@azure/arm-security 6.0.0-beta.3 → 6.0.0-beta.4

package/src/models/index.ts

@@ -54,13 +54,16 @@ export type CloudOfferingUnion =
   | DefenderCspmAwsOffering
   | DefenderCspmGcpOffering
   | DefenderForDevOpsGithubOffering
-  | DefenderForDevOpsAzureDevOpsOffering;
+  | DefenderForDevOpsAzureDevOpsOffering
+  | CspmMonitorGitLabOffering
+  | DefenderForDevOpsGitLabOffering;
 export type EnvironmentDataUnion =
   | EnvironmentData
   | AwsEnvironmentData
   | GcpProjectEnvironmentData
   | GithubScopeEnvironmentData
-  | AzureDevOpsScopeEnvironmentData;
+  | AzureDevOpsScopeEnvironmentData
+  | GitlabScopeEnvironmentData;
 export type AwsOrganizationalDataUnion =
   | AwsOrganizationalData
   | AwsOrganizationalDataMaster
@@ -263,6 +266,35 @@ export interface PricingList {
   value: Pricing[];
 }
 
+/** A plan's extension properties */
+export interface Extension {
+  /**
+   * The extension name. Supported values are: <br><br>**AgentlessDiscoveryForKubernetes** - API-based discovery of information about Kubernetes cluster architecture, workload objects, and setup. Required for Kubernetes inventory, identity and network exposure detection, attack path analysis and risk hunting as part of the cloud security explorer.
+   * Available for CloudPosture plan.<br><br>**OnUploadMalwareScanning** - Limits the GB to be scanned per month for each storage account within the subscription. Once this limit reached on a given storage account, Blobs won't be scanned during current calendar month.
+   * Available for StorageAccounts plan.<br><br>**SensitiveDataDiscovery** - Sensitive data discovery identifies Blob storage container with sensitive data such as credentials, credit cards, and more, to help prioritize and investigate security events.
+   * Available for StorageAccounts and CloudPosture plans.<br><br>**ContainerRegistriesVulnerabilityAssessments** - Provides vulnerability management for images stored in your container registries.
+   * Available for CloudPosture and Containers plans.
+   */
+  name: string;
+  /** Indicates whether the extension is enabled. */
+  isEnabled: IsEnabled;
+  /** Property values associated with the extension. */
+  additionalExtensionProperties?: { [propertyName: string]: any };
+  /**
+   * Optional. A status describing the success/failure of the extension's enablement/disablement operation.
+   * NOTE: This property will not be serialized. It can only be populated by the server.
+   */
+  readonly operationStatus?: OperationStatus;
+}
+
+/** A status describing the success/failure of the extension's enablement/disablement operation. */
+export interface OperationStatus {
+  /** The operation status code. */
+  code?: Code;
+  /** Additional information regarding the success/failure of the operation. */
+  message?: string;
+}
+
 /** List of device security groups */
 export interface DeviceSecurityGroupList {
   /** List of device security group objects */
@@ -1605,53 +1637,6 @@ export interface SoftwaresList {
   readonly nextLink?: string;
 }
 
-/** List of security connectors response. */
-export interface SecurityConnectorsList {
-  /** The list of security connectors under the given scope. */
-  value: SecurityConnector[];
-  /**
-   * The URI to fetch the next page.
-   * NOTE: This property will not be serialized. It can only be populated by the server.
-   */
-  readonly nextLink?: string;
-}
-
-/** The security offering details */
-export interface CloudOffering {
-  /** Polymorphic discriminator, which specifies the different types this object can be */
-  offeringType:
-    | "CspmMonitorAws"
-    | "DefenderForContainersAws"
-    | "DefenderForServersAws"
-    | "DefenderForDatabasesAws"
-    | "InformationProtectionAws"
-    | "CspmMonitorGcp"
-    | "DefenderForServersGcp"
-    | "DefenderForDatabasesGcp"
-    | "DefenderForContainersGcp"
-    | "CspmMonitorGithub"
-    | "CspmMonitorAzureDevOps"
-    | "DefenderCspmAws"
-    | "DefenderCspmGcp"
-    | "DefenderForDevOpsGithub"
-    | "DefenderForDevOpsAzureDevOps";
-  /**
-   * The offering description.
-   * NOTE: This property will not be serialized. It can only be populated by the server.
-   */
-  readonly description?: string;
-}
-
-/** The security connector environment data. */
-export interface EnvironmentData {
-  /** Polymorphic discriminator, which specifies the different types this object can be */
-  environmentType:
-    | "AwsAccount"
-    | "GcpProject"
-    | "GithubScope"
-    | "AzureDevOpsScope";
-}
-
 /** Page of a governance rules list */
 export interface GovernanceRuleList {
   /**
@@ -2117,6 +2102,78 @@ export interface RulesResultsInput {
   results?: { [propertyName: string]: string[][] };
 }
 
