From 95e84762f45b99206005ffe8656b6e11ae8bdf8d Mon Sep 17 00:00:00 2001 From: Microsoft Graph DevX Tooling Date: Tue, 22 Jul 2025 10:11:46 +0000 Subject: [PATCH] Update generated files with build 193736 --- microsoft-graph.d.ts | 1955 +++++++++++++++++++++++++++++++++++++++--- 1 file changed, 1854 insertions(+), 101 deletions(-) diff --git a/microsoft-graph.d.ts b/microsoft-graph.d.ts index 91485ca..f5ac464 100644 --- a/microsoft-graph.d.ts +++ b/microsoft-graph.d.ts @@ -89,6 +89,7 @@ export type ActivityDomain = "unknown" | "work" | "personal" | "unrestricted"; export type ActivityType = "signin" | "user" | "unknownFutureValue" | "servicePrincipal"; export type AdvancedConfigState = "default" | "enabled" | "disabled" | "unknownFutureValue"; export type AgreementAcceptanceState = "accepted" | "declined" | "unknownFutureValue"; +export type AiInteractionType = "userPrompt" | "aiResponse" | "unknownFutureValue"; export type AlertFeedback = "unknown" | "truePositive" | "falsePositive" | "benignPositive" | "unknownFutureValue"; export type AlertSeverity = "unknown" | "informational" | "low" | "medium" | "high" | "unknownFutureValue"; export type AlertStatus = "unknown" | "newAlert" | "inProgress" | "resolved" | "dismissed" | "unknownFutureValue"; @@ -216,6 +217,8 @@ export type AttributeFlowBehavior = "FlowWhenChanged" | "FlowAlways"; export type AttributeFlowType = "Always" | "ObjectAddOnly" | "MultiValueAddOnly" | "ValueAddOnly" | "AttributeAddOnly"; export type AttributeMappingSourceType = "Attribute" | "Constant" | "Function"; export type AttributeType = "String" | "Integer" | "Reference" | "Binary" | "Boolean" | "DateTime"; +export type AuditLogRecordType = undefined; +export type AuditLogUserType = undefined; export type AuthenticationAttributeCollectionInputType = | "text" | "radioSingleSelect" @@ -403,6 +406,7 @@ export type CalendarSharingAction = "accept" | "acceptAndViewCalendar" | "viewCa export type CalendarSharingActionImportance = "primary" | "secondary"; export type CalendarSharingActionType = "accept"; export type CallDirection = "incoming" | "outgoing"; +export type CallEventType = "callStarted" | "callEnded" | "unknownFutureValue" | "rosterUpdated"; export type CallRecordingStatus = "success" | "failure" | "initial" | "chunkFinished" | "unknownFutureValue"; export type CallState = | "incoming" @@ -443,6 +447,7 @@ export type CategoryColor = | "preset22" | "preset23" | "preset24"; +export type CertificateAuthorityType = "root" | "intermediate" | "unknownFutureValue"; export type CertificateStatus = "notProvisioned" | "provisioned"; export type ChangeType = "created" | "updated" | "deleted"; export type ChannelMembershipType = "standard" | "private" | "unknownFutureValue" | "shared"; @@ -696,6 +701,7 @@ export type ContactRelationship = | "child" | "other" | "unknownFutureValue"; +export type ContentProcessingErrorType = "transient" | "permanent" | "unknownFutureValue"; export type CountryLookupMethodType = "clientIpAddress" | "authenticatorAppGps" | "unknownFutureValue"; export type CourseStatus = "notStarted" | "inProgress" | "completed" | "unknownFutureValue"; export type CrossTenantAccessPolicyTargetConfigurationAccessType = "allowed" | "blocked" | "unknownFutureValue"; @@ -915,6 +921,19 @@ export type DirectoryDefinitionDiscoverabilities = | "UnknownFutureValue"; export type DisableReason = "none" | "invalidBillingProfile" | "userRequested" | "unknownFutureValue"; export type DiskType = "unknown" | "hdd" | "ssd" | "unknownFutureValue"; +export type DlpAction = + | "notifyUser" + | "blockAccess" + | "deviceRestriction" + | "browserRestriction" + | "unknownFutureValue" + | "restrictAccess" + | "generateAlert" + | "generateIncidentReportAction" + | "sPBlockAnonymousAccess" + | "sPRuntimeAccessControl" + | "sPSharingNotifyUser" + | "sPSharingGenerateIncidentReport"; export type DriveItemSourceApplication = | "teams" | "yammer" @@ -1012,6 +1031,7 @@ export type EntrySyncOperation = "None" | "Add" | "Delete" | "Update"; export type EscrowBehavior = "Default" | "IgnoreLookupReferenceResolutionFailure"; export type EventType = "singleInstance" | "occurrence" | "exception" | "seriesMaster"; export type ExchangeIdFormat = "entryId" | "ewsId" | "immutableEntryId" | "restId" | "restImmutableEntryId"; +export type ExecutionMode = "evaluateInline" | "evaluateOffline" | "unknownFutureValue"; export type ExpirationPatternType = "notSpecified" | "noExpiration" | "afterDateTime" | "afterDuration"; export type ExternalAudienceScope = "none" | "contactsOnly" | "all"; export type ExternalEmailOtpState = "default" | "enabled" | "disabled" | "unknownFutureValue"; @@ -1107,6 +1127,7 @@ export type IosUpdatesInstallStatus = | "available" | "idle" | "unknown"; +export type LabelActionSource = "manual" | "automatic" | "recommended" | "none" | "unknownFutureValue"; export type LayoutTemplateType = "default" | "verticalSplit" | "unknownFutureValue"; export type Level = "beginner" | "intermediate" | "advanced" | "unknownFutureValue"; export type LifecycleEventType = "missed" | "subscriptionRemoved" | "reauthorizationRequired"; @@ -1498,6 +1519,7 @@ export type PhoneType = export type PhysicalAddressType = "unknown" | "home" | "business" | "other"; export type PlannerContainerType = "group" | "unknownFutureValue" | "roster"; export type PlannerPreviewType = "automatic" | "noPreview" | "checklist" | "description" | "reference"; +export type PolicyPivotProperty = "none" | "activity" | "location" | "unknownFutureValue"; export type PolicyPlatformType = | "android" | "androidForWork" @@ -2460,6 +2482,7 @@ export type PromptLoginBehavior = | "unknownFutureValue"; export type ProtectionPolicyStatus = "inactive" | "activeWithErrors" | "updating" | "active" | "unknownFutureValue"; export type ProtectionRuleStatus = "draft" | "active" | "completed" | "completedWithErrors" | "unknownFutureValue"; +export type ProtectionScopeState = "notModified" | "modified" | "unknownFutureValue"; export type ProtectionUnitsBulkJobStatus = | "unknown" | "active" @@ -2689,6 +2712,7 @@ export type RestoreSessionStatus = | "completed" | "unknownFutureValue" | "failed"; +export type RestrictionAction = "warn" | "audit" | "block"; export type RiskDetail = | "none" | "adminGeneratedTemporaryPassword" @@ -3165,7 +3189,37 @@ export type UnifiedRoleScheduleRequestActions = | "selfExtend" | "selfRenew" | "unknownFutureValue"; +export type UsageRights = + | "unknown" + | "docEdit" + | "edit" + | "comment" + | "export" + | "forward" + | "owner" + | "print" + | "reply" + | "replyAll" + | "view" + | "extract" + | "viewRightsData" + | "editRightsData" + | "objModel" + | "accessDenied" + | "userDefinedProtectionTypeNotSupportedException" + | "encryptedProtectionTypeNotSupportedException" + | "purviewClaimsChallengeNotSupportedException" + | "exception" + | "unknownFutureValue"; export type UserAccountSecurityType = "unknown" | "standard" | "power" | "administrator" | "unknownFutureValue"; +export type UserActivityType = "uploadText" | "uploadFile" | "downloadText" | "downloadFile" | "unknownFutureValue"; +export type UserActivityTypes = + | "none" + | "uploadText" + | "uploadFile" + | "downloadText" + | "downloadFile" + | "unknownFutureValue"; export type UserDefaultAuthenticationMethod = | "push" | "oath" @@ -3215,6 +3269,7 @@ export type UserFlowType = | "resourceOwner" | "unknownFutureValue"; export type UserPurpose = "user" | "linked" | "shared" | "room" | "equipment" | "others" | "unknownFutureValue"; +export type UserScopeType = "user" | "group" | "tenant" | "unknownFutureValue"; export type UserSignInRecommendationScope = "tenant" | "application" | "unknownFutureValue"; export type UserType = "member" | "guest" | "unknownFutureValue"; export type VirtualAppointmentMessageType = "confirmation" | "reschedule" | "cancellation" | "unknownFutureValue"; @@ -3640,6 +3695,7 @@ export interface AccessPackageAssignmentRequest extends Entity { createdDateTime?: NullableOption; // Information about all the custom extension calls that were made during the access package assignment workflow. customExtensionCalloutInstances?: NullableOption; + // The requestor's supplied justification. justification?: NullableOption; /** * The type of the request. The possible values are: notSpecified, userAdd, UserExtend, userUpdate, userRemove, adminAdd, @@ -4206,6 +4262,10 @@ export interface AccessReviewStage extends Entity { */ decisions?: NullableOption; } +export interface ActivitiesContainer extends Entity { + // Collection of activity logs related to content processing. + contentActivities?: NullableOption; +} // tslint:disable-next-line: no-empty-interface export interface ActivityBasedTimeoutPolicy extends StsPolicy {} export interface ActivityHistoryItem extends Entity { @@ -4274,6 +4334,14 @@ export interface AdministrativeUnit extends DirectoryObject { * startsWith, and eq on null values), $search, and $orderby. */ displayName?: NullableOption; + /** + * true if members of this administrative unit should be treated as sensitive, which requires specific permissions to + * manage. If not set, the default value is null and the default behavior is false. Use this property to define + * administrative units with roles that don't inherit from tenant-level administrators, and where the management of + * individual member objects is limited to administrators scoped to a restricted management administrative unit. This + * property is immutable and can't be changed later. For more information on how to work with restricted management + * administrative units, see Restricted management administrative units in Microsoft Entra ID. + */ isMemberManagementRestricted?: NullableOption; /** * The dynamic membership rule for the administrative unit. For more information about the rules you can use for dynamic @@ -4422,6 +4490,48 @@ export interface AgreementFileProperties extends Entity { } // tslint:disable-next-line: no-empty-interface export interface AgreementFileVersion extends AgreementFileProperties {} +export interface AiInteraction extends Entity { + /** + * The data source for Copilot data. For example, IPM.SkypeTeams.Message.Copilot.Excel or + * IPM.SkypeTeams.Message.Copilot.Loop. + */ + appClass?: string; + // The collection of documents attached to the interaction, such as cards and images. + attachments?: NullableOption; + // The body of the message, including the text of the body and its body type. + body?: NullableOption; + // The identifer that maps to all contexts associated with an interaction. + contexts?: NullableOption; + // The type of the conversation. For example, appchat or bizchat. + conversationType?: NullableOption; + // The time when the interaction was created. + createdDateTime?: NullableOption; + // The timestamp of when the interaction was last modified. + etag?: NullableOption; + // The user, application, or device that is associated with this interaction. + from?: IdentitySet; + /** + * Indicates whether the interaction is a prompt or a Copilot response. Possible values are userPrompt, aiResponse, + * unknownFutureValue. + */ + interactionType?: AiInteractionType; + // The collection of links that appear in the interaction. + links?: NullableOption; + // The locale of the sender. + locale?: string; + // The collection of the entities that were mentioned in the interaction, including users, bots, and so on. + mentions?: NullableOption; + // The identifier that groups a user prompt with its Copilot response. + requestId?: string; + // The thread ID or conversation identifier that maps to all Copilot sessions for the user. + sessionId?: string; +} +// tslint:disable-next-line: no-empty-interface +export interface AiInteractionHistory extends Entity {} +export interface AiUser extends Entity { + // The history of interactions between AI agents and users. + interactionHistory?: NullableOption; +} export interface Alert extends Entity { // Name or alias of the activity group (attacker) this alert is attributed to. activityGroupName?: NullableOption; @@ -5009,10 +5119,9 @@ export interface Application extends DirectoryObject { groupMembershipClaims?: NullableOption; /** * Also known as App ID URI, this value is set when an application is used as a resource app. The identifierUris acts as - * the prefix for the scopes you reference in your API's code, and it must be globally unique. You can use the default - * value provided, which is in the form api://<appId>, or specify a more readable URI like - * https://contoso.com/api. For more information on valid identifierUris patterns and best practices, see Microsoft Entra - * application registration security best practices. Not nullable. Supports $filter (eq, ne, ge, le, startsWith). + * the prefix for the scopes you reference in your API's code, and