewInstanceClient) ApplyDecisions(ctx context.Context, scope string, scheduleDefinitionID string, id string, options *ScopeAccessReviewInstanceClientApplyDecisionsOptions) (ScopeAccessReviewInstanceClientApplyDecisionsResponse, error) { + var err error + const operationName = "ScopeAccessReviewInstanceClient.ApplyDecisions" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.applyDecisionsCreateRequest(ctx, scope, scheduleDefinitionID, id, options) + if err != nil { + return ScopeAccessReviewInstanceClientApplyDecisionsResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return ScopeAccessReviewInstanceClientApplyDecisionsResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusNoContent) { + err = runtime.NewResponseError(httpResp) + return ScopeAccessReviewInstanceClientApplyDecisionsResponse{}, err + } + return ScopeAccessReviewInstanceClientApplyDecisionsResponse{}, nil +} + +// applyDecisionsCreateRequest creates the ApplyDecisions request. +func (client *ScopeAccessReviewInstanceClient) applyDecisionsCreateRequest(ctx context.Context, scope string, scheduleDefinitionID string, id string, options *ScopeAccessReviewInstanceClientApplyDecisionsOptions) (*policy.Request, error) { + urlPath := "/{scope}/providers/Microsoft.Authorization/accessReviewScheduleDefinitions/{scheduleDefinitionId}/instances/{id}/applyDecisions" + if scope == "" { + return nil, errors.New("parameter scope cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{scope}", url.PathEscape(scope)) + if scheduleDefinitionID == "" { + return nil, errors.New("parameter scheduleDefinitionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{scheduleDefinitionId}", url.PathEscape(scheduleDefinitionID)) + if id == "" { + return nil, errors.New("parameter id cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{id}", url.PathEscape(id)) + req, err := runtime.NewRequest(ctx, http.MethodPost, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2021-12-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// RecordAllDecisions - An action to approve/deny all decisions for a review with certain filters. +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2021-12-01-preview +// - scope - The scope of the resource. +// - scheduleDefinitionID - The id of the access review schedule definition. +// - id - The id of the access review instance. +// - properties - Record all decisions payload. +// - options - ScopeAccessReviewInstanceClientRecordAllDecisionsOptions contains the optional parameters for the ScopeAccessReviewInstanceClient.RecordAllDecisions +// method. +func (client *ScopeAccessReviewInstanceClient) RecordAllDecisions(ctx context.Context, scope string, scheduleDefinitionID string, id string, properties RecordAllDecisionsProperties, options *ScopeAccessReviewInstanceClientRecordAllDecisionsOptions) (ScopeAccessReviewInstanceClientRecordAllDecisionsResponse, error) { + var err error + const operationName = "ScopeAccessReviewInstanceClient.RecordAllDecisions" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.recordAllDecisionsCreateRequest(ctx, scope, scheduleDefinitionID, id, properties, options) + if err != nil { + return ScopeAccessReviewInstanceClientRecordAllDecisionsResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return ScopeAccessReviewInstanceClientRecordAllDecisionsResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusNoContent) { + err = runtime.NewResponseError(httpResp) + return ScopeAccessReviewInstanceClientRecordAllDecisionsResponse{}, err + } + return ScopeAccessReviewInstanceClientRecordAllDecisionsResponse{}, nil +} + +// recordAllDecisionsCreateRequest creates the RecordAllDecisions request. +func (client *ScopeAccessReviewInstanceClient) recordAllDecisionsCreateRequest(ctx context.Context, scope string, scheduleDefinitionID string, id string, properties RecordAllDecisionsProperties, options *ScopeAccessReviewInstanceClientRecordAllDecisionsOptions) (*policy.Request, error) { + urlPath := "/{scope}/providers/Microsoft.Authorization/accessReviewScheduleDefinitions/{scheduleDefinitionId}/instances/{id}/recordAllDecisions" + if scope == "" { + return nil, errors.New("parameter scope cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{scope}", url.PathEscape(scope)) + if scheduleDefinitionID == "" { + return nil, errors.New("parameter scheduleDefinitionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{scheduleDefinitionId}", url.PathEscape(scheduleDefinitionID)) + if id == "" { + return nil, errors.New("parameter id cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{id}", url.PathEscape(id)) + req, err := runtime.NewRequest(ctx, http.MethodPost, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2021-12-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + if err := runtime.MarshalAsJSON(req, properties); err != nil { + return nil, err + } + return req, nil +} + +// ResetDecisions - An action to reset all decisions for an access review instance. +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2021-12-01-preview +// - scope - The scope of the resource. +// - scheduleDefinitionID - The id of the access review schedule definition. +// - id - The id of the access review instance. +// - options - ScopeAccessReviewInstanceClientResetDecisionsOptions contains the optional parameters for the ScopeAccessReviewInstanceClient.ResetDecisions +// method. +func (client *ScopeAccessReviewInstanceClient) ResetDecisions(ctx context.Context, scope string, scheduleDefinitionID string, id string, options *ScopeAccessReviewInstanceClientResetDecisionsOptions) (ScopeAccessReviewInstanceClientResetDecisionsResponse, error) { + var err error + const operationName = "ScopeAccessReviewInstanceClient.ResetDecisions" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.resetDecisionsCreateRequest(ctx, scope, scheduleDefinitionID, id, options) + if err != nil { + return ScopeAccessReviewInstanceClientResetDecisionsResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return ScopeAccessReviewInstanceClientResetDecisionsResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusNoContent) { + err = runtime.NewResponseError(httpResp) + return ScopeAccessReviewInstanceClientResetDecisionsResponse{}, err + } + return ScopeAccessReviewInstanceClientResetDecisionsResponse{}, nil +} + +// resetDecisionsCreateRequest creates the ResetDecisions request. +func (client *ScopeAccessReviewInstanceClient) resetDecisionsCreateRequest(ctx context.Context, scope string, scheduleDefinitionID string, id string, options *ScopeAccessReviewInstanceClientResetDecisionsOptions) (*policy.Request, error) { + urlPath := "/{scope}/providers/Microsoft.Authorization/accessReviewScheduleDefinitions/{scheduleDefinitionId}/instances/{id}/resetDecisions" + if scope == "" { + return nil, errors.New("parameter scope cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{scope}", url.PathEscape(scope)) + if scheduleDefinitionID == "" { + return nil, errors.New("parameter scheduleDefinitionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{scheduleDefinitionId}", url.PathEscape(scheduleDefinitionID)) + if id == "" { + return nil, errors.New("parameter id cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{id}", url.PathEscape(id)) + req, err := runtime.NewRequest(ctx, http.MethodPost, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2021-12-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// SendReminders - An action to send reminders for an access review instance. +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2021-12-01-preview +// - scope - The scope of the resource. +// - scheduleDefinitionID - The id of the access review schedule definition. +// - id - The id of the access review instance. +// - options - ScopeAccessReviewInstanceClientSendRemindersOptions contains the optional parameters for the ScopeAccessReviewInstanceClient.SendReminders +// method. +func (client *ScopeAccessReviewInstanceClient) SendReminders(ctx context.Context, scope string, scheduleDefinitionID string, id string, options *ScopeAccessReviewInstanceClientSendRemindersOptions) (ScopeAccessReviewInstanceClientSendRemindersResponse, error) { + var err error + const operationName = "ScopeAccessReviewInstanceClient.SendReminders" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.sendRemindersCreateRequest(ctx, scope, scheduleDefinitionID, id, options) + if err != nil { + return ScopeAccessReviewInstanceClientSendRemindersResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return ScopeAccessReviewInstanceClientSendRemindersResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusNoContent) { + err = runtime.NewResponseError(httpResp) + return ScopeAccessReviewInstanceClientSendRemindersResponse{}, err + } + return ScopeAccessReviewInstanceClientSendRemindersResponse{}, nil +} + +// sendRemindersCreateRequest creates the SendReminders request. +func (client *ScopeAccessReviewInstanceClient) sendRemindersCreateRequest(ctx context.Context, scope string, scheduleDefinitionID string, id string, options *ScopeAccessReviewInstanceClientSendRemindersOptions) (*policy.Request, error) { + urlPath := "/{scope}/providers/Microsoft.Authorization/accessReviewScheduleDefinitions/{scheduleDefinitionId}/instances/{id}/sendReminders" + if scope == "" { + return nil, errors.New("parameter scope cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{scope}", url.PathEscape(scope)) + if scheduleDefinitionID == "" { + return nil, errors.New("parameter scheduleDefinitionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{scheduleDefinitionId}", url.PathEscape(scheduleDefinitionID)) + if id == "" { + return nil, errors.New("parameter id cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{id}", url.PathEscape(id)) + req, err := runtime.NewRequest(ctx, http.MethodPost, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2021-12-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// Stop - An action to stop an access review instance. +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2021-12-01-preview +// - scope - The scope of the resource. +// - scheduleDefinitionID - The id of the access review schedule definition. +// - id - The id of the access review instance. +// - options - ScopeAccessReviewInstanceClientStopOptions contains the optional parameters for the ScopeAccessReviewInstanceClient.Stop +// method. +func (client *ScopeAccessReviewInstanceClient) Stop(ctx context.Context, scope string, scheduleDefinitionID string, id string, options *ScopeAccessReviewInstanceClientStopOptions) (ScopeAccessReviewInstanceClientStopResponse, error) { + var err error + const operationName = "ScopeAccessReviewInstanceClient.Stop" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.stopCreateRequest(ctx, scope, scheduleDefinitionID, id, options) + if err != nil { + return ScopeAccessReviewInstanceClientStopResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return ScopeAccessReviewInstanceClientStopResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusNoContent) { + err = runtime.NewResponseError(httpResp) + return ScopeAccessReviewInstanceClientStopResponse{}, err + } + return ScopeAccessReviewInstanceClientStopResponse{}, nil +} + +// stopCreateRequest creates the Stop request. +func (client *ScopeAccessReviewInstanceClient) stopCreateRequest(ctx context.Context, scope string, scheduleDefinitionID string, id string, options *ScopeAccessReviewInstanceClientStopOptions) (*policy.Request, error) { + urlPath := "/{scope}/providers/Microsoft.Authorization/accessReviewScheduleDefinitions/{scheduleDefinitionId}/instances/{id}/stop" + if scope == "" { + return nil, errors.New("parameter scope cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{scope}", url.PathEscape(scope)) + if scheduleDefinitionID == "" { + return nil, errors.New("parameter scheduleDefinitionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{scheduleDefinitionId}", url.PathEscape(scheduleDefinitionID)) + if id == "" { + return nil, errors.New("parameter id cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{id}", url.PathEscape(id)) + req, err := runtime.NewRequest(ctx, http.MethodPost, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2021-12-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} diff --git a/vendor/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3/scopeaccessreviewinstancecontactedreviewers_client.go b/vendor/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3/scopeaccessreviewinstancecontactedreviewers_client.go new file mode 100644 index 00000000000..a99df9bd349 --- /dev/null +++ b/vendor/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3/scopeaccessreviewinstancecontactedreviewers_client.go @@ -0,0 +1,107 @@ +//go:build go1.18 +// +build go1.18 + +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package armauthorization + +import ( + "context" + "errors" + "github.com/Azure/azure-sdk-for-go/sdk/azcore" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/arm" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/policy" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "net/http" + "net/url" + "strings" +) + +// ScopeAccessReviewInstanceContactedReviewersClient contains the methods for the ScopeAccessReviewInstanceContactedReviewers group. +// Don't use this type directly, use NewScopeAccessReviewInstanceContactedReviewersClient() instead. +type ScopeAccessReviewInstanceContactedReviewersClient struct { + internal *arm.Client +} + +// NewScopeAccessReviewInstanceContactedReviewersClient creates a new instance of ScopeAccessReviewInstanceContactedReviewersClient with the specified values. +// - credential - used to authorize requests. Usually a credential from azidentity. +// - options - pass nil to accept the default values. +func NewScopeAccessReviewInstanceContactedReviewersClient(credential azcore.TokenCredential, options *arm.ClientOptions) (*ScopeAccessReviewInstanceContactedReviewersClient, error) { + cl, err := arm.NewClient(moduleName, moduleVersion, credential, options) + if err != nil { + return nil, err + } + client := &ScopeAccessReviewInstanceContactedReviewersClient{ + internal: cl, + } + return client, nil +} + +// NewListPager - Get access review instance contacted reviewers +// +// Generated from API version 2021-12-01-preview +// - scope - The scope of the resource. +// - scheduleDefinitionID - The id of the access review schedule definition. +// - id - The id of the access review instance. +// - options - ScopeAccessReviewInstanceContactedReviewersClientListOptions contains the optional parameters for the ScopeAccessReviewInstanceContactedReviewersClient.NewListPager +// method. +func (client *ScopeAccessReviewInstanceContactedReviewersClient) NewListPager(scope string, scheduleDefinitionID string, id string, options *ScopeAccessReviewInstanceContactedReviewersClientListOptions) *runtime.Pager[ScopeAccessReviewInstanceContactedReviewersClientListResponse] { + return runtime.NewPager(runtime.PagingHandler[ScopeAccessReviewInstanceContactedReviewersClientListResponse]{ + More: func(page ScopeAccessReviewInstanceContactedReviewersClientListResponse) bool { + return page.NextLink != nil && len(*page.NextLink) > 0 + }, + Fetcher: func(ctx context.Context, page *ScopeAccessReviewInstanceContactedReviewersClientListResponse) (ScopeAccessReviewInstanceContactedReviewersClientListResponse, error) { + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, "ScopeAccessReviewInstanceContactedReviewersClient.NewListPager") + nextLink := "" + if page != nil { + nextLink = *page.NextLink + } + resp, err := runtime.FetcherForNextLink(ctx, client.internal.Pipeline(), nextLink, func(ctx context.Context) (*policy.Request, error) { + return client.listCreateRequest(ctx, scope, scheduleDefinitionID, id, options) + }, nil) + if err != nil { + return ScopeAccessReviewInstanceContactedReviewersClientListResponse{}, err + } + return client.listHandleResponse(resp) + }, + Tracer: client.internal.Tracer(), + }) +} + +// listCreateRequest creates the List request. +func (client *ScopeAccessReviewInstanceContactedReviewersClient) listCreateRequest(ctx context.Context, scope string, scheduleDefinitionID string, id string, options *ScopeAccessReviewInstanceContactedReviewersClientListOptions) (*policy.Request, error) { + urlPath := "/{scope}/providers/Microsoft.Authorization/accessReviewScheduleDefinitions/{scheduleDefinitionId}/instances/{id}/contactedReviewers" + if scope == "" { + return nil, errors.New("parameter scope cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{scope}", url.PathEscape(scope)) + if scheduleDefinitionID == "" { + return nil, errors.New("parameter scheduleDefinitionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{scheduleDefinitionId}", url.PathEscape(scheduleDefinitionID)) + if id == "" { + return nil, errors.New("parameter id cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{id}", url.PathEscape(id)) + req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2021-12-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// listHandleResponse handles the List response. +func (client *ScopeAccessReviewInstanceContactedReviewersClient) listHandleResponse(resp *http.Response) (ScopeAccessReviewInstanceContactedReviewersClientListResponse, error) { + result := ScopeAccessReviewInstanceContactedReviewersClientListResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.AccessReviewContactedReviewerListResult); err != nil { + return ScopeAccessReviewInstanceContactedReviewersClientListResponse{}, err + } + return result, nil +} diff --git a/vendor/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3/scopeaccessreviewinstancedecisions_client.go b/vendor/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3/scopeaccessreviewinstancedecisions_client.go new file mode 100644 index 00000000000..a407450b761 --- /dev/null +++ b/vendor/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3/scopeaccessreviewinstancedecisions_client.go @@ -0,0 +1,112 @@ +//go:build go1.18 +// +build go1.18 + +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package armauthorization + +import ( + "context" + "errors" + "github.com/Azure/azure-sdk-for-go/sdk/azcore" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/arm" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/policy" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "net/http" + "net/url" + "strings" +) + +// ScopeAccessReviewInstanceDecisionsClient contains the methods for the ScopeAccessReviewInstanceDecisions group. +// Don't use this type directly, use NewScopeAccessReviewInstanceDecisionsClient() instead. +type ScopeAccessReviewInstanceDecisionsClient struct { + internal *arm.Client +} + +// NewScopeAccessReviewInstanceDecisionsClient creates a new instance of ScopeAccessReviewInstanceDecisionsClient with the specified values. +// - credential - used to authorize requests. Usually a credential from azidentity. +// - options - pass nil to accept the default values. +func NewScopeAccessReviewInstanceDecisionsClient(credential azcore.TokenCredential, options *arm.ClientOptions) (*ScopeAccessReviewInstanceDecisionsClient, error) { + cl, err := arm.NewClient(moduleName, moduleVersion, credential, options) + if err != nil { + return nil, err + } + client := &ScopeAccessReviewInstanceDecisionsClient{ + internal: cl, + } + return client, nil +} + +// NewListPager - Get access review instance decisions +// +// Generated from API version 2021-12-01-preview +// - scope - The scope of the resource. +// - scheduleDefinitionID - The id of the access review schedule definition. +// - id - The id of the access review instance. +// - options - ScopeAccessReviewInstanceDecisionsClientListOptions contains the optional parameters for the ScopeAccessReviewInstanceDecisionsClient.NewListPager +// method. +func (client *ScopeAccessReviewInstanceDecisionsClient) NewListPager(scope string, scheduleDefinitionID string, id string, options *ScopeAccessReviewInstanceDecisionsClientListOptions) *runtime.Pager[ScopeAccessReviewInstanceDecisionsClientListResponse] { + return runtime.NewPager(runtime.PagingHandler[ScopeAccessReviewInstanceDecisionsClientListResponse]{ + More: func(page ScopeAccessReviewInstanceDecisionsClientListResponse) bool { + return page.NextLink != nil && len(*page.NextLink) > 0 + }, + Fetcher: func(ctx context.Context, page *ScopeAccessReviewInstanceDecisionsClientListResponse) (ScopeAccessReviewInstanceDecisionsClientListResponse, error) { + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, "ScopeAccessReviewInstanceDecisionsClient.NewListPager") + nextLink := "" + if page != nil { + nextLink = *page.NextLink + } + resp, err := runtime.FetcherForNextLink(ctx, client.internal.Pipeline(), nextLink, func(ctx context.Context) (*policy.Request, error) { + return client.listCreateRequest(ctx, scope, scheduleDefinitionID, id, options) + }, nil) + if err != nil { + return ScopeAccessReviewInstanceDecisionsClientListResponse{}, err + } + return client.listHandleResponse(resp) + }, + Tracer: client.internal.Tracer(), + }) +} + +// listCreateRequest creates the List request. +func (client *ScopeAccessReviewInstanceDecisionsClient) listCreateRequest(ctx context.Context, scope string, scheduleDefinitionID string, id string, options *ScopeAccessReviewInstanceDecisionsClientListOptions) (*policy.Request, error) { + urlPath := "/{scope}/providers/Microsoft.Authorization/accessReviewScheduleDefinitions/{scheduleDefinitionId}/instances/{id}/decisions" + if scope == "" { + return nil, errors.New("parameter scope cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{scope}", url.PathEscape(scope)) + if scheduleDefinitionID == "" { + return nil, errors.New("parameter scheduleDefinitionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{scheduleDefinitionId}", url.PathEscape(scheduleDefinitionID)) + if id == "" { + return nil, errors.New("parameter id cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{id}", url.PathEscape(id)) + req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2021-12-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + unencodedParams := []string{req.Raw().URL.RawQuery} + if options != nil && options.Filter != nil { + unencodedParams = append(unencodedParams, "$filter="+*options.Filter) + } + req.Raw().URL.RawQuery = strings.Join(unencodedParams, "&") + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// listHandleResponse handles the List response. +func (client *ScopeAccessReviewInstanceDecisionsClient) listHandleResponse(resp *http.Response) (ScopeAccessReviewInstanceDecisionsClientListResponse, error) { + result := ScopeAccessReviewInstanceDecisionsClientListResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.AccessReviewDecisionListResult); err != nil { + return ScopeAccessReviewInstanceDecisionsClientListResponse{}, err + } + return result, nil +} diff --git a/vendor/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3/scopeaccessreviewinstances_client.go b/vendor/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3/scopeaccessreviewinstances_client.go new file mode 100644 index 00000000000..918526a1c6c --- /dev/null +++ b/vendor/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3/scopeaccessreviewinstances_client.go @@ -0,0 +1,243 @@ +//go:build go1.18 +// +build go1.18 + +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package armauthorization + +import ( + "context" + "errors" + "github.com/Azure/azure-sdk-for-go/sdk/azcore" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/arm" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/policy" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "net/http" + "net/url" + "strings" +) + +// ScopeAccessReviewInstancesClient contains the methods for the ScopeAccessReviewInstances group. +// Don't use this type directly, use NewScopeAccessReviewInstancesClient() instead. +type ScopeAccessReviewInstancesClient struct { + internal *arm.Client +} + +// NewScopeAccessReviewInstancesClient creates a new instance of ScopeAccessReviewInstancesClient with the specified values. +// - credential - used to authorize requests. Usually a credential from azidentity. +// - options - pass nil to accept the default values. +func NewScopeAccessReviewInstancesClient(credential azcore.TokenCredential, options *arm.ClientOptions) (*ScopeAccessReviewInstancesClient, error) { + cl, err := arm.NewClient(moduleName, moduleVersion, credential, options) + if err != nil { + return nil, err + } + client := &ScopeAccessReviewInstancesClient{ + internal: cl, + } + return client, nil +} + +// Create - Update access review instance. +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2021-12-01-preview +// - scope - The scope of the resource. +// - scheduleDefinitionID - The id of the access review schedule definition. +// - id - The id of the access review instance. +// - properties - Access review instance properties. +// - options - ScopeAccessReviewInstancesClientCreateOptions contains the optional parameters for the ScopeAccessReviewInstancesClient.Create +// method. +func (client *ScopeAccessReviewInstancesClient) Create(ctx context.Context, scope string, scheduleDefinitionID string, id string, properties AccessReviewInstanceProperties, options *ScopeAccessReviewInstancesClientCreateOptions) (ScopeAccessReviewInstancesClientCreateResponse, error) { + var err error + const operationName = "ScopeAccessReviewInstancesClient.Create" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.createCreateRequest(ctx, scope, scheduleDefinitionID, id, properties, options) + if err != nil { + return ScopeAccessReviewInstancesClientCreateResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return ScopeAccessReviewInstancesClientCreateResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK) { + err = runtime.NewResponseError(httpResp) + return ScopeAccessReviewInstancesClientCreateResponse{}, err + } + resp, err := client.createHandleResponse(httpResp) + return resp, err +} + +// createCreateRequest creates the Create request. +func (client *ScopeAccessReviewInstancesClient) createCreateRequest(ctx context.Context, scope string, scheduleDefinitionID string, id string, properties AccessReviewInstanceProperties, options *ScopeAccessReviewInstancesClientCreateOptions) (*policy.Request, error) { + urlPath := "/{scope}/providers/Microsoft.Authorization/accessReviewScheduleDefinitions/{scheduleDefinitionId}/instances/{id}" + if scope == "" { + return nil, errors.New("parameter scope cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{scope}", url.PathEscape(scope)) + if scheduleDefinitionID == "" { + return nil, errors.New("parameter scheduleDefinitionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{scheduleDefinitionId}", url.PathEscape(scheduleDefinitionID)) + if id == "" { + return nil, errors.New("parameter id cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{id}", url.PathEscape(id)) + req, err := runtime.NewRequest(ctx, http.MethodPut, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2021-12-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + if err := runtime.MarshalAsJSON(req, properties); err != nil { + return nil, err + } + return req, nil +} + +// createHandleResponse handles the Create response. +func (client *ScopeAccessReviewInstancesClient) createHandleResponse(resp *http.Response) (ScopeAccessReviewInstancesClientCreateResponse, error) { + result := ScopeAccessReviewInstancesClientCreateResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.AccessReviewInstance); err != nil { + return ScopeAccessReviewInstancesClientCreateResponse{}, err + } + return result, nil +} + +// GetByID - Get access review instances +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2021-12-01-preview +// - scope - The scope of the resource. +// - scheduleDefinitionID - The id of the access review schedule definition. +// - id - The id of the access review instance. +// - options - ScopeAccessReviewInstancesClientGetByIDOptions contains the optional parameters for the ScopeAccessReviewInstancesClient.GetByID +// method. +func (client *ScopeAccessReviewInstancesClient) GetByID(ctx context.Context, scope string, scheduleDefinitionID string, id string, options *ScopeAccessReviewInstancesClientGetByIDOptions) (ScopeAccessReviewInstancesClientGetByIDResponse, error) { + var err error + const operationName = "ScopeAccessReviewInstancesClient.GetByID" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.getByIDCreateRequest(ctx, scope, scheduleDefinitionID, id, options) + if err != nil { + return ScopeAccessReviewInstancesClientGetByIDResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return ScopeAccessReviewInstancesClientGetByIDResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK) { + err = runtime.NewResponseError(httpResp) + return ScopeAccessReviewInstancesClientGetByIDResponse{}, err + } + resp, err := client.getByIDHandleResponse(httpResp) + return resp, err +} + +// getByIDCreateRequest