+/** List of security connectors response. */
+export interface SecurityConnectorsList {
+  /** The list of security connectors under the given scope. */
+  value: SecurityConnector[];
+  /**
+   * The URI to fetch the next page.
+   * NOTE: This property will not be serialized. It can only be populated by the server.
+   */
+  readonly nextLink?: string;
+}
+
+/** The security offering details */
+export interface CloudOffering {
+  /** Polymorphic discriminator, which specifies the different types this object can be */
+  offeringType:
+    | "CspmMonitorAws"
+    | "DefenderForContainersAws"
+    | "DefenderForServersAws"
+    | "DefenderForDatabasesAws"
+    | "InformationProtectionAws"
+    | "CspmMonitorGcp"
+    | "DefenderForServersGcp"
+    | "DefenderForDatabasesGcp"
+    | "DefenderForContainersGcp"
+    | "CspmMonitorGithub"
+    | "CspmMonitorAzureDevOps"
+    | "DefenderCspmAws"
+    | "DefenderCspmGcp"
+    | "DefenderForDevOpsGithub"
+    | "DefenderForDevOpsAzureDevOps"
+    | "CspmMonitorGitLab"
+    | "DefenderForDevOpsGitLab";
+  /**
+   * The offering description.
+   * NOTE: This property will not be serialized. It can only be populated by the server.
+   */
+  readonly description?: string;
+}
+
+/** The security connector environment data. */
+export interface EnvironmentData {
+  /** Polymorphic discriminator, which specifies the different types this object can be */
+  environmentType:
+    | "AwsAccount"
+    | "GcpProject"
+    | "GithubScope"
+    | "AzureDevOpsScope"
+    | "GitlabScope";
+}
+
+/** List of SecurityOperator response. */
+export interface SecurityOperatorList {
+  /** List of SecurityOperator configurations */
+  value: SecurityOperator[];
+}
+
+/** Identity for the resource. */
+export interface Identity {
+  /**
+   * The principal ID of resource identity.
+   * NOTE: This property will not be serialized. It can only be populated by the server.
+   */
+  readonly principalId?: string;
+  /**
+   * The tenant ID of resource.
+   * NOTE: This property will not be serialized. It can only be populated by the server.
+   */
+  readonly tenantId?: string;
+  /** The identity type. */
+  type?: "SystemAssigned";
+}
+
 /** CVSS details */
 export interface Cvss {
   /**
@@ -2195,7 +2252,27 @@ export interface SecureScoreControlScore {
   readonly percentage?: number;
 }
 
-/** The awsOrganization data */
+/** Governance rule's condition */
+export interface Condition {
+  /** The governance rule Condition's Property, e.g. Severity or AssessmentKey, see examples */
+  property?: string;
+  /** The governance rule Condition's Value like severity Low, High or assessments keys, see examples */
+  value?: string;
+  /** The governance rule Condition's Operator, for example Equals for severity or In for list of assessments, see examples */
+  operator?: GovernanceRuleConditionOperator;
+}
+
+/** Application's condition */
+export interface ApplicationCondition {
+  /** The application Condition's Property, e.g. ID, see examples */
+  property?: string;
+  /** The application Condition's Value like IDs that contain some string, see examples */
+  value?: string;
+  /** The application Condition's Operator, for example Contains for id or In for list of possible IDs, see examples */
+  operator?: ApplicationConditionOperator;
+}
+
+/** The AWS organization data */
 export interface AwsOrganizationalData {
   /** Polymorphic discriminator, which specifies the different types this object can be */
   organizationMembershipType: "Organization" | "Member";
@@ -2218,6 +2295,11 @@ export interface GcpProjectDetails {
    * NOTE: This property will not be serialized. It can only be populated by the server.
    */
   readonly workloadIdentityPoolId?: string;
+  /**
+   * GCP project name
+   * NOTE: This property will not be serialized. It can only be populated by the server.
+   */
+  readonly projectName?: string;
 }
 
 /** The native cloud connection configuration */
@@ -2274,6 +2356,16 @@ export interface DefenderForServersAwsOfferingArcAutoProvisioning {
   enabled?: boolean;
   /** The cloud role ARN in AWS for this feature */
   cloudRoleArn?: string;
+  /** Configuration for servers Arc auto provisioning */
+  configuration?: DefenderForServersAwsOfferingArcAutoProvisioningConfiguration;
+}
+
+/** Configuration for servers Arc auto provisioning */
+export interface DefenderForServersAwsOfferingArcAutoProvisioningConfiguration {
+  /** Optional HTTP proxy endpoint to use for the Arc agent */
+  proxy?: string;
+  /** Optional Arc private link scope resource id to link the Arc agent */
+  privateLinkScope?: string;
 }
 
 /** The Vulnerability Assessment autoprovisioning configuration */
@@ -2316,7 +2408,7 @@ export interface DefenderForServersAwsOfferingVmScanners {
 export interface DefenderForServersAwsOfferingVmScannersConfiguration {
   /** The cloud role ARN in AWS for this feature */
   cloudRoleArn?: string;
-  /** The scanning mode for the vm scan. */
+  /** The scanning mode for the VM scan. */
   scanningMode?: ScanningMode;
   /** VM tags that indicates that VM should not be scanned */
   exclusionTags?: { [propertyName: string]: string };
@@ -2328,6 +2420,16 @@ export interface DefenderFoDatabasesAwsOfferingArcAutoProvisioning {
   enabled?: boolean;
   /** The cloud role ARN in AWS for this feature */
   cloudRoleArn?: string;
+  /** Configuration for servers Arc auto provisioning */
+  configuration?: DefenderFoDatabasesAwsOfferingArcAutoProvisioningConfiguration;
+}
+
+/** Configuration for servers Arc auto provisioning */
+export interface DefenderFoDatabasesAwsOfferingArcAutoProvisioningConfiguration {
+  /** Optional http proxy endpoint to use for the Arc agent */
+  proxy?: string;
+  /** Optional Arc private link scope resource id to link the Arc agent */
+  privateLinkScope?: string;
 }
 
 /** The RDS configuration */
@@ -2338,6 +2440,14 @@ export interface DefenderFoDatabasesAwsOfferingRds {
   cloudRoleArn?: string;
 }
 