it must be globally unique across Microsoft Entra ID. + * For more information on valid identifierUris patterns and best practices, see Microsoft Entra application registration + * security best practices. Not nullable. Supports $filter (eq, ne, ge, le, startsWith). */ identifierUris?: string[]; /** @@ -5248,15 +5357,9 @@ export interface ApprovalStage extends Entity { status?: NullableOption; } export interface AppScope extends Entity { - /** - * Provides the display name of the app-specific resource represented by the app scope. Provided for display purposes - * since appScopeId is often an immutable, non-human-readable id. Read-only. - */ + // Provides the display name of the app-specific resource represented by the app scope. Read only. displayName?: NullableOption; - /** - * Describes the type of app-specific resource represented by the app scope and is provided for display purposes, so a - * user interface can convey to the user the kind of app specific resource represented by the app scope. Read-only. - */ + // Describes the type of app-specific resource represented by the app scope. Read-only. type?: NullableOption; } // tslint:disable-next-line: no-empty-interface @@ -5331,9 +5434,17 @@ export interface AttendanceRecord extends Entity { attendanceIntervals?: NullableOption; // Email address of the user associated with this attendance record. emailAddress?: NullableOption; + // The external information for a virtualEventRegistration. externalRegistrationInformation?: NullableOption; - // Identity of the user associated with this attendance record. + /** + * The identity of the user associated with this attendance record. The specific type is one of the following derived + * types of identity, depending on the user type: communicationsUserIdentity, azureCommunicationServicesUserIdentity. + */ identity?: NullableOption; + /** + * Unique identifier of a virtualEventRegistration that is available to all participants registered for the + * virtualEventWebinar. + */ registrationId?: NullableOption; // Role of the attendee. Possible values are: None, Attendee, Presenter, and Organizer. role?: NullableOption; @@ -5493,8 +5604,7 @@ export interface AuthenticationMethodModeDetail extends Entity { * The authentication method that this mode modifies. The possible values are: password, voice, hardwareOath, * softwareOath, sms, fido2, windowsHelloForBusiness, microsoftAuthenticator, temporaryAccessPass, email, x509Certificate, * federation, unknownFutureValue, qrCodePin. Use the Prefer: include-unknown-enum-members request header to get the - * following values from this {evolvable - * enum}(/graph/best-practices-concept#handling-future-members-in-evolvable-enumerations): qrCodePin. + * following value from this evolvable enum: qrCodePin. */ authenticationMethod?: BaseAuthenticationMethod; // The display name of this mode @@ -6350,6 +6460,11 @@ export interface Call extends Entity { operations?: NullableOption; participants?: NullableOption; } +export interface CallEvent extends Entity { + callEventType?: CallEventType; + eventDateTime?: NullableOption; + participants?: NullableOption; +} export interface CallRecording extends Entity { // The unique identifier for the call that is related to this recording. Read-only. callId?: NullableOption; @@ -6408,10 +6523,51 @@ export interface CanvasLayout extends Entity { // Vertical section on the SharePoint page. verticalSection?: NullableOption; } +export interface CertificateAuthorityDetail extends DirectoryObject { + // The public key of the certificate authority. + certificate?: string; + /** + * The type of certificate authority. The possible values are: root, intermediate, unknownFutureValue. Supports $filter + * (eq). + */ + certificateAuthorityType?: NullableOption; + // The URL to check if the certificate is revoked. + certificateRevocationListUrl?: NullableOption; + // The date and time when the certificate authority was created. + createdDateTime?: NullableOption; + deltaCertificateRevocationListUrl?: NullableOption; + // The display name of the certificate authority. + displayName?: NullableOption; + // The date and time when the certificate authority expires. Supports $filter (eq) and $orderby. + expirationDateTime?: string; + /** + * Indicates whether the certificate picker presents the certificate authority to the user to use for authentication. + * Default value is false. Optional. + */ + isIssuerHintEnabled?: NullableOption; + // The issuer of the certificate authority. + issuer?: NullableOption; + // The subject key identifier of certificate authority. + issuerSubjectKeyIdentifier?: NullableOption; + // The thumbprint of certificate authority certificate. Supports $filter (eq, startswith). + thumbprint?: string; +} export interface CertificateBasedAuthConfiguration extends Entity { // Collection of certificate authorities which creates a trusted certificate chain. certificateAuthorities?: CertificateAuthority[]; } +export interface CertificateBasedAuthPki extends DirectoryObject { + // The name of the object. Maximum length is 256 characters. + displayName?: NullableOption; + // The date and time when the object was created or last modified. + lastModifiedDateTime?: string; + // The status of any asynchronous jobs runs on the object which can be upload or delete. + status?: NullableOption; + // The status details of the upload/deleted operation of PKI (Public Key Infrastructure). + statusDetails?: NullableOption; + // The collection of certificate authorities contained in this public key infrastructure resource. + certificateAuthorities?: NullableOption; +} export interface ChangeTrackedEntity extends Entity { // Identity of the creator of the entity. createdBy?: NullableOption; @@ -7386,6 +7542,14 @@ export interface ContactFolder extends Entity { // The collection of single-value extended properties defined for the contactFolder. Read-only. Nullable. singleValueExtendedProperties?: NullableOption; } +export interface ContentActivity extends Entity { + // Defines the input payload. It includes the relevant metadata about the activity, device, and integrated application. + contentMetadata?: ProcessContentRequest; + // The scope identified from computed protection scopes. + scopeIdentifier?: NullableOption; + // ID of the user. + userId?: NullableOption; +} // tslint:disable-next-line: no-empty-interface export interface ContentSharingSession extends Entity {} export interface ContentType extends Entity { @@ -7528,17 +7692,38 @@ export interface ConversationThread extends Entity { posts?: NullableOption; } export interface CopilotAdmin extends Entity { + // Set of Microsoft 365 Copilot settings that can be added or modified. Read-only. Nullable. settings?: NullableOption; } export interface CopilotAdminLimitedMode extends Entity { + /** + * The ID of a Microsoft Entra group, for which the value of isEnabledForGroup is applied. The default value is null. If + * isEnabledForGroup is set to true, the groupId value must be provided for the Copilot limited mode in Teams meetings to + * be enabled for the members of the group. Optional. + */ groupId?: NullableOption; + /** + * Enables the user to be in limited mode for Copilot in Teams meetings. When copilotAdminLimitedMode=true, users in this + * mode can ask any questions, but Copilot doesn't respond to certain questions related to inferring emotions, behavior, + * or judgments. When copilotAdminLimitedMode=false, it responds to all types of questions grounded to the meeting + * conversation. The default value is false. + */ isEnabledForGroup?: NullableOption; } export interface CopilotAdminSetting extends Entity { + /** + * Represents a setting that controls whether users of Microsoft 365 Copilot in Teams meetings can receive responses to + * sentiment-related prompts. Read-only. Nullable. + */ limitedMode?: NullableOption; } export interface CopilotRoot { + // The Microsoft 365 Copilot admin who can add or modify Copilot settings. Read-only. Nullable. admin?: NullableOption; + // The history of interactions between AI agents and users. + interactionHistory?: NullableOption; + // The list of AI users or agents. Read-only. Nullable. + users?: NullableOption; } export interface CountryNamedLocation extends NamedLocation { // List of countries and/or regions in two-letter format specified by ISO 3166-2. Required. @@ -7768,6 +7953,9 @@ export interface DataPolicyOperation extends Entity { // The id for the user on whom the operation is performed. userId?: string; } +export interface DataSecurityAndGovernance extends Entity { + sensitivityLabels?: NullableOption; +} export interface DayNote extends ChangeTrackedEntity { // The date of the day note. dayNoteDate?: NullableOption; @@ -8045,6 +8233,12 @@ export interface Device extends DirectoryObject { * Intune for any device OS type or by an approved MDM app for Windows OS devices. Supports $filter (eq, ne, not). */ isManaged?: NullableOption; + /** + * Indicates whether the device is a member of a restricted management administrative unit. If not set, the default value + * is null and the default behavior is false. Read-only. To manage a device that's a member of a restricted management + * administrative unit, the administrator or calling app must be assigned a Microsoft Entra role at the scope of the + * restricted management administrative unit. Returned only on $select. + */ isManagementRestricted?: NullableOption; // true if the device is rooted or jail-broken. This property can only be updated by Intune. isRooted?: NullableOption; @@ -8924,6 +9118,11 @@ export interface Directory extends Entity { federationConfigurations?: NullableOption; // A container for on-premises directory synchronization functionalities that are available for the organization. onPremisesSynchronization?: NullableOption; + /** + * The collection of public key infrastructure instances for the certificate-based authentication feature for users in a + * Microsoft Entra tenant. + */ + publicKeyInfrastructure?: NullableOption; // List of commercial subscriptions that an organization acquired. subscriptions?: NullableOption; } @@ -9311,7 +9510,9 @@ export interface DriveProtectionUnit extends ProtectionUnitBase { email?: NullableOption; } export interface DriveProtectionUnitsBulkAdditionJob extends ProtectionUnitsBulkJobBase { + // The list of OneDrive directoryObjectIds to add to the OneDrive protection policy. directoryObjectIds?: NullableOption; + // The list of email addresses to add to the OneDrive protection policy. drives?: NullableOption; } export interface DriveRestoreArtifact extends RestoreArtifactBase { @@ -9323,7 +9524,15 @@ export interface DriveRestoreArtifact extends RestoreArtifactBase { restoredSiteWebUrl?: NullableOption; } export interface DriveRestoreArtifactsBulkAdditionRequest extends RestoreArtifactsBulkRequestBase { + /** + * The list of directory object IDs that are added to the corresponding OneDrive for work or school restore session in a + * bulk operation. + */ directoryObjectIds?: NullableOption; + /** + * The list of email addresses that are added to the corresponding OneDrive for work or school restore session in a bulk + * operation. + */ drives?: NullableOption; } export interface EBookInstallSummary extends Entity { @@ -9905,6 +10114,11 @@ export interface EmailFileAssessmentRequest extends ThreatAssessmentRequest { // The mail recipient whose policies are used to assess the mail. recipientEmail?: string; } +export interface EmergencyCallEvent extends CallEvent { + callerInfo?: NullableOption; + emergencyNumberDialed?: NullableOption; + policyName?: NullableOption; +} export interface EmployeeExperience { // A collection of communities in Viva Engage. communities?: NullableOption; @@ -10119,6 +10333,11 @@ export interface Event extends OutlookItem { body?: NullableOption; // The preview of the message associated with the event. It's in text format. bodyPreview?: NullableOption; + /** + * Contains occurrenceId property values of canceled instances in a recurring series, if the event is the series master. + * Instances in a recurring series that are canceled are called canceled occurences.Returned only on $select in a Get + * operation which specifies the ID (seriesMasterId property value) of a series master event. + */ cancelledOccurrences?: string[]; // The date, time, and time zone that the event ends. By default, the end time is in UTC. end?: NullableOption; @@ -10249,12 +10468,18 @@ export interface Event extends OutlookItem { attachments?: NullableOption; // The calendar that contains the event. Navigation property. Read-only. calendar?: NullableOption; + /** + * Contains the id property values of the event instances that are exceptions in a recurring series.Exceptions can differ + * from