creates the GetByID request. +func (client *ScopeAccessReviewInstancesClient) getByIDCreateRequest(ctx context.Context, scope string, scheduleDefinitionID string, id string, options *ScopeAccessReviewInstancesClientGetByIDOptions) (*policy.Request, error) { + urlPath := "/{scope}/providers/Microsoft.Authorization/accessReviewScheduleDefinitions/{scheduleDefinitionId}/instances/{id}" + if scope == "" { + return nil, errors.New("parameter scope cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{scope}", url.PathEscape(scope)) + if scheduleDefinitionID == "" { + return nil, errors.New("parameter scheduleDefinitionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{scheduleDefinitionId}", url.PathEscape(scheduleDefinitionID)) + if id == "" { + return nil, errors.New("parameter id cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{id}", url.PathEscape(id)) + req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2021-12-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// getByIDHandleResponse handles the GetByID response. +func (client *ScopeAccessReviewInstancesClient) getByIDHandleResponse(resp *http.Response) (ScopeAccessReviewInstancesClientGetByIDResponse, error) { + result := ScopeAccessReviewInstancesClientGetByIDResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.AccessReviewInstance); err != nil { + return ScopeAccessReviewInstancesClientGetByIDResponse{}, err + } + return result, nil +} + +// NewListPager - Get access review instances +// +// Generated from API version 2021-12-01-preview +// - scope - The scope of the resource. +// - scheduleDefinitionID - The id of the access review schedule definition. +// - options - ScopeAccessReviewInstancesClientListOptions contains the optional parameters for the ScopeAccessReviewInstancesClient.NewListPager +// method. +func (client *ScopeAccessReviewInstancesClient) NewListPager(scope string, scheduleDefinitionID string, options *ScopeAccessReviewInstancesClientListOptions) *runtime.Pager[ScopeAccessReviewInstancesClientListResponse] { + return runtime.NewPager(runtime.PagingHandler[ScopeAccessReviewInstancesClientListResponse]{ + More: func(page ScopeAccessReviewInstancesClientListResponse) bool { + return page.NextLink != nil && len(*page.NextLink) > 0 + }, + Fetcher: func(ctx context.Context, page *ScopeAccessReviewInstancesClientListResponse) (ScopeAccessReviewInstancesClientListResponse, error) { + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, "ScopeAccessReviewInstancesClient.NewListPager") + nextLink := "" + if page != nil { + nextLink = *page.NextLink + } + resp, err := runtime.FetcherForNextLink(ctx, client.internal.Pipeline(), nextLink, func(ctx context.Context) (*policy.Request, error) { + return client.listCreateRequest(ctx, scope, scheduleDefinitionID, options) + }, nil) + if err != nil { + return ScopeAccessReviewInstancesClientListResponse{}, err + } + return client.listHandleResponse(resp) + }, + Tracer: client.internal.Tracer(), + }) +} + +// listCreateRequest creates the List request. +func (client *ScopeAccessReviewInstancesClient) listCreateRequest(ctx context.Context, scope string, scheduleDefinitionID string, options *ScopeAccessReviewInstancesClientListOptions) (*policy.Request, error) { + urlPath := "/{scope}/providers/Microsoft.Authorization/accessReviewScheduleDefinitions/{scheduleDefinitionId}/instances" + if scope == "" { + return nil, errors.New("parameter scope cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{scope}", url.PathEscape(scope)) + if scheduleDefinitionID == "" { + return nil, errors.New("parameter scheduleDefinitionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{scheduleDefinitionId}", url.PathEscape(scheduleDefinitionID)) + req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2021-12-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + unencodedParams := []string{req.Raw().URL.RawQuery} + if options != nil && options.Filter != nil { + unencodedParams = append(unencodedParams, "$filter="+*options.Filter) + } + req.Raw().URL.RawQuery = strings.Join(unencodedParams, "&") + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// listHandleResponse handles the List response. +func (client *ScopeAccessReviewInstancesClient) listHandleResponse(resp *http.Response) (ScopeAccessReviewInstancesClientListResponse, error) { + result := ScopeAccessReviewInstancesClientListResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.AccessReviewInstanceListResult); err != nil { + return ScopeAccessReviewInstancesClientListResponse{}, err + } + return result, nil +} diff --git a/vendor/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3/scopeaccessreviewscheduledefinitions_client.go b/vendor/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3/scopeaccessreviewscheduledefinitions_client.go new file mode 100644 index 00000000000..5700d5ab153 --- /dev/null +++ b/vendor/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3/scopeaccessreviewscheduledefinitions_client.go @@ -0,0 +1,330 @@ +//go:build go1.18 +// +build go1.18 + +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package armauthorization + +import ( + "context" + "errors" + "github.com/Azure/azure-sdk-for-go/sdk/azcore" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/arm" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/policy" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "net/http" + "net/url" + "strings" +) + +// ScopeAccessReviewScheduleDefinitionsClient contains the methods for the ScopeAccessReviewScheduleDefinitions group. +// Don't use this type directly, use NewScopeAccessReviewScheduleDefinitionsClient() instead. +type ScopeAccessReviewScheduleDefinitionsClient struct { + internal *arm.Client +} + +// NewScopeAccessReviewScheduleDefinitionsClient creates a new instance of ScopeAccessReviewScheduleDefinitionsClient with the specified values. +// - credential - used to authorize requests. Usually a credential from azidentity. +// - options - pass nil to accept the default values. +func NewScopeAccessReviewScheduleDefinitionsClient(credential azcore.TokenCredential, options *arm.ClientOptions) (*ScopeAccessReviewScheduleDefinitionsClient, error) { + cl, err := arm.NewClient(moduleName, moduleVersion, credential, options) + if err != nil { + return nil, err + } + client := &ScopeAccessReviewScheduleDefinitionsClient{ + internal: cl, + } + return client, nil +} + +// CreateOrUpdateByID - Create or Update access review schedule definition. +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2021-12-01-preview +// - scope - The scope of the resource. +// - scheduleDefinitionID - The id of the access review schedule definition. +// - properties - Access review schedule definition properties. +// - options - ScopeAccessReviewScheduleDefinitionsClientCreateOrUpdateByIDOptions contains the optional parameters for the +// ScopeAccessReviewScheduleDefinitionsClient.CreateOrUpdateByID method. +func (client *ScopeAccessReviewScheduleDefinitionsClient) CreateOrUpdateByID(ctx context.Context, scope string, scheduleDefinitionID string, properties AccessReviewScheduleDefinitionProperties, options *ScopeAccessReviewScheduleDefinitionsClientCreateOrUpdateByIDOptions) (ScopeAccessReviewScheduleDefinitionsClientCreateOrUpdateByIDResponse, error) { + var