+/** The databases data security posture management (DSPM) configuration */
+export interface DefenderFoDatabasesAwsOfferingDatabasesDspm {
+  /** Is databases data security posture management (DSPM) protection enabled */
+  enabled?: boolean;
+  /** The cloud role ARN in AWS for this feature */
+  cloudRoleArn?: string;
+}
+
 /** The native cloud connection configuration */
 export interface InformationProtectionAwsOfferingInformationProtection {
   /** The cloud role ARN in AWS for this feature */
@@ -2364,6 +2474,16 @@ export interface DefenderForServersGcpOfferingDefenderForServers {
 export interface DefenderForServersGcpOfferingArcAutoProvisioning {
   /** Is arc auto provisioning enabled */
   enabled?: boolean;
+  /** Configuration for servers Arc auto provisioning */
+  configuration?: DefenderForServersGcpOfferingArcAutoProvisioningConfiguration;
+}
+
+/** Configuration for servers Arc auto provisioning */
+export interface DefenderForServersGcpOfferingArcAutoProvisioningConfiguration {
+  /** Optional HTTP proxy endpoint to use for the Arc agent */
+  proxy?: string;
+  /** Optional Arc private link scope resource id to link the Arc agent */
+  privateLinkScope?: string;
 }
 
 /** The Vulnerability Assessment autoprovisioning configuration */
@@ -2394,10 +2514,36 @@ export interface DefenderForServersGcpOfferingSubPlan {
   type?: SubPlan;
 }
 
+/** The Microsoft Defender for Server VM scanning configuration */
+export interface DefenderForServersGcpOfferingVmScanners {
+  /** Is Microsoft Defender for Server VM scanning enabled */
+  enabled?: boolean;
+  /** configuration for Microsoft Defender for Server VM scanning */
+  configuration?: DefenderForServersGcpOfferingVmScannersConfiguration;
+}
+
+/** configuration for Microsoft Defender for Server VM scanning */
+export interface DefenderForServersGcpOfferingVmScannersConfiguration {
+  /** The scanning mode for the VM scan. */
+  scanningMode?: ScanningMode;
+  /** VM tags that indicate that VM should not be scanned */
+  exclusionTags?: { [propertyName: string]: string };
+}
+
 /** The ARC autoprovisioning configuration */
 export interface DefenderForDatabasesGcpOfferingArcAutoProvisioning {
   /** Is arc auto provisioning enabled */
   enabled?: boolean;
+  /** Configuration for servers Arc auto provisioning */
+  configuration?: DefenderForDatabasesGcpOfferingArcAutoProvisioningConfiguration;
+}
+
+/** Configuration for servers Arc auto provisioning */
+export interface DefenderForDatabasesGcpOfferingArcAutoProvisioningConfiguration {
+  /** Optional http proxy endpoint to use for the Arc agent */
+  proxy?: string;
+  /** Optional Arc private link scope resource id to link the Arc agent */
+  privateLinkScope?: string;
 }
 
 /** The native cloud connection configuration */
@@ -2436,30 +2582,26 @@ export interface DefenderCspmAwsOfferingVmScanners {
 export interface DefenderCspmAwsOfferingVmScannersConfiguration {
   /** The cloud role ARN in AWS for this feature */
   cloudRoleArn?: string;
-  /** The scanning mode for the vm scan. */
+  /** The scanning mode for the VM scan. */
   scanningMode?: ScanningMode;
   /** VM tags that indicates that VM should not be scanned */
   exclusionTags?: { [propertyName: string]: string };
 }
 
-/** Governance rule's condition */
-export interface Condition {
-  /** The governance rule Condition's Property, e.g. Severity or AssessmentKey, see examples */
-  property?: string;
-  /** The governance rule Condition's Value like severity Low, High or assessments keys, see examples */
-  value?: string;
-  /** The governance rule Condition's Operator, for example Equals for severity or In for list of assessments, see examples */
-  operator?: GovernanceRuleConditionOperator;
+/** The Microsoft Defender Data Sensitivity discovery configuration */
+export interface DefenderCspmAwsOfferingDataSensitivityDiscovery {
+  /** Is Microsoft Defender Data Sensitivity discovery enabled */
+  enabled?: boolean;
+  /** The cloud role ARN in AWS for this feature */
+  cloudRoleArn?: string;
 }
 
-/** Application's condition */
-export interface ApplicationCondition {
-  /** The application Condition's Property, e.g. ID, see examples */
-  property?: string;
-  /** The application Condition's Value like IDs that contain some string, see examples */
-  value?: string;
-  /** The application Condition's Operator, for example Contains for id or In for list of possible IDs, see examples */
-  operator?: ApplicationConditionOperator;
+/** The databases DSPM configuration */
+export interface DefenderCspmAwsOfferingDatabasesDspm {
+  /** Is databases DSPM protection enabled */
+  enabled?: boolean;
+  /** The cloud role ARN in AWS for this feature */
+  cloudRoleArn?: string;
 }
 
 /** The resource of the configuration or data needed to onboard the machine to MDE */
@@ -2531,9 +2673,9 @@ export interface ComplianceResult extends Resource {
   readonly resourceStatus?: ResourceStatus;
 }
 
-/** Microsoft Defender for Cloud is provided in two pricing tiers: free and standard, with the standard tier available with a trial period. The standard tier offers advanced security capabilities, while the free tier offers basic security features. */
+/** Microsoft Defender for Cloud is provided in two pricing tiers: free and standard. The standard tier offers advanced security capabilities, while the free tier offers basic security features. */
 export interface Pricing extends Resource {
-  /** The pricing tier value. Microsoft Defender for Cloud is provided in two pricing tiers: free and standard, with the standard tier available with a trial period. The standard tier offers advanced security capabilities, while the free tier offers basic security features. */
+  /** The pricing tier value. Microsoft Defender for Cloud is provided in two pricing tiers: free and standard. The standard tier offers advanced security capabilities, while the free tier offers basic security features. */
   pricingTier?: PricingTier;
   /** The sub-plan selected for a Standard pricing configuration, when more than one sub-plan is available. Each sub-plan enables a set of security features. When not specified, full plan is applied. */
   subPlan?: string;
@@ -2542,6 +2684,11 @@ export interface Pricing extends Resource {
    * NOTE: This property will not be serialized. It can only be populated by the server.
    */
   readonly freeTrialRemainingTime?: string;
+  /**
+   * Optional. If `pricingTier` is `Standard` then this property holds the date of the last time the `pricingTier` was set to `Standard`, when available (e.g 2023-03-01T12:42:42.1921106Z).
+   * NOTE: This property will not be serialized. It can only be populated by the server.
+   */
+  readonly enablementTime?: Date;
   /**
    * Optional. True if the plan is deprecated. If there are replacing plans they will appear in `replacedBy` property
    * NOTE: This property will not be serialized. It can only be populated by the server.
@@ -2552,6 +2699,8 @@ export interface Pricing extends Resource {
    * NOTE: This property will not be serialized. It can only be populated by the server.
    */
   readonly replacedBy?: string[];
+  /** Optional. List of extensions offered under a plan. */
+  extensions?: Extension[];
 }
 