other occurrences in a recurring series, such as the subject, start or end times, or attendees. Exceptions don't + * include canceled occurrences.Returned only on $select and $expand in a GET operation that specifies the ID + * (seriesMasterId property value) of a series master event. + */ exceptionOccurrences?: NullableOption; // The collection of open extensions defined for the event. Nullable. extensions?: NullableOption; /** * The occurrences of a recurring series, if the event is a series master. This property includes occurrences that are - * part of the recurrence pattern, and exceptions modified, but doesn't include occurrences cancelled from the series. + * part of the recurrence pattern, and exceptions modified, but doesn't include occurrences canceled from the series. * Navigation property. Read-only. Nullable. */ instances?: NullableOption; @@ -10321,6 +10546,7 @@ export interface ExchangeRestoreSession extends RestoreSessionBase { granularMailboxRestoreArtifacts?: NullableOption; // A collection of restore points and destination details that can be used to restore Exchange mailboxes. mailboxRestoreArtifacts?: NullableOption; + // A collection of user mailboxes and destination details that can be used to restore Exchange mailboxes. mailboxRestoreArtifactsBulkAdditionRequests?: NullableOption; } // tslint:disable-next-line: no-empty-interface @@ -10447,8 +10673,8 @@ export interface Fido2AuthenticationMethodConfiguration extends AuthenticationMe isSelfServiceRegistrationAllowed?: NullableOption; /** * Controls whether key restrictions are enforced on FIDO2 security keys, either allowing or disallowing certain key types - * as defined by Authenticator Attestation GUID (AAGUID), an identifier that indicates the type (e.g. make and model) of - * the authenticator. + * as defined by Authenticator Attestation GUID (AAGUID), an identifier that indicates the type (for example, make and + * model) of the authenticator. */ keyRestrictions?: NullableOption; // A collection of groups that are enabled to use the authentication method. @@ -10546,7 +10772,7 @@ export interface Group extends DirectoryObject { * permission and a supported administrator role. */ assignedLabels?: NullableOption; - // The licenses that are assigned to the group. Returned only on $select. Supports $filter (eq).Read-only. + // The licenses that are assigned to the group. Returned only on $select. Supports $filter (eq). Read-only. assignedLicenses?: NullableOption; /** * Indicates if new members added to the group are autosubscribed to receive email notifications. You can set this @@ -10624,6 +10850,12 @@ export interface Group extends DirectoryObject { * license. Returned by default. Supports $filter (eq, ne, not). */ isAssignableToRole?: NullableOption; + /** + * Indicates whether the group is a member of a restricted management administrative unit. If not set, the default value + * is null and the default behavior is false. Read-only. To manage a group member of a restricted management + * administrative unit, the administrator or calling app must be assigned a Microsoft Entra role at the scope of the + * restricted management administrative unit. Returned only on $select. + */ isManagementRestricted?: NullableOption; /** * Indicates whether the signed-in user is subscribed to receive email conversations. The default value is true. Returned @@ -11866,6 +12098,15 @@ export interface ItemRetentionLabel extends Entity { // The retention settings enforced on the item. Read-write. retentionSettings?: NullableOption; } +export interface LabelContentRight extends Entity { + // The content identifier. + cid?: NullableOption; + // The content format. + format?: NullableOption; + rights?: UsageRights; + // The sensitivity label applied to the content. + label?: SensitivityLabel; +} export interface LandingPage extends Entity { // Identity of the user who created the landing page. createdBy?: NullableOption; @@ -12338,7 +12579,9 @@ export interface MailboxProtectionUnit extends ProtectionUnitBase { email?: NullableOption; } export interface MailboxProtectionUnitsBulkAdditionJob extends ProtectionUnitsBulkJobBase { + // The list of Exchange directoryObjectIds to add to the Exchange protection policy. directoryObjectIds?: NullableOption; + // The list of Exchange email addresses to add to the Exchange protection policy. mailboxes?: NullableOption; } export interface MailboxRestoreArtifact extends RestoreArtifactBase { @@ -12348,7 +12591,9 @@ export interface MailboxRestoreArtifact extends RestoreArtifactBase { restoredFolderName?: NullableOption; } export interface MailboxRestoreArtifactsBulkAdditionRequest extends RestoreArtifactsBulkRequestBase { + // The list of directory object IDs that are added to the corresponding Exchange restore session in a bulk operation. directoryObjectIds?: NullableOption; + // The list of email addresses that are added to the corresponding Exchange restore session in a bulk operation. mailboxes?: NullableOption; } export interface MailFolder extends Entity { @@ -12966,6 +13211,7 @@ export interface ManagedMobileLobApp extends ManagedApp { // tslint:disable-next-line: no-empty-interface export interface MdmWindowsInformationProtectionPolicy extends WindowsInformationProtection {} export interface MeetingAttendanceReport extends Entity { + // The external information of a virtual event. Returned only for event organizers or coorganizers. Read-only. externalEventInformation?: NullableOption; // UTC time when the meeting ended. Read-only. meetingEndDateTime?: NullableOption; @@ -13557,16 +13803,13 @@ export interface OAuth2PermissionGrant extends Entity { scope?: NullableOption; } export interface OfferShiftRequest extends ScheduleChangeRequest { - /** - * The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, - * midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z - */ + // The date and time when the recipient approved or declined the request. recipientActionDateTime?: NullableOption; - // Custom message sent by recipient of the offer shift request. + // The message sent by the recipient regarding the request. recipientActionMessage?: NullableOption; - // User ID of the recipient of the offer shift request. + // The recipient's user ID. recipientUserId?: NullableOption; - // User ID of the sender of the offer shift request. + // The sender's shift ID. senderShiftId?: NullableOption; } export interface OfficeGraphInsights extends Entity { @@ -13620,8 +13863,9 @@ export interface OneDriveForBusinessProtectionPolicy extends ProtectionPolicyBas driveProtectionUnitsBulkAdditionJobs?: NullableOption; } export interface OneDriveForBusinessRestoreSession extends RestoreSessionBase { - // A collection of restore points and destination details that can be used to restore a OneDrive for Business drive. + // A collection of restore points and destination details that can be used to restore a OneDrive for work or school drive. driveRestoreArtifacts?: NullableOption; + // A collection of user mailboxes and destination details that can be used to restore a OneDrive for work or school drive. driveRestoreArtifactsBulkAdditionRequests?: NullableOption; } export interface Onenote extends Entity { @@ -15100,7 +15344,7 @@ export interface PrivilegedAccessGroupAssignmentSchedule extends PrivilegedAcces */ assignmentType?: NullableOption; /** - * The identifier of the group representing the scope of the membership or ownership assignment through PIM for groups. + * The identifier of the group representing the scope of the membership or ownership assignment through PIM for Groups. * Required. Supports $filter (eq). */ groupId?: NullableOption; @@ -15110,17 +15354,17 @@ export interface PrivilegedAccessGroupAssignmentSchedule extends PrivilegedAcces */ memberType?: NullableOption; /** - * The identifier of the principal whose membership or ownership assignment is granted through PIM for groups. Required. + * The identifier of the principal whose membership or ownership assignment is granted through PIM for Groups. Required. * Supports $filter (eq). */ principalId?: NullableOption; /** - * When the request activates an ownership or membership assignment in PIM for groups, this object represents the + * When the request activates an ownership or membership assignment in PIM for Groups, this object represents the * eligibility relationship. Otherwise, it's null. Supports $expand. */ activatedUsing?: NullableOption; /** - * References the group that is the scope of the membership or ownership assignment through PIM for groups. Supports + * References the group that is the scope of the membership or ownership assignment through PIM for Groups. Supports * $expand and $select nested in $expand for select properties like id, displayName, and mail. */ group?: NullableOption; @@ -15147,7 +15391,7 @@ export interface PrivilegedAccessGroupAssignmentScheduleInstance extends Privile */ assignmentType?: NullableOption; /** - * The identifier of the group representing the scope of the membership or ownership assignment through PIM for groups. + * The identifier of the group representing the scope of the membership or ownership assignment through PIM for Groups. * Optional. Supports $filter (eq). */ groupId?: NullableOption; @@ -15158,16 +15402,16 @@ export interface PrivilegedAccessGroupAssignmentScheduleInstance extends Privile memberType?: NullableOption; /** * The identifier of the principal whose membership or ownership assignment to the group is managed through PIM for - * groups. Required. Supports $filter (eq). + * Groups. Required. Supports $filter (eq). */ principalId?: NullableOption; /** - * When the request activates a membership or ownership in PIM for groups, this object represents the eligibility request + * When the request activates a membership or ownership in PIM for Groups, this object represents the eligibility request * for the group. Otherwise, it is null. */ activatedUsing?: NullableOption; /** - * References the group that is the scope of the membership or ownership assignment through PIM for groups. Supports + * References the group that is the scope of the membership or ownership assignment through PIM for Groups. Supports * $expand. */ group?: NullableOption; @@ -15184,13 +15428,13 @@ export interface PrivilegedAccessGroupAssignmentScheduleRequest extends Privileg */ accessId?: NullableOption; /** - * The identifier of the group representing the scope of the membership or ownership assignment through PIM for groups. + * The identifier of the group representing the scope of the membership or ownership assignment through PIM for Groups. * Required. */ groupId?: NullableOption; /** * The identifier of the principal whose membership or ownership assignment to the group is managed through PIM for - * groups. Supports $filter (eq, ne). + * Groups. Supports $filter (eq, ne). */ principalId?: NullableOption; /** @@ -15199,12 +15443,12 @@ export interface PrivilegedAccessGroupAssignmentScheduleRequest extends Privileg */ targetScheduleId?: NullableOption; /** - * When the request activates a membership or ownership assignment in PIM for groups, this object represents the + * When the request activates a membership or ownership assignment in PIM for Groups, this object represents the * eligibility policy for the group. Otherwise, it is null. Supports $expand. */ activatedUsing?: NullableOption; /** - * References the group that is the scope of the membership or ownership assignment request through PIM for groups. + * References the group that is the scope of the membership or ownership assignment request through PIM for Groups. * Supports $expand and $select nested in $expand for select properties like id, displayName, and mail. */ group?: NullableOption; @@ -15223,7 +15467,7 @@ export interface PrivilegedAccessGroupEligibilitySchedule extends PrivilegedAcce */ accessId?: NullableOption; /** - * The identifier of the group representing the scope of the membership or ownership eligibility through PIM for groups. + * The identifier of the group representing the scope of the membership or ownership eligibility through PIM for Groups. * Required. Supports $filter (eq). */ groupId?: NullableOption; @@ -15233,12 +15477,12 @@ export interface PrivilegedAccessGroupEligibilitySchedule extends PrivilegedAcce */ memberType?: NullableOption; /** - * The identifier of the principal whose membership or ownership eligibility is granted through PIM for groups. Required. + * The identifier of the principal whose membership or ownership eligibility is granted through PIM for Groups. Required. * Supports $filter (eq). */ principalId?: NullableOption; /** - * References the group that is the scope of the membership or ownership eligibility through PIM for groups. Supports + * References