err error + const operationName = "ScopeAccessReviewScheduleDefinitionsClient.CreateOrUpdateByID" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.createOrUpdateByIDCreateRequest(ctx, scope, scheduleDefinitionID, properties, options) + if err != nil { + return ScopeAccessReviewScheduleDefinitionsClientCreateOrUpdateByIDResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return ScopeAccessReviewScheduleDefinitionsClientCreateOrUpdateByIDResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK) { + err = runtime.NewResponseError(httpResp) + return ScopeAccessReviewScheduleDefinitionsClientCreateOrUpdateByIDResponse{}, err + } + resp, err := client.createOrUpdateByIDHandleResponse(httpResp) + return resp, err +} + +// createOrUpdateByIDCreateRequest creates the CreateOrUpdateByID request. +func (client *ScopeAccessReviewScheduleDefinitionsClient) createOrUpdateByIDCreateRequest(ctx context.Context, scope string, scheduleDefinitionID string, properties AccessReviewScheduleDefinitionProperties, options *ScopeAccessReviewScheduleDefinitionsClientCreateOrUpdateByIDOptions) (*policy.Request, error) { + urlPath := "/{scope}/providers/Microsoft.Authorization/accessReviewScheduleDefinitions/{scheduleDefinitionId}" + if scope == "" { + return nil, errors.New("parameter scope cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{scope}", url.PathEscape(scope)) + if scheduleDefinitionID == "" { + return nil, errors.New("parameter scheduleDefinitionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{scheduleDefinitionId}", url.PathEscape(scheduleDefinitionID)) + req, err := runtime.NewRequest(ctx, http.MethodPut, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2021-12-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + if err := runtime.MarshalAsJSON(req, properties); err != nil { + return nil, err + } + return req, nil +} + +// createOrUpdateByIDHandleResponse handles the CreateOrUpdateByID response. +func (client *ScopeAccessReviewScheduleDefinitionsClient) createOrUpdateByIDHandleResponse(resp *http.Response) (ScopeAccessReviewScheduleDefinitionsClientCreateOrUpdateByIDResponse, error) { + result := ScopeAccessReviewScheduleDefinitionsClientCreateOrUpdateByIDResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.AccessReviewScheduleDefinition); err != nil { + return ScopeAccessReviewScheduleDefinitionsClientCreateOrUpdateByIDResponse{}, err + } + return result, nil +} + +// DeleteByID - Delete access review schedule definition +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2021-12-01-preview +// - scope - The scope of the resource. +// - scheduleDefinitionID - The id of the access review schedule definition. +// - options - ScopeAccessReviewScheduleDefinitionsClientDeleteByIDOptions contains the optional parameters for the ScopeAccessReviewScheduleDefinitionsClient.DeleteByID +// method. +func (client *ScopeAccessReviewScheduleDefinitionsClient) DeleteByID(ctx context.Context, scope string, scheduleDefinitionID string, options *ScopeAccessReviewScheduleDefinitionsClientDeleteByIDOptions) (ScopeAccessReviewScheduleDefinitionsClientDeleteByIDResponse, error) { + var err error + const operationName = "ScopeAccessReviewScheduleDefinitionsClient.DeleteByID" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.deleteByIDCreateRequest(ctx, scope, scheduleDefinitionID, options) + if err != nil { + return ScopeAccessReviewScheduleDefinitionsClientDeleteByIDResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return ScopeAccessReviewScheduleDefinitionsClientDeleteByIDResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK, http.StatusNoContent) { + err = runtime.NewResponseError(httpResp) + return ScopeAccessReviewScheduleDefinitionsClientDeleteByIDResponse{}, err + } + return ScopeAccessReviewScheduleDefinitionsClientDeleteByIDResponse{}, nil +} + +// deleteByIDCreateRequest creates the DeleteByID request. +func (client *ScopeAccessReviewScheduleDefinitionsClient) deleteByIDCreateRequest(ctx context.Context, scope string, scheduleDefinitionID string, options *ScopeAccessReviewScheduleDefinitionsClientDeleteByIDOptions) (*policy.Request, error) { + urlPath := "/{scope}/providers/Microsoft.Authorization/accessReviewScheduleDefinitions/{scheduleDefinitionId}" + if scope == "" { + return nil, errors.New("parameter scope cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{scope}", url.PathEscape(scope)) + if scheduleDefinitionID == "" { + return nil, errors.New("parameter scheduleDefinitionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{scheduleDefinitionId}", url.PathEscape(scheduleDefinitionID)) + req, err := runtime.NewRequest(ctx, http.MethodDelete, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2021-12-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// GetByID - Get single access review definition +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2021-12-01-preview +// - scope - The scope of the resource. +// - scheduleDefinitionID - The id of the access review schedule definition. +// - options - ScopeAccessReviewScheduleDefinitionsClientGetByIDOptions contains the optional parameters for the ScopeAccessReviewScheduleDefinitionsClient.GetByID +// method. +func (client *ScopeAccessReviewScheduleDefinitionsClient) GetByID(ctx context.Context, scope string, scheduleDefinitionID string, options *ScopeAccessReviewScheduleDefinitionsClientGetByIDOptions) (ScopeAccessReviewScheduleDefinitionsClientGetByIDResponse, error) { + var err error + const operationName = "ScopeAccessReviewScheduleDefinitionsClient.GetByID" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.getByIDCreateRequest(ctx, scope, scheduleDefinitionID, options) + if err != nil { + return ScopeAccessReviewScheduleDefinitionsClientGetByIDResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return ScopeAccessReviewScheduleDefinitionsClientGetByIDResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusOK) { + err = runtime.NewResponseError(httpResp) + return ScopeAccessReviewScheduleDefinitionsClientGetByIDResponse{}, err + } + resp, err := client.getByIDHandleResponse(httpResp) + return resp, err +} + +// getByIDCreateRequest creates the GetByID request. +func (client *ScopeAccessReviewScheduleDefinitionsClient) getByIDCreateRequest(ctx context.Context, scope string, scheduleDefinitionID string, options *ScopeAccessReviewScheduleDefinitionsClientGetByIDOptions) (*policy.Request, error) { + urlPath := "/{scope}/providers/Microsoft.Authorization/accessReviewScheduleDefinitions/{scheduleDefinitionId}" + if scope == "" { + return nil, errors.New("parameter scope cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{scope}", url.PathEscape(scope)) + if scheduleDefinitionID == "" { + return nil, errors.New("parameter scheduleDefinitionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{scheduleDefinitionId}", url.PathEscape(scheduleDefinitionID)) + req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2021-12-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// getByIDHandleResponse handles the GetByID response. +func (client *ScopeAccessReviewScheduleDefinitionsClient) getByIDHandleResponse(resp *http.Response) (ScopeAccessReviewScheduleDefinitionsClientGetByIDResponse, error) { + result := ScopeAccessReviewScheduleDefinitionsClientGetByIDResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.AccessReviewScheduleDefinition); err != nil { + return ScopeAccessReviewScheduleDefinitionsClientGetByIDResponse{}, err + } + return result, nil +} + +// NewListPager - Get access review schedule definitions +// +// Generated from API version 2021-12-01-preview +// - scope - The scope of the resource. +// - options - ScopeAccessReviewScheduleDefinitionsClientListOptions contains the optional parameters for the ScopeAccessReviewScheduleDefinitionsClient.NewListPager +// method. +func (client *ScopeAccessReviewScheduleDefinitionsClient) NewListPager(scope string, options *ScopeAccessReviewScheduleDefinitionsClientListOptions) *runtime.Pager[ScopeAccessReviewScheduleDefinitionsClientListResponse] { + return runtime.NewPager(runtime.PagingHandler[ScopeAccessReviewScheduleDefinitionsClientListResponse]{ + More: func(page ScopeAccessReviewScheduleDefinitionsClientListResponse) bool { + return page.NextLink != nil && len(*page.NextLink) > 0 + }, + Fetcher: func(ctx context.Context, page *ScopeAccessReviewScheduleDefinitionsClientListResponse) (ScopeAccessReviewScheduleDefinitionsClientListResponse, error) { + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, "ScopeAccessReviewScheduleDefinitionsClient.NewListPager") + nextLink := "" + if page != nil { + nextLink = *page.NextLink + } + resp, err := runtime.FetcherForNextLink(ctx, client.internal.Pipeline(), nextLink, func(ctx context.Context) (*policy.Request, error) { + return client.listCreateRequest(ctx, scope, options) + }, nil) + if err != nil { + return ScopeAccessReviewScheduleDefinitionsClientListResponse{}, err + } + return client.listHandleResponse(resp) + }, + Tracer: client.internal.Tracer(), + }) +} + +// listCreateRequest creates the List request. +func (client *ScopeAccessReviewScheduleDefinitionsClient) listCreateRequest(ctx context.Context, scope string, options *ScopeAccessReviewScheduleDefinitionsClientListOptions) (*policy.Request, error) { + urlPath := "/{scope}/providers/Microsoft.Authorization/accessReviewScheduleDefinitions" + if scope == "" { + return nil, errors.New("parameter scope cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{scope}", url.PathEscape(scope)) + req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2021-12-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + unencodedParams := []string{req.Raw().URL.RawQuery} + if options != nil && options.Filter != nil { + unencodedParams = append(unencodedParams, "$filter="+*options.Filter) + } + req.Raw().URL.RawQuery = strings.Join(unencodedParams, "&") + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// listHandleResponse handles the List response. +func (client *ScopeAccessReviewScheduleDefinitionsClient) listHandleResponse(resp *http.Response) (ScopeAccessReviewScheduleDefinitionsClientListResponse, error) { + result := ScopeAccessReviewScheduleDefinitionsClientListResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.AccessReviewScheduleDefinitionListResult); err != nil { + return ScopeAccessReviewScheduleDefinitionsClientListResponse{}, err + } + return result, nil +} + +// Stop - Stop access review definition +// If the operation fails it returns an *azcore.ResponseError type. +// +// Generated from API version 2021-12-01-preview +// - scope - The scope of the resource. +// - scheduleDefinitionID - The id of the access review schedule definition. +// - options - ScopeAccessReviewScheduleDefinitionsClientStopOptions contains the optional parameters for the ScopeAccessReviewScheduleDefinitionsClient.Stop +// method. +func (client *ScopeAccessReviewScheduleDefinitionsClient) Stop(ctx context.Context, scope string, scheduleDefinitionID string, options *ScopeAccessReviewScheduleDefinitionsClientStopOptions) (ScopeAccessReviewScheduleDefinitionsClientStopResponse, error) { + var err error + const operationName = "ScopeAccessReviewScheduleDefinitionsClient.Stop" + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, operationName) + ctx, endSpan := runtime.StartSpan(ctx, operationName, client.internal.Tracer(), nil) + defer func() { endSpan(err) }() + req, err := client.stopCreateRequest(ctx, scope, scheduleDefinitionID, options) + if err != nil { + return ScopeAccessReviewScheduleDefinitionsClientStopResponse{}, err + } + httpResp, err := client.internal.Pipeline().Do(req) + if err != nil { + return ScopeAccessReviewScheduleDefinitionsClientStopResponse{}, err + } + if !runtime.HasStatusCode(httpResp, http.StatusNoContent) { + err = runtime.NewResponseError(httpResp) + return ScopeAccessReviewScheduleDefinitionsClientStopResponse{}, err + } + return ScopeAccessReviewScheduleDefinitionsClientStopResponse{}, nil +} + +// stopCreateRequest creates the Stop request. +func (client *ScopeAccessReviewScheduleDefinitionsClient) stopCreateRequest(ctx context.Context, scope string, scheduleDefinitionID string, options *ScopeAccessReviewScheduleDefinitionsClientStopOptions) (*policy.Request, error) { + urlPath := "/{scope}/providers/Microsoft.Authorization/accessReviewScheduleDefinitions/{scheduleDefinitionId}/stop" + if scope == "" { + return nil, errors.New("parameter scope cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{scope}", url.PathEscape(scope)) + if scheduleDefinitionID == "" { + return nil, errors.New("parameter scheduleDefinitionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{scheduleDefinitionId}", url.PathEscape(scheduleDefinitionID)) + req, err := runtime.NewRequest(ctx, http.MethodPost, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2021-12-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} diff --git a/vendor/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3/tenantlevelaccessreviewinstancecontactedreviewers_client.go b/vendor/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3/tenantlevelaccessreviewinstancecontactedreviewers_client.go new file mode 100644 index 00000000000..b195308752b --- /dev/null +++ b/vendor/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3/tenantlevelaccessreviewinstancecontactedreviewers_client.go @@ -0,0 +1,102 @@ +//go:build go1.18 +// +build go1.18 + +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package armauthorization + +import ( + "context" + "errors" + "github.com/Azure/azure-sdk-for-go/sdk/azcore" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/arm" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/policy" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/runtime" + "net/http" + "net/url" + "strings" +) + +// TenantLevelAccessReviewInstanceContactedReviewersClient contains the methods for the TenantLevelAccessReviewInstanceContactedReviewers group. +// Don't use this type directly, use NewTenantLevelAccessReviewInstanceContactedReviewersClient() instead. +type TenantLevelAccessReviewInstanceContactedReviewersClient struct { + internal *arm.Client +} + +// NewTenantLevelAccessReviewInstanceContactedReviewersClient creates a new instance of TenantLevelAccessReviewInstanceContactedReviewersClient with the specified values. +// - credential - used to authorize requests. Usually a credential from