 /** The Advanced Threat Protection resource. */
@@ -3615,6 +3764,12 @@ export interface RuleResults extends Resource {
   properties?: RuleResultsProperties;
 }
 
+/** Security operator under a given subscription and pricing */
+export interface SecurityOperator extends Resource {
+  /** Identity for the resource. */
+  identity?: Identity;
+}
+
 /** Security assessment metadata */
 export interface SecurityAssessmentMetadata extends Resource {
   /** User friendly display name of the assessment */
@@ -4057,6 +4212,8 @@ export interface DefenderFoDatabasesAwsOffering extends CloudOffering {
   arcAutoProvisioning?: DefenderFoDatabasesAwsOfferingArcAutoProvisioning;
   /** The RDS configuration */
   rds?: DefenderFoDatabasesAwsOfferingRds;
+  /** The databases data security posture management (DSPM) configuration */
+  databasesDspm?: DefenderFoDatabasesAwsOfferingDatabasesDspm;
 }
 
 /** The information protection for AWS offering */
@@ -4089,6 +4246,8 @@ export interface DefenderForServersGcpOffering extends CloudOffering {
   mdeAutoProvisioning?: DefenderForServersGcpOfferingMdeAutoProvisioning;
   /** configuration for the servers offering subPlan */
   subPlan?: DefenderForServersGcpOfferingSubPlan;
+  /** The Microsoft Defender for Server VM scanning configuration */
+  vmScanners?: DefenderForServersGcpOfferingVmScanners;
 }
 
 /** The Defender for Databases GCP offering configurations */
@@ -4129,12 +4288,16 @@ export interface CspmMonitorAzureDevOpsOffering extends CloudOffering {
   offeringType: "CspmMonitorAzureDevOps";
 }
 
-/** The CSPM P1 for Aws offering */
+/** The CSPM P1 for AWS offering */
 export interface DefenderCspmAwsOffering extends CloudOffering {
   /** Polymorphic discriminator, which specifies the different types this object can be */
   offeringType: "DefenderCspmAws";
   /** The Microsoft Defender for Server VM scanning configuration */
   vmScanners?: DefenderCspmAwsOfferingVmScanners;
+  /** The Microsoft Defender Data Sensitivity discovery configuration */
+  dataSensitivityDiscovery?: DefenderCspmAwsOfferingDataSensitivityDiscovery;
+  /** The databases DSPM configuration */
+  databasesDspm?: DefenderCspmAwsOfferingDatabasesDspm;
 }
 
 /** The CSPM P1 for GCP offering */
@@ -4155,12 +4318,31 @@ export interface DefenderForDevOpsAzureDevOpsOffering extends CloudOffering {
   offeringType: "DefenderForDevOpsAzureDevOps";
 }
 
-/** The aws connector environment data */
+/** The CSPM (Cloud security posture management) monitoring for gitlab offering */
+export interface CspmMonitorGitLabOffering extends CloudOffering {
+  /** Polymorphic discriminator, which specifies the different types this object can be */
+  offeringType: "CspmMonitorGitLab";
+}
+
+/** The Defender for DevOps for Gitlab offering */
+export interface DefenderForDevOpsGitLabOffering extends CloudOffering {
+  /** Polymorphic discriminator, which specifies the different types this object can be */
+  offeringType: "DefenderForDevOpsGitLab";
+}
+
+/** The AWS connector environment data */
 export interface AwsEnvironmentData extends EnvironmentData {
   /** Polymorphic discriminator, which specifies the different types this object can be */
   environmentType: "AwsAccount";
   /** The AWS account's organizational data */
   organizationalData?: AwsOrganizationalDataUnion;
+  /** list of regions to scan */
+  regions?: string[];
+  /**
+   * The AWS account name
+   * NOTE: This property will not be serialized. It can only be populated by the server.
+   */
+  readonly accountName?: string;
 }
 
 /** The GCP project connector environment data */
@@ -4185,6 +4367,12 @@ export interface AzureDevOpsScopeEnvironmentData extends EnvironmentData {
   environmentType: "AzureDevOpsScope";
 }
 
+/** The GitLab scope connector's environment data */
+export interface GitlabScopeEnvironmentData extends EnvironmentData {
+  /** Polymorphic discriminator, which specifies the different types this object can be */
+  environmentType: "GitlabScope";
+}
+
 /** The external security solution properties for CEF solutions */
 export interface CefSolutionProperties
   extends ExternalSecuritySolutionProperties {
@@ -4204,7 +4392,7 @@ export interface AadSolutionProperties
   extends ExternalSecuritySolutionProperties,
     AadConnectivityStateAutoGenerated {}
 
-/** The awsOrganization data for the master account */
+/** The AWS organization data for the master account */
 export interface AwsOrganizationalDataMaster extends AwsOrganizationalData {
   /** Polymorphic discriminator, which specifies the different types this object can be */
   organizationMembershipType: "Organization";
@@ -4214,7 +4402,7 @@ export interface AwsOrganizationalDataMaster extends AwsOrganizationalData {
   excludedAccountIds?: string[];
 }
 