the group that is the scope of the membership or ownership eligibility through PIM for Groups. Supports * $expand. */ group?: NullableOption; @@ -15260,7 +15504,7 @@ export interface PrivilegedAccessGroupEligibilityScheduleInstance extends Privil */ eligibilityScheduleId?: NullableOption; /** - * The identifier of the group representing the scope of the membership or ownership eligibility through PIM for groups. + * The identifier of the group representing the scope of the membership or ownership eligibility through PIM for Groups. * Required. Supports $filter (eq). */ groupId?: NullableOption; @@ -15272,11 +15516,11 @@ export interface PrivilegedAccessGroupEligibilityScheduleInstance extends Privil memberType?: NullableOption; /** * The identifier of the principal whose membership or ownership eligibility to the group is managed through PIM for - * groups. Required. Supports $filter (eq). + * Groups. Required. Supports $filter (eq). */ principalId?: NullableOption; /** - * References the group that is the scope of the membership or ownership eligibility through PIM for groups. Supports + * References the group that is the scope of the membership or ownership eligibility through PIM for Groups. Supports * $expand. */ group?: NullableOption; @@ -15293,19 +15537,19 @@ export interface PrivilegedAccessGroupEligibilityScheduleRequest extends Privile */ accessId?: NullableOption; /** - * The identifier of the group representing the scope of the membership and ownership eligibility through PIM for groups. + * The identifier of the group representing the scope of the membership and ownership eligibility through PIM for Groups. * Required. */ groupId?: NullableOption; /** * The identifier of the principal whose membership or ownership eligibility to the group is managed through PIM for - * groups. Required. + * Groups. Required. */ principalId?: NullableOption; // The identifier of the schedule that's created from the eligibility request. Optional. targetScheduleId?: NullableOption; /** - * References the group that is the scope of the membership or ownership eligibility request through PIM for groups. + * References the group that is the scope of the membership or ownership eligibility request through PIM for Groups. * Supports $expand and $select nested in $expand for select properties like id, displayName, and mail. */ group?: NullableOption; @@ -15428,7 +15672,6 @@ export interface ProtectionRuleBase extends Entity { createdDateTime?: NullableOption; // Contains error details if an operation on a rule fails. error?: NullableOption; - // true indicates that the protection rule is dynamic; false that it's static. Currently, only static rules are supported. isAutoApplyEnabled?: NullableOption; // The identity of the person who last modified the rule. lastModifiedBy?: NullableOption; @@ -15460,12 +15703,22 @@ export interface ProtectionUnitBase extends Entity { status?: NullableOption; } export interface ProtectionUnitsBulkJobBase extends Entity { + // The identity of person who created the job. createdBy?: NullableOption; + // The time of creation of the job. createdDateTime?: NullableOption; + // The name of the protection units bulk addition job. displayName?: NullableOption; + // Error details containing resource resolution failures, if any. error?: NullableOption; + // The identity of the person who last modified the job. lastModifiedBy?: NullableOption; + // Timestamp of the last modification made to the job. lastModifiedDateTime?: NullableOption; + /** + * The status of the job. The possible values are: unknown, active, completed, completedWithErrors, and + * unknownFutureValue. + */ status?: ProtectionUnitsBulkJobStatus; } export interface ProvisioningObjectSummary extends Entity { @@ -15509,6 +15762,10 @@ export interface ProvisioningObjectSummary extends Entity { // Unique Microsoft Entra tenant ID. Supports $filter (eq, contains). tenantId?: NullableOption; } +export interface PublicKeyInfrastructureRoot extends Entity { + // The collection of public key infrastructure instances for the certificate-based authentication feature for users. + certificateBasedAuthConfigurations?: NullableOption; +} export interface RbacApplication extends Entity { resourceNamespaces?: NullableOption; // Resource to grant access to users or groups. @@ -15697,17 +15954,32 @@ export interface RestoreArtifactBase extends Entity { restorePoint?: NullableOption; } export interface RestoreArtifactsBulkRequestBase extends Entity { + // The identity of the person who created the bulk request. createdBy?: NullableOption; + // The time when the bulk request was created. createdDateTime?: NullableOption; + // Indicates the restoration destination. The possible values are: new, inPlace, unknownFutureValue. destinationType?: NullableOption; + // Name of the addition request. displayName?: NullableOption; + // Error details are populated for resource resolution failures. error?: NullableOption; + // Identity of the person who last modified this entity. lastModifiedBy?: NullableOption; + // Timestamp when this entity was last modified. lastModifiedDateTime?: NullableOption; + // The start and end date and time of the protection period. protectionTimePeriod?: NullableOption; + // Indicates which protection units to restore. This property isn't implemented yet. Future value; don't use. protectionUnitIds?: NullableOption; + // Indicates which restore point to return. The possible values are: oldest, latest, unknownFutureValue. restorePointPreference?: NullableOption; + /** + * Determines the status of the long-running operation. The possible values area: unknown, active, completed, + * completedWithErrors, unknownFutureValue. + */ status?: RestoreArtifactsBulkRequestStatus; + // The type of the restore point. The possible values are: none, fastRestore, unknownFutureValue. tags?: NullableOption; } export interface RestorePoint extends Entity { @@ -16070,13 +16342,29 @@ export interface Schedule extends Entity { timesOff?: NullableOption; } export interface ScheduleChangeRequest extends ChangeTrackedEntity { + // Indicates who the request is assigned to. Possible values are: sender, recipient, manager, system, unknownFutureValue. assignedTo?: NullableOption; + /** + * The date and time when the manager approved or declined the scheduleChangeRequest. The timestamp type represents date + * and time information using ISO 8601 format and is always in UTC. For example, midnight UTC on Jan 1, 2014 is + * 2014-01-01T00:00:00Z. + */ managerActionDateTime?: NullableOption; + // The message sent by the manager regarding the scheduleChangeRequest. Optional. managerActionMessage?: NullableOption; + // The user ID of the manager who approved or declined the scheduleChangeRequest. managerUserId?: NullableOption; + /** + * The date and time when the sender sent the scheduleChangeRequest. The timestamp type represents date and time + * information using ISO 8601 format and is always in UTC. For example, midnight UTC on Jan 1, 2014 is + * 2014-01-01T00:00:00Z. + */ senderDateTime?: NullableOption; + // The message sent by the sender of the scheduleChangeRequest. Optional. senderMessage?: NullableOption; + // The user ID of the sender of the scheduleChangeRequest. senderUserId?: NullableOption; + // The state of the scheduleChangeRequest. Possible values are: pending, approved, declined, unknownFutureValue. state?: NullableOption; } export interface SchedulingGroup extends ChangeTrackedEntity { @@ -16188,7 +16476,7 @@ export interface SecureScoreControlProfile extends Entity { actionUrl?: NullableOption; // GUID string for tenant ID. azureTenantId?: string; - // The collection of compliance information associated with secure score control + // The collection of compliance information associated with secure score control. Not implemented. Currently returns null. complianceInformation?: NullableOption; // Control action category (Identity, Data, Device, Apps, Infrastructure). controlCategory?: NullableOption; @@ -16232,7 +16520,9 @@ export interface Security extends Entity { // A collection of alerts in Microsoft 365 Defender. alerts_v2?: NullableOption; attackSimulation?: NullableOption; + auditLog?: NullableOption; cases?: NullableOption; + dataSecurityAndGovernance?: NullableOption; // A container for security identities APIs. identities?: NullableOption; /** @@ -16257,6 +16547,21 @@ export interface SendDtmfTonesOperation extends CommsOperation { */ completionReason?: NullableOption; } +export interface SensitivityLabel extends Entity { + actionSource?: NullableOption; + autoTooltip?: NullableOption; + description?: NullableOption; + displayName?: NullableOption; + isDefault?: NullableOption; + isEndpointProtectionEnabled?: NullableOption; + isScopedToUser?: NullableOption; + locale?: NullableOption; + name?: NullableOption; + priority?: NullableOption; + toolTip?: NullableOption; + rights?: NullableOption; + sublabels?: NullableOption; +} export interface ServiceAnnouncement extends Entity { /** * A collection of service health information for tenant. This property is a contained navigation property, it is nullable @@ -16809,6 +17114,7 @@ export interface SharePointProtectionPolicy extends ProtectionPolicyBase { export interface SharePointRestoreSession extends RestoreSessionBase { // A collection of restore points and destination details that can be used to restore SharePoint sites. siteRestoreArtifacts?: NullableOption; + // A collection of SharePoint site URLs and destination details that can be used to restore SharePoint sites. siteRestoreArtifactsBulkAdditionRequests?: NullableOption; } export interface SharepointSettings extends Entity { @@ -17194,7 +17500,9 @@ export interface SiteProtectionUnit extends ProtectionUnitBase { siteWebUrl?: NullableOption; } export interface SiteProtectionUnitsBulkAdditionJob extends ProtectionUnitsBulkJobBase { + // The list of SharePoint site IDs to add to the SharePoint protection policy. siteIds?: NullableOption; + // The list of SharePoint site URLs to add to the SharePoint protection policy. siteWebUrls?: NullableOption; } export interface SiteRestoreArtifact extends RestoreArtifactBase { @@ -17209,7 +17517,9 @@ export interface SiteRestoreArtifact extends RestoreArtifactBase { restoredSiteWebUrl?: NullableOption; } export interface SiteRestoreArtifactsBulkAdditionRequest extends RestoreArtifactsBulkRequestBase { + // The list of SharePoint site IDs that are added to the corresponding SharePoint restore session in a bulk operation. siteIds?: NullableOption; + // The list of SharePoint site URLs that are added to the corresponding SharePoint restore session in a bulk operation. siteWebUrls?: NullableOption; } export interface SkypeForBusinessUserConversationMember extends ConversationMember { @@ -17494,7 +17804,8 @@ export interface Subscription extends Entity { encryptionCertificateId?: NullableOption; /** * Required. Specifies the date and time when the webhook subscription expires. The time is in UTC, and can be an amount - * of time from subscription creation that varies for the resource subscribed to. For the maximum supported subscription + * of time from subscription creation that varies for the resource subscribed to. Any value under 45 minutes after the + * time of the request is automatically set to 45 minutes after the request time. For the maximum supported subscription * length of time, see Subscription lifetime. */ expirationDateTime?: string; @@ -17544,7 +17855,7 @@ export interface Subscription extends Entity { resource?: string; } export interface SwapShiftsChangeRequest extends OfferShiftRequest { - // ShiftId for the recipient user with whom the request is to swap. + // The recipient's Shift ID recipientShiftId?: NullableOption; } export interface Synchronization extends Entity { @@ -17931,6 +18242,12 @@ export interface TenantAppManagementPolicy extends PolicyBase { // Restrictions that apply as default to all service principal objects in the tenant. servicePrincipalRestrictions?: NullableOption; } +export interface TenantDataSecurityAndGovernance extends DataSecurityAndGovernance { + // Container for actions related to computing tenant-wide data protection scopes. + protectionScopes?: TenantProtectionScopeContainer; +} +// tslint:disable-next-line: no-empty-interface +export interface TenantProtectionScopeContainer extends Entity {} export interface TenantRelationship { // The customer who has a delegated admin relationship with a Microsoft partner. delegatedAdminCustomers?: NullableOption; @@ -18101,15 +18418,9 @@ export interface TimeOffReason extends ChangeTrackedEntity { isActive?: NullableOption; } export interface TimeOffRequest extends ScheduleChangeRequest { - /** - * The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, - * midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z - */ + // The date and time the time off ends in ISO 8601 format and in UTC time. endDateTime?: NullableOption; - /** - * The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, - * midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z - */ + // The date and time the time off starts in ISO 8601 format and in UTC time. startDateTime?: NullableOption; // The reason for the time off. timeOffReasonId?: NullableOption; @@ -18611,7 +18922,7 @@ export interface UnifiedRoleManagementPolicyAssignment extends Entity { policyId?: string; /** * For Microsoft Entra roles policy, it's the identifier of the role definition object where the policy applies. For PIM - * for groups membership and ownership, it's either member or owner. Supports $filter (eq). + * for Groups membership and ownership, it's either member or owner. Supports $filter (eq). */ roleDefinitionId?: NullableOption; // The identifier of the scope where the policy is assigned. Can be / for the tenant or a group ID. Required. @@ -18758,6 +19069,14 @@ export interface UrlAssessmentRequest extends ThreatAssessmentRequest { // The URL string. url?: string; } +export interface UsageRightsIncluded extends Entity { + // The email of owner label rights. + ownerEmail?: NullableOption; + // The email of user with label user rights. + userEmail?: NullableOption; + // A reference to the associated usage rights. This value defines the specific rights for the content. + value?: UsageRights; +} export interface UsedInsight extends Entity { // Information about when the item was last viewed or modified by the user. Read only. lastUsed?: NullableOption; @@ -18939,6 +19258,12 @@ export interface User extends DirectoryObject { imAddresses?: NullableOption; // A list for the user to describe their interests. Returned only on $select. interests?: NullableOption; + /** + * true if the user is a member of a restricted management administrative unit. If not set, the default value is null and + * the default behavior is false. Read-only. To manage a user who is a member of a restricted management administrative + * unit, the administrator or calling app must be assigned a Microsoft Entra role at the scope of the restricted + * management administrative unit. Returned only on $select. + */ isManagementRestricted?: NullableOption; // Don't use – reserved for future use. isResourceAccount?: NullableOption; @@ -19215,6 +19540,8 @@ export interface User extends DirectoryObject { contacts?: NullableOption; // Directory objects that the user created. Read-only. Nullable. createdObjects?: NullableOption; + // The data security and governance settings for the user. Read-only. Nullable. + dataSecurityAndGovernance?: NullableOption; // The list of troubleshooting events for this user. deviceManagementTroubleshootingEvents?: NullableOption; /** @@ -19356,6 +19683,11 @@ export interface UserConsentRequest extends Request { // Approval decisions associated with a request. approval?: NullableOption; } +export interface UserDataSecurityAndGovernance extends DataSecurityAndGovernance { + // Container for activity logs (content processing and audit) related to this user. ContainsTarget: true. + activities?: NullableOption; + protectionScopes?: NullableOption; +} export interface UserExperienceAnalyticsAppHealthApplicationPerformance extends Entity { /** * The health score of the application. Valid values 0 to 100. Supports: $filter, $select, $OrderBy. Read-only. Valid @@ -20177,6 +20509,8 @@ export interface UserInstallStateSummary extends Entity { // The install state of the eBook. deviceStates?: NullableOption; } +// tslint:disable-next-line: no-empty-interface +export interface UserProtectionScopeContainer extends Entity {} export interface UserRegistrationDetails extends Entity { /** * Indicates whether the user has an admin role in the tenant. This value can be used to check the authentication methods @@ -20451,6 +20785,11 @@ export interface VirtualEventSession extends OnlineMeetingBase { endDateTime?: NullableOption; // The virtual event session start time. startDateTime?: NullableOption; + /** + * The URL of the video on demand (VOD) for Microsoft Teams events that allows webinar and town hall organizers to quickly + * publish and share event recordings. + */ + videoOnDemandWebUrl?: NullableOption; } export interface VirtualEventsRoot extends Entity { events?: NullableOption; @@ -20496,11 +20835,11 @@ export interface VoiceAuthenticationMethodConfiguration extends AuthenticationMe includeTargets?: NullableOption; } export interface VppToken extends Entity { - // The apple Id associated with the given Apple Volume Purchase Program Token. + // The Apple ID associated with the given Apple Volume Purchase Program Token. appleId?: NullableOption; // Whether or not apps for the VPP token will be automatically updated. automaticallyUpdateApps?: boolean; - // Whether or not apps for the VPP token will be automatically updated. + // The country or region associated with the Apple Volume Purchase Program Token. countryOrRegion?: NullableOption; // The expiration date time of the Apple Volume Purchase Program Token. expirationDateTime?: string; @@ -20513,14 +20852,14 @@ export interface VppToken extends Entity { lastSyncDateTime?: string; /** * Current sync status of the last application sync which was triggered using the Apple Volume Purchase Program Token. - * Possible values are: none, inProgress, completed, failed. Possible values are: none, inProgress, completed, failed. + * Possible values are: none, inProgress, completed, failed. */ lastSyncStatus?: VppTokenSyncStatus; // The organization associated with the Apple Volume Purchase Program Token organizationName?: NullableOption; /** * Current state of the Apple Volume Purchase Program Token. Possible values are: unknown, valid, expired, invalid, - * assignedToExternalMDM. Possible values are: unknown, valid, expired, invalid, assignedToExternalMDM. + * assignedToExternalMDM. */ state?: VppTokenState; // The Apple Volume Purchase Program Token string downloaded from the Apple Volume Purchase Program. @@ -23049,6 +23388,7 @@ export interface AccessPackageAssignmentApprovalSettings { isApprovalRequiredForAdd?: NullableOption; // If false, then approval isn't required for updates to requests in this policy. isApprovalRequiredForUpdate?: NullableOption; + // If false, then requestor justification isn't required for updates to requests in this policy. isRequestorJustificationRequired?: NullableOption; /** * If approval is required, the one, two or three elements of this collection define each of the stages of approval. An @@ -23098,6 +23438,7 @@ export interface AccessPackageAssignmentRequestRequirements { isApprovalRequiredForAdd?: NullableOption; // Indicates whether a request to update must be approved by an approver. isApprovalRequiredForUpdate?: NullableOption; + // Indicates whether requestors must justify requesting access to an access package. isRequestorJustificationRequired?: NullableOption; // The description of the policy that the user is trying to request access using. policyDescription?: NullableOption; @@ -23154,6 +23495,7 @@ export interface AccessPackageLocalizedText { text?: NullableOption; } export interface AccessPackageNotificationSettings { + // Indicates if notification emails for an access package are disabled within an access package assignment policy. isAssignmentNotificationDisabled?: boolean; } export interface AccessPackageResourceAttribute { @@ -23398,6 +23740,13 @@ export interface ActionResultPart { // The error that occurred, if any, during the bulk operation. error?: NullableOption; } +export interface ActivityMetadata { + /** + * The type of user activity. Possible values are uploadText, uploadFile, downloadText, downloadFile, unknownFutureValue. + * Required. + */ + activity?: UserActivityType; +} export interface AddIn { // The unique identifier for the addIn object. id?: NullableOption; @@ -23428,6 +23777,55 @@ export interface AgreementFileData { // Data that represents the terms of use PDF document. Read-only. data?: NullableOption; } +export interface AiInteractionAttachment extends Entity { + // The identifier for the attachment. This identifier is only unique within the message scope. + attachmentId?: NullableOption; + // The content of the attachment. + content?: NullableOption; + // The type of the content. For example, reference, file, and image/imageType. + contentType?: NullableOption; + // The URL of the content. + contentUrl?: NullableOption; + // The name of the attachment. + name?: NullableOption; +} +export interface AiInteractionContext extends Entity { + // The full file URL where the interaction happened. + contextReference?: NullableOption; + // The type of the file. + contextType?: NullableOption; + // The name of the file. + displayName?: NullableOption; +} +export interface AiInteractionLink extends Entity { + // The name of the link. + displayName?: NullableOption; + // Information about a link in an app chat or Business Chat (BizChat) interaction. + linkType?: NullableOption; + // The URL of the link. + linkUrl?: NullableOption; +} +export interface AiInteractionMention extends Entity { + // The entity mentioned in the message. + mentioned?: NullableOption; + // The identifier for the mention. + mentionId?: NullableOption; + // The text mentioned in the message. + mentionText?: NullableOption; +} +export interface AiInteractionMentionedIdentitySet extends IdentitySet { + conversation?: NullableOption; + // The tag details. + tag?: NullableOption; +} +export interface AiInteractionPlugin { + // The unique identifier of the plugin. + identifier?: NullableOption; + // The display name of the plugin. + name?: NullableOption; + // The version of the plugin used. + version?: NullableOption; +} export interface AirPrintSettings { /** * Describes whether Universal Print hides printers from macOS when they don't support all capabilities required by the @@ -24019,7 +24417,8 @@ export interface AttributeMapping { * Defines when this attribute should be updated in the target directory. Possible values are: Always (default) * ObjectAddOnly - only when new object is created MultiValueAddOnly - only when the change is adding new values to a * multi-valued attribute ValueAddOnly - If there is a current value, only flows 'Add' operations; will not flow 'Remove' - * operations AttributeAddOnly - Only propagates changes if no current value exists at all + * operations AttributeAddOnly - Only propagates changes if no current value exists at all Note: AD2AAD provisioning jobs + * don't respect the flowType property value. */ flowType?: AttributeFlowType; /** @@ -24123,13 +24522,13 @@ export interface AudioConferencing { } export interface AuditActivityInitiator { /** - * If the resource initiating the activity is an app, this property indicates all the app related information like appId, - * Name, servicePrincipalId, Name. + * If the resource initiating the activity is an app, this property indicates all the app related information like appId + * and name. */ app?: NullableOption; /** - * If the resource initiating the activity is a user, this property Indicates all the user related information like - * userId, Name, UserPrinicpalName. + * If the resource initiating the activity is a user, this property Indicates all the user related information like user + * ID and userPrincipalName. */ user?: NullableOption; } @@ -24370,6 +24769,10 @@ export interface BasicAuthentication extends ApiAuthenticationConfigurationBase // The username. username?: NullableOption; } +export interface BinaryContent extends ContentBase { + // The binary content, encoded as a Base64 string. Inherited from contentBase. + data?: string; +} export interface BitLockerRemovableDrivePolicy { /** * This policy setting determines whether BitLocker protection is required for removable data drives to be writable on a @@ -25061,6 +25464,30 @@ export interface ChoiceColumn { // How the choices are to be presented in the UX. Must be one of checkBoxes, dropDownMenu, or radioButtons displayAs?: NullableOption; } +export interface ClassifcationErrorBase { + // A service-defined error code string. + code?: NullableOption; + // Contains more specific, potentially internal error details. + innerError?: NullableOption; + // A human-readable representation of the error. + message?: NullableOption; + // The target of the error (for example, the specific property or item causing the issue). + target?: NullableOption; +} +export interface ClassificationError extends ClassifcationErrorBase { + // A collection of more specific errors contributing to the overall error. + details?: NullableOption; +} +export interface