azidentity. +// - options - pass nil to accept the default values. +func NewTenantLevelAccessReviewInstanceContactedReviewersClient(credential azcore.TokenCredential, options *arm.ClientOptions) (*TenantLevelAccessReviewInstanceContactedReviewersClient, error) { + cl, err := arm.NewClient(moduleName, moduleVersion, credential, options) + if err != nil { + return nil, err + } + client := &TenantLevelAccessReviewInstanceContactedReviewersClient{ + internal: cl, + } + return client, nil +} + +// NewListPager - Get access review instance contacted reviewers +// +// Generated from API version 2021-12-01-preview +// - scheduleDefinitionID - The id of the access review schedule definition. +// - id - The id of the access review instance. +// - options - TenantLevelAccessReviewInstanceContactedReviewersClientListOptions contains the optional parameters for the TenantLevelAccessReviewInstanceContactedReviewersClient.NewListPager +// method. +func (client *TenantLevelAccessReviewInstanceContactedReviewersClient) NewListPager(scheduleDefinitionID string, id string, options *TenantLevelAccessReviewInstanceContactedReviewersClientListOptions) *runtime.Pager[TenantLevelAccessReviewInstanceContactedReviewersClientListResponse] { + return runtime.NewPager(runtime.PagingHandler[TenantLevelAccessReviewInstanceContactedReviewersClientListResponse]{ + More: func(page TenantLevelAccessReviewInstanceContactedReviewersClientListResponse) bool { + return page.NextLink != nil && len(*page.NextLink) > 0 + }, + Fetcher: func(ctx context.Context, page *TenantLevelAccessReviewInstanceContactedReviewersClientListResponse) (TenantLevelAccessReviewInstanceContactedReviewersClientListResponse, error) { + ctx = context.WithValue(ctx, runtime.CtxAPINameKey{}, "TenantLevelAccessReviewInstanceContactedReviewersClient.NewListPager") + nextLink := "" + if page != nil { + nextLink = *page.NextLink + } + resp, err := runtime.FetcherForNextLink(ctx, client.internal.Pipeline(), nextLink, func(ctx context.Context) (*policy.Request, error) { + return client.listCreateRequest(ctx, scheduleDefinitionID, id, options) + }, nil) + if err != nil { + return TenantLevelAccessReviewInstanceContactedReviewersClientListResponse{}, err + } + return client.listHandleResponse(resp) + }, + Tracer: client.internal.Tracer(), + }) +} + +// listCreateRequest creates the List request. +func (client *TenantLevelAccessReviewInstanceContactedReviewersClient) listCreateRequest(ctx context.Context, scheduleDefinitionID string, id string, options *TenantLevelAccessReviewInstanceContactedReviewersClientListOptions) (*policy.Request, error) { + urlPath := "/providers/Microsoft.Authorization/accessReviewScheduleDefinitions/{scheduleDefinitionId}/instances/{id}/contactedReviewers" + if scheduleDefinitionID == "" { + return nil, errors.New("parameter scheduleDefinitionID cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{scheduleDefinitionId}", url.PathEscape(scheduleDefinitionID)) + if id == "" { + return nil, errors.New("parameter id cannot be empty") + } + urlPath = strings.ReplaceAll(urlPath, "{id}", url.PathEscape(id)) + req, err := runtime.NewRequest(ctx, http.MethodGet, runtime.JoinPaths(client.internal.Endpoint(), urlPath)) + if err != nil { + return nil, err + } + reqQP := req.Raw().URL.Query() + reqQP.Set("api-version", "2021-12-01-preview") + req.Raw().URL.RawQuery = reqQP.Encode() + req.Raw().Header["Accept"] = []string{"application/json"} + return req, nil +} + +// listHandleResponse handles the List response. +func (client *TenantLevelAccessReviewInstanceContactedReviewersClient) listHandleResponse(resp *http.Response) (TenantLevelAccessReviewInstanceContactedReviewersClientListResponse, error) { + result := TenantLevelAccessReviewInstanceContactedReviewersClientListResponse{} + if err := runtime.UnmarshalAsJSON(resp, &result.AccessReviewContactedReviewerListResult); err != nil { + return TenantLevelAccessReviewInstanceContactedReviewersClientListResponse{}, err + } + return result, nil +} diff --git a/vendor/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3/time_rfc3339.go b/vendor/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3/time_rfc3339.go new file mode 100644 index 00000000000..57651544a30 --- /dev/null +++ b/vendor/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3/time_rfc3339.go @@ -0,0 +1,86 @@ +//go:build go1.18 +// +build go1.18 + +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. See License.txt in the project root for license information. +// Code generated by Microsoft (R) AutoRest Code Generator. DO NOT EDIT. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +package armauthorization + +import ( + "encoding/json" + "fmt" + "github.com/Azure/azure-sdk-for-go/sdk/azcore" + "reflect" + "regexp" + "strings" + "time" +) + +// Azure reports time in UTC but it doesn't include the 'Z' time zone suffix in some cases. +var tzOffsetRegex = regexp.MustCompile(`(Z|z|\+|-)(\d+:\d+)*"*$`) + +const ( + utcDateTimeJSON = `"2006-01-02T15:04:05.999999999"` + utcDateTime = "2006-01-02T15:04:05.999999999" + dateTimeJSON = `"` + time.RFC3339Nano + `"` +) + +type dateTimeRFC3339 time.Time + +func (t dateTimeRFC3339) MarshalJSON() ([]byte, error) { + tt := time.Time(t) + return tt.MarshalJSON() +} + +func (t dateTimeRFC3339) MarshalText() ([]byte, error) { + tt := time.Time(t) + return tt.MarshalText() +} + +func (t *dateTimeRFC3339) UnmarshalJSON(data []byte) error { + layout := utcDateTimeJSON + if tzOffsetRegex.Match(data) { + layout = dateTimeJSON + } + return t.Parse(layout, string(data)) +} + +func (t *dateTimeRFC3339) UnmarshalText(data []byte) error { + layout := utcDateTime + if tzOffsetRegex.Match(data) { + layout = time.RFC3339Nano + } + return t.Parse(layout, string(data)) +} + +func (t *dateTimeRFC3339) Parse(layout, value string) error { + p, err := time.Parse(layout, strings.ToUpper(value)) + *t = dateTimeRFC3339(p) + return err +} + +func populateDateTimeRFC3339(m map[string]any, k string, t *time.Time) { + if t == nil { + return + } else if azcore.IsNullValue(t) { + m[k] = nil + return + } else if reflect.ValueOf(t).IsNil() { + return + } + m[k] = (*dateTimeRFC3339)(t) +} + +func unpopulateDateTimeRFC3339(data json.RawMessage, fn string, t **time.Time) error { + if data == nil || strings.EqualFold(string(data), "null") { + return nil + } + var aux dateTimeRFC3339 + if err := json.Unmarshal(data, &aux); err != nil { + return fmt.Errorf("struct field %s: %v", fn, err) + } + *t = (*time.Time)(&aux) + return nil +} diff --git a/vendor/modules.txt b/vendor/modules.txt index e19eda6a55a..5b949f25268 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -58,6 +58,9 @@ github.com/Azure/azure-sdk-for-go/sdk/internal/log github.com/Azure/azure-sdk-for-go/sdk/internal/poller github.com/Azure/azure-sdk-for-go/sdk/internal/temporal github.com/Azure/azure-sdk-for-go/sdk/internal/uuid +# github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3 v3.0.0-beta.2 +## explicit; go 1.18 +github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v3 # github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/cosmos/armcosmos/v2 v2.5.0 ## explicit; go 1.18 github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/cosmos/armcosmos/v2