-/** The awsOrganization data for the member account */
+/** The AWS organization data for the member account */
 export interface AwsOrganizationalDataMember extends AwsOrganizationalData {
   /** Polymorphic discriminator, which specifies the different types this object can be */
   organizationMembershipType: "Member";
@@ -4233,6 +4421,11 @@ export interface GcpOrganizationalDataOrganization
   serviceAccountEmailAddress?: string;
   /** The GCP workload identity provider id which represents the permissions required to auto provision security connectors */
   workloadIdentityProviderId?: string;
+  /**
+   * GCP organization name
+   * NOTE: This property will not be serialized. It can only be populated by the server.
+   */
+  readonly organizationName?: string;
 }
 
 /** The gcpOrganization data for the member account */
@@ -4630,6 +4823,42 @@ export enum KnownPricingTier {
  */
 export type PricingTier = string;
 
+/** Known values of {@link IsEnabled} that the service accepts. */
+export enum KnownIsEnabled {
+  /** Indicates the extension is enabled */
+  True = "True",
+  /** Indicates the extension is disabled */
+  False = "False"
+}
+
+/**
+ * Defines values for IsEnabled. \
+ * {@link KnownIsEnabled} can be used interchangeably with IsEnabled,
+ *  this enum contains the known values that the service supports.
+ * ### Known values supported by the service
+ * **True**: Indicates the extension is enabled \
+ * **False**: Indicates the extension is disabled
+ */
+export type IsEnabled = string;
+
+/** Known values of {@link Code} that the service accepts. */
+export enum KnownCode {
+  /** Extension was created\/updated successfully. */
+  Succeeded = "Succeeded",
+  /** Extension was not created\/updated successfully. See operation status message for more details. */
+  Failed = "Failed"
+}
+
+/**
+ * Defines values for Code. \
+ * {@link KnownCode} can be used interchangeably with Code,
+ *  this enum contains the known values that the service supports.
+ * ### Known values supported by the service
+ * **Succeeded**: Extension was created\/updated successfully. \
+ * **Failed**: Extension was not created\/updated successfully. See operation status message for more details.
+ */
+export type Code = string;
+
 /** Known values of {@link ValueType} that the service accepts. */
 export enum KnownValueType {
   /** An IP range in CIDR format (e.g. '192.168.0.1\/8'). */
@@ -6487,131 +6716,23 @@ export enum KnownEndOfSupportStatus {
  */
 export type EndOfSupportStatus = string;
 
-/** Known values of {@link CloudName} that the service accepts. */
-export enum KnownCloudName {
-  /** Azure */
-  Azure = "Azure",
-  /** AWS */
-  AWS = "AWS",
-  /** GCP */
-  GCP = "GCP",
-  /** Github */
-  Github = "Github",
-  /** AzureDevOps */
-  AzureDevOps = "AzureDevOps"
+/** Known values of {@link GovernanceRuleType} that the service accepts. */
+export enum KnownGovernanceRuleType {
+  /** The source of the rule type definition is integrated */
+  Integrated = "Integrated",
+  /** The source of the rule type definition is ServiceNow */
+  ServiceNow = "ServiceNow"
 }
 
 /**
- * Defines values for CloudName. \
- * {@link KnownCloudName} can be used interchangeably with CloudName,
+ * Defines values for GovernanceRuleType. \
+ * {@link KnownGovernanceRuleType} can be used interchangeably with GovernanceRuleType,
  *  this enum contains the known values that the service supports.
  * ### Known values supported by the service
- * **Azure** \
- * **AWS** \
- * **GCP** \
- * **Github** \
- * **AzureDevOps**
+ * **Integrated**: The source of the rule type definition is integrated \
+ * **ServiceNow**: The source of the rule type definition is ServiceNow
  */
-export type CloudName = string;
-
-/** Known values of {@link OfferingType} that the service accepts. */
-export enum KnownOfferingType {
-  /** CspmMonitorAws */
-  CspmMonitorAws = "CspmMonitorAws",
-  /** DefenderForContainersAws */
-  DefenderForContainersAws = "DefenderForContainersAws",
-  /** DefenderForServersAws */
-  DefenderForServersAws = "DefenderForServersAws",
-  /** DefenderForDatabasesAws */
-  DefenderForDatabasesAws = "DefenderForDatabasesAws",
-  /** InformationProtectionAws */
-  InformationProtectionAws = "InformationProtectionAws",
-  /** CspmMonitorGcp */
-  CspmMonitorGcp = "CspmMonitorGcp",
-  /** CspmMonitorGithub */
-  CspmMonitorGithub = "CspmMonitorGithub",
-  /** CspmMonitorAzureDevOps */
-  CspmMonitorAzureDevOps = "CspmMonitorAzureDevOps",
-  /** DefenderForServersGcp */
-  DefenderForServersGcp = "DefenderForServersGcp",
-  /** DefenderForContainersGcp */
-  DefenderForContainersGcp = "DefenderForContainersGcp",
-  /** DefenderForDatabasesGcp */
-  DefenderForDatabasesGcp = "DefenderForDatabasesGcp",
-  /** DefenderCspmAws */
-  DefenderCspmAws = "DefenderCspmAws",
-  /** DefenderCspmGcp */
-  DefenderCspmGcp = "DefenderCspmGcp",
-  /** DefenderForDevOpsGithub */
-  DefenderForDevOpsGithub = "DefenderForDevOpsGithub",
-  /** DefenderForDevOpsAzureDevOps */
-  DefenderForDevOpsAzureDevOps = "DefenderForDevOpsAzureDevOps"
-}
-
-/**
- * Defines values for OfferingType. \
- * {@link KnownOfferingType} can be used interchangeably with OfferingType,
- *  this enum contains the known values that the service supports.
- * ### Known values supported by the service
- * **CspmMonitorAws** \
- * **DefenderForContainersAws** \
- * **DefenderForServersAws** \
- * **DefenderForDatabasesAws** \
- * **InformationProtectionAws** \
- * **CspmMonitorGcp** \
- * **CspmMonitorGithub** \
- * **CspmMonitorAzureDevOps** \
- * **DefenderForServersGcp** \
- * **DefenderForContainersGcp** \
- * **DefenderForDatabasesGcp** \
- * **DefenderCspmAws** \
- * **DefenderCspmGcp** \
- * **DefenderForDevOpsGithub** \
- * **DefenderForDevOpsAzureDevOps**
- */
-export type OfferingType = string;
-
-/** Known values of {@link EnvironmentType} that the service accepts. */
-export enum KnownEnvironmentType {
-  /** AwsAccount */
-  AwsAccount = "AwsAccount",
-  /** GcpProject */
-  GcpProject = "GcpProject",
-  /** GithubScope */
-  GithubScope = "GithubScope",
-  /** AzureDevOpsScope */
-  AzureDevOpsScope = "AzureDevOpsScope"
-}
-
-/**
- * Defines values for EnvironmentType. \
- * {@link KnownEnvironmentType} can be used interchangeably with EnvironmentType,
- *  this enum contains the known values that the service supports.
- * ### Known values supported by the service
- * **AwsAccount** \
- * **GcpProject** \
- * **GithubScope** \
- * **AzureDevOpsScope**
- */
-export type EnvironmentType = string;
-
-/** Known values of {@link GovernanceRuleType} that the service accepts. */
-export enum KnownGovernanceRuleType {
-  /** The source of the rule type definition is integrated */
-  Integrated = "Integrated",
-  /** The source of the rule type definition is ServiceNow */
-  ServiceNow = "ServiceNow"
-}
-
-/**
- * Defines values for GovernanceRuleType. \
- * {@link KnownGovernanceRuleType} can be used interchangeably with GovernanceRuleType,
- *  this enum contains the known values that the service supports.
- * ### Known values supported by the service
- * **Integrated**: The source of the rule type definition is integrated \
- * **ServiceNow**: The source of the rule type definition is ServiceNow
- */
-export type GovernanceRuleType = string;
+export type GovernanceRuleType = string;
 