ClassificationInnerError { + // The activity ID associated with the request that generated the error. + activityId?: NullableOption; + // The client request ID, if provided by the caller. + clientRequestId?: NullableOption; + // A more specific, potentially internal, error code string. + code?: NullableOption; + // The date and time the inner error occurred. + errorDateTime?: NullableOption; +} export interface ClientCertificateAuthentication extends ApiAuthenticationConfigurationBase { // The list of certificates uploaded for this API connector. certificateList?: NullableOption; @@ -25376,6 +25803,11 @@ export interface ComplianceManagementPartnerAssignment { // Group assignment target. target?: NullableOption; } +export interface ComputeRightsAndInheritanceResult { + contentRights?: NullableOption; + inheritedLabel?: NullableOption; + sensitivityLabels?: NullableOption; +} // tslint:disable-next-line: no-empty-interface export interface ConditionalAccessAllExternalTenants extends ConditionalAccessExternalTenants {} export interface ConditionalAccessApplications { @@ -25557,6 +25989,7 @@ export interface ConditionalAccessSessionControls { * work correctly. */ persistentBrowser?: NullableOption; + secureSignInSession?: NullableOption; // Session control to enforce signin frequency. signInFrequency?: NullableOption; } @@ -25611,6 +26044,8 @@ export interface ContainerFilter { } // tslint:disable-next-line: no-empty-interface export interface ContentApprovalStatusColumn {} +// tslint:disable-next-line: no-empty-interface +export interface ContentBase {} export interface ContentCustomization { // Represents the content options of External Identities to be customized throughout the authentication flow for a tenant. attributeCollection?: KeyValue[]; @@ -25809,6 +26244,8 @@ export interface CustomExtensionOverwriteConfiguration { clientConfiguration?: NullableOption; } // tslint:disable-next-line: no-empty-interface +export interface CustomMetadataDictionary extends Dictionary {} +// tslint:disable-next-line: no-empty-interface export interface CustomSecurityAttributeValue {} export interface CustomTimeZone extends TimeZoneBase { /** @@ -26196,6 +26633,14 @@ export interface DeviceManagementSettings { // Device should be noncompliant when there is no compliance policy targeted when this is true secureByDefault?: boolean; } +export interface DeviceMetadata { + // Optional. The general type of the device (for example, 'Managed', 'Unmanaged'). + deviceType?: NullableOption; + // The Internet Protocol (IP) address of the device. + ipAddress?: NullableOption; + // Details about the operating system platform and version. + operatingSystemSpecifications?: NullableOption; +} export interface DeviceOperatingSystemSummary { /** * The count of Corporate work profile Android devices. Also known as Corporate Owned Personally Enabled (COPE). Valid @@ -26277,6 +26722,10 @@ export interface DisplayNameLocalization { // Provides the language culture-code and friendly name of the language that the displayName field has been provided in. languageTag?: NullableOption; } +export interface DlpActionInfo { + // The type of DLP action. Possible value is restrictAccessAction. + action?: NullableOption; +} export interface DocumentSet { // Content types allowed in document set. allowedContentTypes?: NullableOption; @@ -26348,7 +26797,7 @@ export interface DriveItemUploadableProperties { name?: NullableOption; } export interface DriveRecipient { - // The alias of the domain object, for cases where an email address is unavailable (e.g. security groups). + // The alias of the domain object, for cases where an email address is unavailable (for example, security groups). alias?: NullableOption; // The email address for the recipient, if the recipient has an associated email address. email?: NullableOption; @@ -26569,6 +27018,13 @@ export interface EmailSettings { */ useCompanyBranding?: boolean; } +export interface EmergencyCallerInfo { + displayName?: NullableOption; + location?: NullableOption; + phoneNumber?: NullableOption; + tenantId?: NullableOption; + upn?: NullableOption; +} export interface EmployeeOrgData { // The cost center associated with the user. Returned only on $select. Supports $filter. costCenter?: NullableOption; @@ -26870,6 +27326,8 @@ export interface GroupMembers extends SubjectSet { } // tslint:disable-next-line: no-empty-interface export interface GroupPeerOutlierRecommendationInsightSettings extends AccessReviewRecommendationInsightSetting {} +// tslint:disable-next-line: no-empty-interface +export interface GroupScope extends ScopeBase {} export interface Hashes { // The CRC32 value of the file (if available). Read-only. crc32Hash?: NullableOption; @@ -27062,6 +27520,13 @@ export interface IntegerRange { // The inclusive lower bound of the integer range. start?: NullableOption; } +// tslint:disable-next-line: interface-name +export interface IntegratedApplicationMetadata { + // The name of the integrated application. + name?: NullableOption; + // The version number of the integrated application. + version?: NullableOption; +} // tslint:disable-next-line: interface-name no-empty-interface export interface InternalSponsors extends SubjectSet {} // tslint:disable-next-line: interface-name @@ -28788,6 +29253,12 @@ export interface OpenShiftItem extends ShiftItem { // Count of the number of slots for the given open shift. openSlotCount?: number; } +export interface OperatingSystemSpecifications { + // The platform of the operating system (for example, 'Windows'). + operatingSystemPlatform?: string; + // The version string of the operating system. + operatingSystemVersion?: string; +} export interface OperationError { // Operation error code. code?: NullableOption; @@ -29320,6 +29791,49 @@ export interface PlannerPlanContainer { } // tslint:disable-next-line: no-empty-interface export interface PlannerUserIds {} +export interface PolicyBinding { + // Specifies the users or groups to be explicitly excluded from this policy scope. Can be null or empty. + exclusions?: NullableOption; + // Specifies the users or groups to be included in this policy scope. Often set to tenantScope for 'All users'. + inclusions?: ScopeBase[]; +} +export interface PolicyLocation { + /** + * The actual value representing the location. Location value is specific for concretetype of the policyLocation - + * policyLocationDomain, policyLocationUrl, or policyLocationApplication (for example, 'contoso.com', + * 'https://partner.contoso.com/upload', '83ef198a-0396-4893-9d4f-d36efbffcaaa'). + */ + value?: string; +} +// tslint:disable-next-line: no-empty-interface +export interface PolicyLocationApplication extends PolicyLocation {} +// tslint:disable-next-line: no-empty-interface +export interface PolicyLocationDomain extends PolicyLocation {} +// tslint:disable-next-line: no-empty-interface +export interface PolicyLocationUrl extends PolicyLocation {} +export interface PolicyScopeBase { + /** + * Flags specifying the user activities the calling application supports or is interested. Possible values are none, + * uploadText, uploadFile, downloadText, downloadFile, unknownFutureValue. Required. This object is a multi-valued + * enumeration. + */ + activities?: UserActivityTypes; + /** + * Specifies how the policy should be executed. Possible values are evaluateInline, evaluateOffline, unknownFutureValue. + * Required. + */ + executionMode?: ExecutionMode; + // The locations (like domains or URLs) to be protected. Required. + locations?: PolicyLocation[]; + // The enforcement actions to take if the policy conditions are met within this scope. Required. + policyActions?: DlpActionInfo[]; +} +export interface PolicyTenantScope extends PolicyScopeBase { + // Specifies the users and groups included in or excluded from this tenant-level policy scope. + policyScope?: NullableOption; +} +// tslint:disable-next-line: no-empty-interface +export interface PolicyUserScope extends PolicyScopeBase {} export interface PositiveReinforcementNotification extends BaseEndUserNotification { // Delivery preference. Possible values are: unknown, deliverImmedietly, deliverAfterCampaignEnd, unknownFutureValue. deliveryPreference?: NullableOption; @@ -29677,6 +30191,114 @@ export interface Process { // The Process ID (PID) of the process. processId?: NullableOption; } +export interface ProcessContentBatchRequest { + // The actual content processing request details, including content metadata, activity, device, and app info. + contentToProcess?: ProcessContentRequest; + // A unique identifier provided by the client to correlate this specific request item within the batch. + requestId?: NullableOption; + // The unique identifier (Object ID or UPN) of the user in whose context the content should be processed. + userId?: NullableOption; +} +export interface ProcessContentMetadataBase { + /** + * Represents the actual content, either as text (textContent) or binary data (binaryContent). Optional if metadata alone + * is sufficient for policy evaluation. Do not use for contentActivities. + */ + content?: NullableOption; + /** + * An identifier used to group multiple related content entries (for example, different parts of the same file upload, + * messages in a conversation). + */ + correlationId?: NullableOption; + /** + * Required. Timestamp indicating when the original content was created (for example, file creation time, message sent + * time). + */ + createdDateTime?: string; + /** + * Required. A unique identifier for this specific content entry within the context of the calling application or + * enforcement plane (for example, message ID, file path/URL). + */ + identifier?: string; + /** + * Required. Indicates if the provided content has been truncated from its original form (for example, due to size + * limits). + */ + isTruncated?: boolean; + // The length of the original content in bytes. + length?: NullableOption; + /** + * Required. Timestamp indicating when the original content was last modified. For ephemeral content like messages, this + * might be the same as createdDateTime. + */ + modifiedDateTime?: string; + // Required. A descriptive name for the content (for example, file name, web page title, 'Chat Message'). + name?: string; + /** + * A sequence number indicating the order in which content was generated or should be processed, required when + * correlationId is used. + */ + sequenceNumber?: NullableOption; +} +export interface ProcessContentRequest { + // Metadata about the user activity (like upload, download) and location (URL). Required. + activityMetadata?: ActivityMetadata; + /** + * A collection of content entries to be processed. Each entry contains the content itself and its metadata. Use + * conversation metadata for content like prompts and responses and file metadata for files. Required. + */ + contentEntries?: ProcessContentMetadataBase[]; + // Metadata about the device from which the content originates. Required. + deviceMetadata?: DeviceMetadata; + // Metadata about the integrated application making the request. Required. + integratedAppMetadata?: IntegratedApplicationMetadata; + // Metadata about the protected application making the request. Required. + protectedAppMetadata?: NullableOption; +} +export interface ProcessContentResponse { + /** + * A collection of policy actions (like DLP actions) triggered by the processed content. NOTE: Currently, the only policy + * action supported in for this resource type is restrictAccess. + */ + policyActions?: DlpActionInfo[]; + // A collection of errors encountered during the content processing. + processingErrors?: ProcessingError[]; + /** + * Indicates if the applicable protection scope (policies) has changed since the last known state for the context. + * Possible values are modified and notModified. + */ + protectionScopeState?: ProtectionScopeState; +} +export interface ProcessContentResponses { + // The unique identifier that matches the requestId provided in the corresponding processContentBatchRequest. + requestId?: NullableOption; + // The outcome of processing the content associated with this requestId. Required. + results?: ProcessContentResponse; +} +export interface ProcessConversationMetadata extends ProcessContentMetadataBase { + /** + * List of resources (for example, file URLs, web URLs) accessed during the generation of this message (relevant for bot + * interactions). + */ + accessedResources?: NullableOption; + // Identifier of the parent message in a threaded conversation, if applicable. + parentMessageId?: NullableOption; + // List of plugins used during the generation of this message (relevant for AI/bot interactions). + plugins?: NullableOption; +} +export interface ProcessFileMetadata extends ProcessContentMetadataBase { + // A