 /** Known values of {@link GovernanceRuleSourceResourceType} that the service accepts. */
 export enum KnownGovernanceRuleSourceResourceType {
@@ -6841,6 +6962,126 @@ export enum KnownRuleType {
  */
 export type RuleType = string;
 
+/** Known values of {@link CloudName} that the service accepts. */
+export enum KnownCloudName {
+  /** Azure */
+  Azure = "Azure",
+  /** AWS */
+  AWS = "AWS",
+  /** GCP */
+  GCP = "GCP",
+  /** Github */
+  Github = "Github",
+  /** AzureDevOps */
+  AzureDevOps = "AzureDevOps",
+  /** GitLab */
+  GitLab = "GitLab"
+}
+
+/**
+ * Defines values for CloudName. \
+ * {@link KnownCloudName} can be used interchangeably with CloudName,
+ *  this enum contains the known values that the service supports.
+ * ### Known values supported by the service
+ * **Azure** \
+ * **AWS** \
+ * **GCP** \
+ * **Github** \
+ * **AzureDevOps** \
+ * **GitLab**
+ */
+export type CloudName = string;
+
+/** Known values of {@link OfferingType} that the service accepts. */
+export enum KnownOfferingType {
+  /** CspmMonitorAws */
+  CspmMonitorAws = "CspmMonitorAws",
+  /** DefenderForContainersAws */
+  DefenderForContainersAws = "DefenderForContainersAws",
+  /** DefenderForServersAws */
+  DefenderForServersAws = "DefenderForServersAws",
+  /** DefenderForDatabasesAws */
+  DefenderForDatabasesAws = "DefenderForDatabasesAws",
+  /** InformationProtectionAws */
+  InformationProtectionAws = "InformationProtectionAws",
+  /** CspmMonitorGcp */
+  CspmMonitorGcp = "CspmMonitorGcp",
+  /** CspmMonitorGithub */
+  CspmMonitorGithub = "CspmMonitorGithub",
+  /** CspmMonitorAzureDevOps */
+  CspmMonitorAzureDevOps = "CspmMonitorAzureDevOps",
+  /** DefenderForServersGcp */
+  DefenderForServersGcp = "DefenderForServersGcp",
+  /** DefenderForContainersGcp */
+  DefenderForContainersGcp = "DefenderForContainersGcp",
+  /** DefenderForDatabasesGcp */
+  DefenderForDatabasesGcp = "DefenderForDatabasesGcp",
+  /** DefenderCspmAws */
+  DefenderCspmAws = "DefenderCspmAws",
+  /** DefenderCspmGcp */
+  DefenderCspmGcp = "DefenderCspmGcp",
+  /** DefenderForDevOpsGithub */
+  DefenderForDevOpsGithub = "DefenderForDevOpsGithub",
+  /** DefenderForDevOpsAzureDevOps */
+  DefenderForDevOpsAzureDevOps = "DefenderForDevOpsAzureDevOps",
+  /** CspmMonitorGitLab */
+  CspmMonitorGitLab = "CspmMonitorGitLab",
+  /** DefenderForDevOpsGitLab */
+  DefenderForDevOpsGitLab = "DefenderForDevOpsGitLab"
+}
+
+/**
+ * Defines values for OfferingType. \
+ * {@link KnownOfferingType} can be used interchangeably with OfferingType,
+ *  this enum contains the known values that the service supports.
+ * ### Known values supported by the service
+ * **CspmMonitorAws** \
+ * **DefenderForContainersAws** \
+ * **DefenderForServersAws** \
+ * **DefenderForDatabasesAws** \
+ * **InformationProtectionAws** \
+ * **CspmMonitorGcp** \
+ * **CspmMonitorGithub** \
+ * **CspmMonitorAzureDevOps** \
+ * **DefenderForServersGcp** \
+ * **DefenderForContainersGcp** \
+ * **DefenderForDatabasesGcp** \
+ * **DefenderCspmAws** \
+ * **DefenderCspmGcp** \
+ * **DefenderForDevOpsGithub** \
+ * **DefenderForDevOpsAzureDevOps** \
+ * **CspmMonitorGitLab** \
+ * **DefenderForDevOpsGitLab**
+ */
+export type OfferingType = string;
+
+/** Known values of {@link EnvironmentType} that the service accepts. */
+export enum KnownEnvironmentType {
+  /** AwsAccount */
+  AwsAccount = "AwsAccount",
+  /** GcpProject */
+  GcpProject = "GcpProject",
+  /** GithubScope */
+  GithubScope = "GithubScope",
+  /** AzureDevOpsScope */
+  AzureDevOpsScope = "AzureDevOpsScope",
+  /** GitlabScope */
+  GitlabScope = "GitlabScope"
+}
+
+/**
+ * Defines values for EnvironmentType. \
+ * {@link KnownEnvironmentType} can be used interchangeably with EnvironmentType,
+ *  this enum contains the known values that the service supports.
+ * ### Known values supported by the service
+ * **AwsAccount** \
+ * **GcpProject** \
+ * **GithubScope** \
+ * **AzureDevOpsScope** \
+ * **GitlabScope**
+ */
+export type EnvironmentType = string;
+
 /** Known values of {@link AadConnectivityState} that the service accepts. */
 export enum KnownAadConnectivityState {
   /** Discovered */
@@ -6901,6 +7142,45 @@ export enum KnownBundleType {
  */
 export type BundleType = string;
 
+/** Known values of {@link GovernanceRuleConditionOperator} that the service accepts. */
+export enum KnownGovernanceRuleConditionOperator {
+  /** Checks that the string value of the data defined in Property equals the given value - exact fit */
+  Equals = "Equals",
+  /** Checks that the string value of the data defined in Property equals any of the given values (exact fit) */
+  In = "In"
+}
+
+/**
+ * Defines values for GovernanceRuleConditionOperator. \
+ * {@link KnownGovernanceRuleConditionOperator} can be used interchangeably with GovernanceRuleConditionOperator,
+ *  this enum contains the known values that the service supports.
+ * ### Known values supported by the service
+ * **Equals**: Checks that the string value of the data defined in Property equals the given value - exact fit \
+ * **In**: Checks that the string value of the data defined in Property equals any of the given values (exact fit)
+ */
+export type GovernanceRuleConditionOperator = string;
+
+/** Known values of {@link ApplicationConditionOperator} that the service accepts. */
+export enum KnownApplicationConditionOperator {
+  /** Checks that the string value of the data defined in Property contains the given value */
+  Contains = "Contains",
+  /** Checks that the string value of the data defined in Property equals the given value */
+  Equals = "Equals",
+  /** Checks that the string value of the data defined in Property equals any of the given values (exact fit) */
+  In = "In"
+}
+
+/**
+ * Defines values for ApplicationConditionOperator. \
+ * {@link KnownApplicationConditionOperator} can be used interchangeably with ApplicationConditionOperator,
+ *  this enum contains the known values that the service supports.
+ * ### Known values supported by the service
+ * **Contains**: Checks that the string value of the data defined in Property contains the given value \
+ * **Equals**: Checks that the string value of the data defined in Property equals the given value \
+ * **In**: Checks that the string value of the data defined in Property equals any of the given values (exact fit)
+ */
+export type ApplicationConditionOperator = string;
+
 /** Known values of {@link OrganizationMembershipType} that the service accepts. */
 export enum KnownOrganizationMembershipType {
   /** Member */
@@ -6969,45 +7249,6 @@ export enum KnownScanningMode {
  * **Default**
  */
 export type ScanningMode = string;
-
-/** Known values of {@link GovernanceRuleConditionOperator} that the service accepts. */
-export enum KnownGovernanceRuleConditionOperator {
-  /** Checks that the string value of the data defined in Property equals the given value - exact fit */
-  Equals = "Equals",
-  /** Checks that the string value of the data defined in Property equals any of the given values (exact fit) */
-  In = "In"
-}
-
-/**
- * Defines values for GovernanceRuleConditionOperator. \
- * {@link KnownGovernanceRuleConditionOperator} can be used interchangeably with GovernanceRuleConditionOperator,
- *  this enum contains the known values that the service supports.
- * ### Known values supported by the service
- * **Equals**: Checks that the string value of the data defined in Property equals the given value - exact fit \
- * **In**: Checks that the string value of the data defined in Property equals any of the given values (exact fit)
- */
-export type GovernanceRuleConditionOperator = string;
-
-/** Known values of {@link ApplicationConditionOperator} that the service accepts. */
-export enum KnownApplicationConditionOperator {
-  /** Checks that the string value of the data defined in Property contains the given value */
-  Contains = "Contains",
-  /** Checks that the string value of the data defined in Property equals the given value */
-  Equals = "Equals",
-  /** Checks that the string value of the data defined in Property equals any of the given values (exact fit) */
-  In = "In"
-}
-
-/**
- * Defines values for ApplicationConditionOperator. \
- * {@link KnownApplicationConditionOperator} can be used interchangeably with ApplicationConditionOperator,
- *  this enum contains the known values that the service supports.
- * ### Known values supported by the service
- * **Contains**: Checks that the string value of the data defined in Property contains the given value \
- * **Equals**: Checks that the string value of the data defined in Property equals the given value \
- * **In**: Checks that the string value of the data defined in Property equals any of the given values (exact fit)
- */
-export type ApplicationConditionOperator = string;
 /** Defines values for Rank. */
 export type Rank = "None" | "Low" | "Medium" | "High" | "Critical";
 /** Defines values for RuleState. */
@@ -8550,59 +8791,6 @@ export interface SoftwareInventoriesListBySubscriptionNextOptionalParams
 /** Contains response data for the listBySubscriptionNext operation. */
 export type SoftwareInventoriesListBySubscriptionNextResponse = SoftwaresList;
 
-/** Optional parameters. */
-export interface SecurityConnectorsListOptionalParams
-  extends coreClient.OperationOptions {}
-
-/** Contains response data for the list operation. */
-export type SecurityConnectorsListResponse = SecurityConnectorsList;
-
-/** Optional parameters. */
-export interface SecurityConnectorsListByResourceGroupOptionalParams
-  extends coreClient.OperationOptions {}
-
-/** Contains response data for the listByResourceGroup operation. */
-export type SecurityConnectorsListByResourceGroupResponse = SecurityConnectorsList;
-
-/** Optional parameters. */
-export interface SecurityConnectorsGetOptionalParams
-  extends coreClient.OperationOptions {}
-
-/** Contains response data for the get operation. */
-export type SecurityConnectorsGetResponse = SecurityConnector;
-
-/** Optional parameters. */
-export interface SecurityConnectorsCreateOrUpdateOptionalParams
-  extends coreClient.OperationOptions {}
-
-/** Contains response data for the createOrUpdate operation. */
-export type SecurityConnectorsCreateOrUpdateResponse = SecurityConnector;
-
-/** Optional parameters. */
-export interface SecurityConnectorsUpdateOptionalParams
-  extends coreClient.OperationOptions {}
-
-/** Contains response data for the update operation. */
-export type SecurityConnectorsUpdateResponse = SecurityConnector;
-
-/** Optional parameters. */
-export interface SecurityConnectorsDeleteOptionalParams
-  extends coreClient.OperationOptions {}
-
-/** Optional parameters. */
-export interface SecurityConnectorsListNextOptionalParams
-  extends coreClient.OperationOptions {}
-
-/** Contains response data for the listNext operation. */
-export type SecurityConnectorsListNextResponse = SecurityConnectorsList;
-
-/** Optional parameters. */
-export interface SecurityConnectorsListByResourceGroupNextOptionalParams
-  extends coreClient.OperationOptions {}
-
-/** Contains response data for the listByResourceGroupNext operation. */
-export type SecurityConnectorsListByResourceGroupNextResponse = SecurityConnectorsList;
-
 /** Optional parameters. */
 export interface GovernanceRulesListOptionalParams
   extends coreClient.OperationOptions {}
@@ -8876,6 +9064,84 @@ export interface SqlVulnerabilityAssessmentBaselineRulesAddOptionalParams
 /** Contains response data for the add operation. */
 export type SqlVulnerabilityAssessmentBaselineRulesAddResponse = RulesResults;
 
+/** Optional parameters. */
+export interface SecurityConnectorsListOptionalParams
+  extends coreClient.OperationOptions {}
+
+/** Contains response data for the list operation. */
+export type SecurityConnectorsListResponse = SecurityConnectorsList;
+
+/** Optional parameters. */
+export interface SecurityConnectorsListByResourceGroupOptionalParams
+  extends coreClient.OperationOptions {}
+
+/** Contains response data for the listByResourceGroup operation. */
+export type SecurityConnectorsListByResourceGroupResponse = SecurityConnectorsList;
+
+/** Optional parameters. */
+export interface SecurityConnectorsGetOptionalParams
+  extends coreClient.OperationOptions {}
+
+/** Contains response data for the get operation. */
+export type SecurityConnectorsGetResponse = SecurityConnector;
+
+/** Optional parameters. */
+export interface SecurityConnectorsCreateOrUpdateOptionalParams
+  extends coreClient.OperationOptions {}
+
+/** Contains response data for the createOrUpdate operation. */
+export type SecurityConnectorsCreateOrUpdateResponse = SecurityConnector;
+
+/** Optional parameters. */
+export interface SecurityConnectorsUpdateOptionalParams
+  extends coreClient.OperationOptions {}
+
+/** Contains response data for the update operation. */
+export type SecurityConnectorsUpdateResponse = SecurityConnector;
+
+/** Optional parameters. */
+export interface SecurityConnectorsDeleteOptionalParams
+  extends coreClient.OperationOptions {}
+
+/** Optional parameters. */
+export interface SecurityConnectorsListNextOptionalParams
+  extends coreClient.OperationOptions {}
+
+/** Contains response data for the listNext operation. */
+export type SecurityConnectorsListNextResponse = SecurityConnectorsList;
+
+/** Optional parameters. */
+export interface SecurityConnectorsListByResourceGroupNextOptionalParams
+  extends coreClient.OperationOptions {}
+
+/** Contains response data for the listByResourceGroupNext operation. */
+export type SecurityConnectorsListByResourceGroupNextResponse = SecurityConnectorsList;
+
+/** Optional parameters. */
+export interface SecurityOperatorsListOptionalParams
+  extends coreClient.OperationOptions {}
+
+/** Contains response data for the list operation. */
+export type SecurityOperatorsListResponse = SecurityOperatorList;
+
+/** Optional parameters. */
+export interface SecurityOperatorsGetOptionalParams
+  extends coreClient.OperationOptions {}
+
+/** Contains response data for the get operation. */
+export type SecurityOperatorsGetResponse = SecurityOperator;
+
+/** Optional parameters. */
+export interface SecurityOperatorsCreateOrUpdateOptionalParams
+  extends coreClient.OperationOptions {}
+
+/** Contains response data for the createOrUpdate operation. */
+export type SecurityOperatorsCreateOrUpdateResponse = SecurityOperator;
+
+/** Optional parameters. */
+export interface SecurityOperatorsDeleteOptionalParams
+  extends coreClient.OperationOptions {}
+
 /** Optional parameters. */
 export interface SecurityCenterOptionalParams
   extends coreClient.ServiceClientOptions {