dictionary containing custom metadata associated with the file, potentially extracted by the calling application. + customProperties?: NullableOption; + // The unique identifier (for example, Entra User ID or UPN) of the owner of the file. + ownerId?: NullableOption; +} +export interface ProcessingError extends ClassificationError { + /** + * Indicates whether the error is considered transient (potentially resolvable by retry) or permanent. Possible values are + * transient, permanent, unknownFutureValue. Inherits from classificationError. + */ + errorType?: ContentProcessingErrorType; +} export interface ProfileCardAnnotation { /** * If present, the value of this field is used by the profile card as the default property label in the experience (for @@ -29692,6 +30314,18 @@ export interface ProfileCardAnnotation { } // tslint:disable-next-line: no-empty-interface export interface Prompt {} +export interface ProtectedApplicationMetadata extends IntegratedApplicationMetadata { + // The client (application) ID of the Microsoft Entra application. Required. + applicationLocation?: NullableOption; +} +export interface ProtectedContent { + // The content id + cid?: NullableOption; + // The content format. + format?: NullableOption; + // The unique identifier for the sensitivity label applied to the content. + labelId?: string; +} export interface ProvisionChannelEmailResult { // Represents the provisioned email address. email?: NullableOption; @@ -30239,6 +30873,12 @@ export interface RestorePointSearchResult { artifactHitCount?: NullableOption; restorePoint?: NullableOption; } +// tslint:disable-next-line: no-empty-interface +export interface RestrictAccessAction extends RestrictAccessActionBase {} +export interface RestrictAccessActionBase extends DlpActionInfo { + // Action for the app to take. The possible values are: warn, audit, block. + restrictionAction?: NullableOption; +} export interface ResultInfo { // The result code. code?: number; @@ -30415,6 +31055,10 @@ export interface ScheduleItem { // The corresponding event's subject line. Optional. subject?: NullableOption; } +export interface ScopeBase { + // The identifier for the scope. This could be a user ID, group ID, or a keyword like 'All' for tenant scope. + identity?: NullableOption; +} export interface ScoredEmailAddress { // The email address. address?: NullableOption; @@ -30548,9 +31192,9 @@ export interface SearchRequest { /** * Contains the fields to be returned for each resource object specified in entityTypes, allowing customization of the * fields returned by default; otherwise, including additional fields such as custom managed properties from SharePoint - * and OneDrive, or custom fields in externalItem from the content that Microsoft Graph connectors bring in. The fields - * property can use the semantic labels applied to properties. For example, if a property is labeled as title, you can - * retrieve it using the following syntax: label_title. Optional. + * and OneDrive, or custom fields in externalItem from the content that Microsoft 365 Copilot connectors bring in. The + * fields property can use the semantic labels applied to properties. For example, if a property is labeled as title, you + * can retrieve it using the following syntax: label_title. Optional. */ fields?: NullableOption; // Specifies the offset for the search results. Offset 0 returns the very first result. Optional. @@ -30617,6 +31261,8 @@ export interface SecureScoreControlStateUpdate { // Time at which the control state was updated. updatedDateTime?: NullableOption; } +// tslint:disable-next-line: no-empty-interface +export interface SecureSignInSessionControl extends ConditionalAccessSessionControl {} export interface SecurityResource { // Name of the resource that is related to current alert. Required. resource?: NullableOption; @@ -31884,6 +32530,8 @@ export interface TenantInformation { // Unique identifier of a Microsoft Entra tenant. tenantId?: string; } +// tslint:disable-next-line: no-empty-interface +export interface TenantScope extends ScopeBase {} export interface TermColumn { // Specifies whether the column allows more than one value. allowMultipleValues?: NullableOption; @@ -31916,6 +32564,10 @@ export interface TextColumn { // The type of text being stored. Must be one of plain or richText textType?: NullableOption; } +export interface TextContent extends ContentBase { + // The text content data. Inherits properties from contentBase. + data?: string; +} export interface Thumbnail { // The content stream for the thumbnail. content?: NullableOption; @@ -32147,8 +32799,8 @@ export interface UpdateWindowsDeviceAccountActionParameter { } export interface UploadSession { /** - * The date and time in UTC that the upload session will expire. The complete file must be uploaded before this expiration - * time is reached. + * The date and time in UTC that the upload session expires. The complete file must be uploaded before this expiration + * time is reached. Each fragment uploaded during the session extends the expiration time. */ expirationDateTime?: NullableOption; /** @@ -32333,6 +32985,8 @@ export interface UserRegistrationMethodSummary { // User type. Possible values are: all, member, guest, unknownFutureValue. userTypes?: NullableOption; } +// tslint:disable-next-line: no-empty-interface +export interface UserScope extends ScopeBase {} export interface UserSecurityState { // AAD User object identifier (GUID) - represents the physical/multi-account user entity. aadUserId?: NullableOption; @@ -33149,27 +33803,27 @@ export interface WorkbookSortField { sortOn?: string; } export interface WorkbookWorksheetProtectionOptions { - // Represents the worksheet protection option of allowing using auto filter feature. + // Indicates whether the worksheet protection option to allow the use of the autofilter feature is enabled. allowAutoFilter?: boolean; - // Represents the worksheet protection option of allowing deleting columns. + // Indicates whether the worksheet protection option to allow deleting columns is enabled. allowDeleteColumns?: boolean; - // Represents the worksheet protection option of allowing deleting rows. + // Indicates whether the worksheet protection option to allow deleting rows is enabled. allowDeleteRows?: boolean; - // Represents the worksheet protection option of allowing formatting cells. + // Indicates whether the worksheet protection option to allow formatting cells is enabled. allowFormatCells?: boolean; - // Represents the worksheet protection option of allowing formatting columns. + // Indicates whether the worksheet protection option to allow formatting columns is enabled. allowFormatColumns?: boolean; - // Represents the worksheet protection option of allowing formatting rows. + // Indicates whether the worksheet protection option to allow formatting rows is enabled. allowFormatRows?: boolean; - // Represents the worksheet protection option of allowing inserting columns. + // Indicates whether the worksheet protection option to allow inserting columns is enabled. allowInsertColumns?: boolean; - // Represents the worksheet protection option of allowing inserting hyperlinks. + // Indicates whether the worksheet protection option to allow inserting hyperlinks is enabled. allowInsertHyperlinks?: boolean; - // Represents the worksheet protection option of allowing inserting rows. + // Indicates whether the worksheet protection option to allow inserting rows is enabled. allowInsertRows?: boolean; - // Represents the worksheet protection option of allowing using pivot table feature. + // Indicates whether the worksheet protection option to allow the use of the pivot table feature is enabled. allowPivotTables?: boolean; - // Represents the worksheet protection option of allowing using sort feature. + // Indicates whether the worksheet protection option to allow the use of the sort feature is enabled. allowSort?: boolean; } export interface WorkforceIntegrationEncryption { @@ -34816,7 +35470,7 @@ export namespace Partners.Billing { manifests?: NullableOption; // Represents an operation to export the billing data of a partner. operations?: NullableOption; - // Represents details for billed invoice reconciliation data. + // Represents details for billed and unbilled invoice reconciliation data. reconciliation?: BillingReconciliation; // Represents details for billed and unbilled Azure usage data. usage?: AzureUsage; @@ -34824,6 +35478,8 @@ export namespace Partners.Billing { interface BillingReconciliation extends microsoftgraph.Entity { // Represents details for billed invoice reconciliation data. billed?: BilledReconciliation; + // Represents details for unbilled invoice reconciliation data. + unbilled?: UnbilledReconciliation; } interface ExportSuccessOperation extends Operation { // Metadata for the exported files. @@ -34880,6 +35536,8 @@ export namespace Partners.Billing { } // tslint:disable-next-line: no-empty-interface interface RunningOperation extends Operation {} +// tslint:disable-next-line: no-empty-interface + interface UnbilledReconciliation extends microsoftgraph.Entity {} // tslint:disable-next-line: no-empty-interface interface UnbilledUsage extends microsoftgraph.Entity {} interface Blob { @@ -35045,7 +35703,16 @@ export namespace Search { } export namespace SecurityNamespace { type ActionAfterRetentionPeriod = "none" | "delete" | "startDispositionReview" | "relabel" | "unknownFutureValue"; - type AdditionalDataOptions = "allVersions" | "linkedFiles" | "unknownFutureValue"; + type AdditionalDataOptions = + | "allVersions" + | "linkedFiles" + | "unknownFutureValue" + | "advancedIndexing" + | "listAttachments" + | "htmlTranscripts" + | "messageConversationExpansion" + | "locationsWithoutHits" + | "allItemsInFolder"; type AdditionalOptions = | "none" | "teamsAndYammerConversations" @@ -35053,7 +35720,15 @@ export namespace SecurityNamespace { | "allDocumentVersions" | "subfolderContents" | "listAttachments" - | "unknownFutureValue"; + | "unknownFutureValue" + | "htmlTranscripts" + | "advancedIndexing" + | "allItemsInFolder" + | "includeFolderAndPath" + | "condensePaths" + | "friendlyName" + | "splitSource" + | "includeReport"; type AlertClassification = | "unknown" | "falsePositive" @@ -35080,6 +35755,309 @@ export namespace SecurityNamespace { type AlertSeverity = "unknown" | "informational" | "low" | "medium" | "high" | "unknownFutureValue"; type AlertStatus = "unknown" | "new" | "inProgress" | "resolved" | "unknownFutureValue"; type AntispamTeamsDirection = "unknown" | "inbound" | "outbound" | "intraorg" | "unknownFutureValue"; + type AuditLogQueryStatus = "notStarted" | "running" | "succeeded" | "failed" | "cancelled" | "unknownFutureValue"; + type AuditLogRecordType = + | "ExchangeAdmin" + | "ExchangeItem" + | "ExchangeItemGroup" + | "SharePoint" + | "SyntheticProbe" + | "SharePointFileOperation" + | "OneDrive" + | "AzureActiveDirectory" + | "AzureActiveDirectoryAccountLogon" + | "DataCenterSecurityCmdlet" + | "ComplianceDLPSharePoint" + | "Sway" + | "ComplianceDLPExchange" + | "SharePointSharingOperation" + | "AzureActiveDirectoryStsLogon" + | "SkypeForBusinessPSTNUsage" + | "SkypeForBusinessUsersBlocked" + | "SecurityComplianceCenterEOPCmdlet" + | "ExchangeAggregatedOperation" + | "PowerBIAudit" + | "CRM" + | "Yammer" + | "SkypeForBusinessCmdlets" + | "Discovery" + | "MicrosoftTeams" + | "ThreatIntelligence" + | "MailSubmission" + | "MicrosoftFlow" + | "AeD" + | "MicrosoftStream" + | "ComplianceDLPSharePointClassification" + | "ThreatFinder" + | "Project" + | "SharePointListOperation" + | "SharePointCommentOperation" + | "DataGovernance" + | "Kaizala" + | "SecurityComplianceAlerts" + | "ThreatIntelligenceUrl" + | "SecurityComplianceInsights" + | "MIPLabel" + | "WorkplaceAnalytics" + | "PowerAppsApp" + | "PowerAppsPlan" + | "ThreatIntelligenceAtpContent" + | "LabelContentExplorer" + | "TeamsHealthcare" + | "ExchangeItemAggregated" + | "HygieneEvent" + | "DataInsightsRestApiAudit" + | "InformationBarrierPolicyApplication" + | "SharePointListItemOperation" + | "SharePointContentTypeOperation" + | "SharePointFieldOperation" + | "MicrosoftTeamsAdmin" + | "HRSignal" + | "MicrosoftTeamsDevice" + | "MicrosoftTeamsAnalytics" + | "InformationWorkerProtection" + | "Campaign" + | "DLPEndpoint" + | "AirInvestigation" + | "Quarantine" + | "MicrosoftForms" + | "ApplicationAudit" + | "ComplianceSupervisionExchange" + | "CustomerKeyServiceEncryption" + | "OfficeNative" + | "MipAutoLabelSharePointItem" + | "MipAutoLabelSharePointPolicyLocation" + | "MicrosoftTeamsShifts" + | "SecureScore" + | "MipAutoLabelExchangeItem" + | "CortanaBriefing" + | "Search" + | "WDATPAlerts" + | "PowerPlatformAdminDlp" + | "PowerPlatformAdminEnvironment" + | "MDATPAudit" + | "SensitivityLabelPolicyMatch" + | "SensitivityLabelAction" + | "SensitivityLabeledFileAction" + | "AttackSim" + | "AirManualInvestigation" + | "SecurityComplianceRBAC" + | "UserTraining" + | "AirAdminActionInvestigation" + | "MSTIC" + | "PhysicalBadgingSignal" + | "TeamsEasyApprovals" + | "AipDiscover" + | "AipSensitivityLabelAction" + | "AipProtectionAction" + | "AipFileDeleted" + | "AipHeartBeat" + | "MCASAlerts" + | "OnPremisesFileShareScannerDlp" + | "OnPremisesSharePointScannerDlp" + | "ExchangeSearch" + | "SharePointSearch" + | "PrivacyDataMinimization" + | "LabelAnalyticsAggregate" + | "MyAnalyticsSettings" + | "SecurityComplianceUserChange" + | "ComplianceDLPExchangeClassification" + | "ComplianceDLPEndpoint" + | "MipExactDataMatch" + | "MSDEResponseActions" + | "MSDEGeneralSettings" + | "MSDEIndicatorsSettings" + | "MS365DCustomDetection" + | "MSDERolesSettings" + | "MAPGAlerts" + | "MAPGPolicy" + | "MAPGRemediation" + | "PrivacyRemediationAction" + | "PrivacyDigestEmail" + | "MipAutoLabelSimulationProgress" + | "MipAutoLabelSimulationCompletion" + | "MipAutoLabelProgressFeedback" + | "DlpSensitiveInformationType" + | "MipAutoLabelSimulationStatistics" + | "LargeContentMetadata" + | "Microsoft365Group" + | "CDPMlInferencingResult" + | "FilteringMailMetadata" + | "CDPClassificationMailItem" + | "CDPClassificationDocument" + | "OfficeScriptsRunAction" + | "FilteringPostMailDeliveryAction" + | "CDPUnifiedFeedback" + | "TenantAllowBlockList" + | "ConsumptionResource" + | "HealthcareSignal" + | "DlpImportResult" + | "CDPCompliancePolicyExecution" + | "MultiStageDisposition" + | "PrivacyDataMatch" + | "FilteringDocMetadata" + | "FilteringEmailFeatures" + | "PowerBIDlp" + | "FilteringUrlInfo" + | "FilteringAttachmentInfo" + | "CoreReportingSettings" + | "ComplianceConnector" + | "PowerPlatformLockboxResourceAccessRequest" + | "PowerPlatformLockboxResourceCommand" + | "CDPPredictiveCodingLabel" + | "CDPCompliancePolicyUserFeedback" + | "WebpageActivityEndpoint" + | "OMEPortal" + | "CMImprovementActionChange" + | "FilteringUrlClick" + | "MipLabelAnalyticsAuditRecord" + | "FilteringEntityEvent" + | "FilteringRuleHits" + | "FilteringMailSubmission" + | "LabelExplorer" + | "MicrosoftManagedServicePlatform" + | "PowerPlatformServiceActivity" + | "ScorePlatformGenericAuditRecord" + | "FilteringTimeTravelDocMetadata" + | "Alert" + | "AlertStatus" + | "AlertIncident" + | "IncidentStatus" + | "Case" + | "CaseInvestigation" + | "RecordsManagement" + | "PrivacyRemediation" + | "DataShareOperation" + | "CdpDlpSensitive" + | "EHRConnector" + | "FilteringMailGradingResult" + | "PublicFolder" + | "PrivacyTenantAuditHistoryRecord" + | "AipScannerDiscoverEvent" + | "EduDataLakeDownloadOperation" + | "M365ComplianceConnector" + | "MicrosoftGraphDataConnectOperation" + | "MicrosoftPurview" + | "FilteringEmailContentFeatures" + | "PowerPagesSite" + | "PowerAppsResource" + | "PlannerPlan" + | "PlannerCopyPlan" + | "PlannerTask" + | "PlannerRoster" + | "PlannerPlanList" + | "PlannerTaskList" + | "PlannerTenantSettings" + | "ProjectForTheWebProject" + | "ProjectForTheWebTask" + | "ProjectForTheWebRoadmap" + | "ProjectForTheWebRoadmapItem" + | "ProjectForTheWebProjectSettings" + | "ProjectForTheWebRoadmapSettings" + | "QuarantineMetadata" + | "MicrosoftTodoAudit" + | "TimeTravelFilteringDocMetadata" + | "TeamsQuarantineMetadata" + | "SharePointAppPermissionOperation" + | "MicrosoftTeamsSensitivityLabelAction" + | "FilteringTeamsMetadata" + | "FilteringTeamsUrlInfo" + | "FilteringTeamsPostDeliveryAction" + | "MDCAssessments" + | "MDCRegulatoryComplianceStandards" + | "MDCRegulatoryComplianceControls" + | "MDCRegulatoryComplianceAssessments" + | "MDCSecurityConnectors" + | "MDADataSecuritySignal" + | "VivaGoals" + | "FilteringRuntimeInfo" + | "AttackSimAdmin" + | "MicrosoftGraphDataConnectConsent" + | "FilteringAtpDetonationInfo" + | "PrivacyPortal" + | "ManagedTenants" + | "UnifiedSimulationMatchedItem" + | "UnifiedSimulationSummary" + | "UpdateQuarantineMetadata" + | "MS365DSuppressionRule" + | "PurviewDataMapOperation" + | "FilteringUrlPostClickAction" + | "IrmUserDefinedDetectionSignal" + | "TeamsUpdates" + | "PlannerRosterSensitivityLabel" + | "MS365DIncident" + | "FilteringDelistingMetadata" + | "ComplianceDLPSharePointClassificationExtended" + | "MicrosoftDefenderForIdentityAudit" + | "SupervisoryReviewDayXInsight" + | "DefenderExpertsforXDRAdmin" + | "CDPEdgeBlockedMessage" + | "HostedRpa" + | "CdpContentExplorerAggregateRecord" + | "CDPHygieneAttachmentInfo" + | "CDPHygieneSummary" + | "CDPPostMailDeliveryAction" + | "CDPEmailFeatures" + | "CDPHygieneUrlInfo" + | "CDPUrlClick" + | "CDPPackageManagerHygieneEvent" + | "FilteringDocScan" + | "TimeTravelFilteringDocScan" + | "MAPGOnboard" + | "VfamCreatePolicy" + | "VfamUpdatePolicy" + | "VfamDeletePolicy" + | "M365DAAD" + | "CdpColdCrawlStatus" + | "PowerPlatformAdministratorActivity" + | "Windows365CustomerLockbox" + | "CdpResourceScopeChangeEvent" + | "ComplianceCCExchangeExecutionResult" + | "CdpOcrCostEstimatorRecord" + | "CopilotInteraction" + | "CdpOcrBillingRecord" + | "ComplianceDLPApplications" + | "UAMOperation" + | "VivaLearning" + | "VivaLearningAdmin" + | "PurviewPolicyOperation" + | "PurviewMetadataPolicyOperation" + | "PeopleAdminSettings" + | "CdpComplianceDLPExchangeClassification" + | "CdpComplianceDLPSharePointClassification" + | "FilteringBulkSenderInsightData" + | "FilteringBulkThresholdInsightData" + | "PrivacyOpenAccess" + | "OWAAuth" + | "ComplianceDLPApplicationsClassification" + | "SharePointESignature" + | "Dynamics365BusinessCentral" + | "MeshWorlds" + | "VivaPulseResponse" + | "VivaPulseOrganizer" + | "VivaPulseAdmin" + | "VivaPulseReport" + | "AIAppInteraction" + | "ComplianceDLMExchange" + | "ComplianceDLMSharePoint" + | "ProjectForTheWebAssignedToMeSettings" + | "CPSOperation" + | "ComplianceDLPExchangeDiscovery" + | "PurviewMCRecommendation" + | "unknownFutureValue"; + type AuditLogUserType = + | "Regular" + | "Reserved" + | "Admin" + | "DcAdmin" + | "System" + | "Application" + | "ServicePrincipal" + | "CustomPolicy" + | "SystemPolicy" + | "PartnerTechnician" + | "Guest" + | "unknownFutureValue"; type BehaviorDuringRetentionPeriod = | "doNotRetain" | "retain" @@ -35115,6 +36093,7 @@ export namespace SecurityNamespace { | "closedWithError" | "unknownFutureValue"; type ChildSelectability = "One" | "Many" | "unknownFutureValue"; + type CloudAttachmentVersion = "latest" | "recent10" | "recent100" | "all" | "unknownFutureValue"; type ContainerPortProtocol = "udp" | "tcp" | "sctp" | "unknownFutureValue"; type ContentFormat = "text" | "html" | "markdown" | "unknownFutureValue"; type DataSourceContainerStatus = "active" | "released" | "unknownFutureValue"; @@ -35182,6 +36161,7 @@ export namespace SecurityNamespace { | "microsoftDefenderThreatIntelligenceAnalytics" | "builtInMl" | "microsoftInsiderRiskManagement" + | "microsoftThreatIntelligence" | "microsoftSentinel"; type DetectionStatus = "detected" | "blocked" | "prevented" | "unknownFutureValue"; type DeviceHealthStatus = @@ -35193,6 +36173,7 @@ export namespace SecurityNamespace { | "unknown" | "unknownFutureValue"; type DeviceRiskScore = "none" | "informational" | "low" | "medium" | "high" | "unknownFutureValue"; + type DocumentVersion = "latest" | "recent10" | "recent100" | "all" | "unknownFutureValue"; type EventPropagationStatus = "none" | "inProcessing" | "failed" | "success" | "unknownFutureValue"; type EventStatusType = "pending" | "error" | "success" | "notAvaliable" | "unknownFutureValue"; type EvidenceRemediationStatus = @@ -35227,10 +36208,19 @@ export namespace SecurityNamespace { | "unknownFutureValue"; type EvidenceVerdict = "unknown" | "suspicious" | "malicious" | "noThreatsFound" | "unknownFutureValue"; type ExportCriteria = "searchHits" | "partiallyIndexed" | "unknownFutureValue"; - type ExportFileStructure = "none" | "directory" | "pst" | "unknownFutureValue"; + type ExportFileStructure = "none" | "directory" | "pst" | "unknownFutureValue" | "msg"; type ExportFormat = "pst" | "msg" | "eml" | "unknownFutureValue"; type ExportLocation = "responsiveLocations" | "nonresponsiveLocations" | "unknownFutureValue"; - type ExportOptions = "originalFiles" | "text" | "pdfReplacement" | "tags" | "unknownFutureValue"; + type ExportOptions = + | "originalFiles" + | "text" + | "pdfReplacement" + | "tags" + | "unknownFutureValue" + | "splitSource" + | "includeFolderAndPath" + | "friendlyName" + | "condensePaths"; type FileHashAlgorithm = "unknown" | "md5" | "sha1" | "sha256" | "sha256ac" | "unknownFutureValue"; type GoogleCloudLocationType = "unknown" | "regional" | "zonal" | "global" | "unknownFutureValue"; type HealthIssueSeverity = "low" | "medium" | "high" | "unknownFutureValue"; @@ -35244,6 +36234,7 @@ export namespace SecurityNamespace { type IndicatorSource = "microsoft" | "osint" | "public" | "unknownFutureValue"; type IntelligenceProfileKind = "actor" | "tool" | "unknownFutureValue"; type IoTDeviceImportanceType = "unknown" | "low" | "normal" | "high" | "unknownFutureValue"; + type ItemsToInclude = "searchHits" | "partiallyIndexed" | "unknownFutureValue"; type KubernetesPlatform = "unknown" | "aks" | "eks" | "gke" | "arc" | "unknownFutureValue"; type KubernetesServiceType = | "unknown" @@ -35287,8 +36278,16 @@ export namespace SecurityNamespace { | "unknownFutureValue" | "microsoftDefenderForCloud" | "microsoftSentinel" - | "microsoftInsiderRiskManagement"; + | "microsoftInsiderRiskManagement" + | "microsoftThreatIntelligence"; type SourceType = "mailbox" | "site" | "unknownFutureValue"; + type StatisticsOptions = + | "includeRefiners" + | "includeQueryStats" + | "includeUnindexedStats" + | "advancedIndexing" + | "locationsWithoutHits" + | "unknownFutureValue"; type TeamsDeliveryLocation = "unknown" | "teams" | "quarantine" | "failed" | "unknownFutureValue"; type TeamsMessageDeliveryAction = | "unknown" @@ -35334,6 +36333,7 @@ export namespace SecurityNamespace { comments?: NullableOption; // Time when Microsoft 365 Defender created the alert. createdDateTime?: NullableOption; + // User defined custom fields with string values. customDetails?: NullableOption; // String value describing each alert. description?: NullableOption; @@ -35346,12 +36346,13 @@ export namespace SecurityNamespace { * microsoftDefenderForStorage, microsoftDefenderForDNS, microsoftDefenderForDatabases, microsoftDefenderForContainers, * microsoftDefenderForNetwork, microsoftDefenderForAppService, microsoftDefenderForKeyVault, * microsoftDefenderForResourceManager, microsoftDefenderForApiManagement, microsoftSentinel, nrtAlerts, scheduledAlerts, - * microsoftDefenderThreatIntelligenceAnalytics, builtInMl. Use the Prefer: include-unknown-enum-members request header to - * get the following value(s) in this evolvable enum: microsoftDefenderForCloud, microsoftDefenderForIoT, - * microsoftDefenderForServers, microsoftDefenderForStorage, microsoftDefenderForDNS, microsoftDefenderForDatabases, - * microsoftDefenderForContainers, microsoftDefenderForNetwork, microsoftDefenderForAppService, - * microsoftDefenderForKeyVault, microsoftDefenderForResourceManager, microsoftDefenderForApiManagement, - * microsoftSentinel, nrtAlerts, scheduledAlerts, microsoftDefenderThreatIntelligenceAnalytics, builtInMl. + * microsoftDefenderThreatIntelligenceAnalytics, builtInMl, microsoftThreatIntelligence. Use the Prefer: + * include-unknown-enum-members request header to get the following values in this evolvable enum: + * microsoftDefenderForCloud, microsoftDefenderForIoT, microsoftDefenderForServers, microsoftDefenderForStorage, + * microsoftDefenderForDNS, microsoftDefenderForDatabases, microsoftDefenderForContainers, microsoftDefenderForNetwork, + * microsoftDefenderForAppService, microsoftDefenderForKeyVault, microsoftDefenderForResourceManager, + * microsoftDefenderForApiManagement, microsoftSentinel, nrtAlerts, scheduledAlerts, + * microsoftDefenderThreatIntelligenceAnalytics, builtInMl, microsoftThreatIntelligence. */ detectionSource?: NullableOption; // The ID of the detector that triggered the alert. @@ -35389,8 +36390,8 @@ export namespace SecurityNamespace { * The service or product that created this alert. Possible values are: unknown, microsoftDefenderForEndpoint, * microsoftDefenderForIdentity, microsoftDefenderForCloudApps, microsoftDefenderForOffice365, microsoft365Defender, * azureAdIdentityProtection, microsoftAppGovernance, dataLossPrevention, unknownFutureValue, microsoftDefenderForCloud, - * microsoftSentinel. Use the Prefer: include-unknown-enum-members request header to get the following value(s) in this - * evolvable enum: microsoftDefenderForCloud, microsoftSentinel. + * microsoftSentinel, microsoftThreatIntelligence. Use the Prefer: include-unknown-enum-members request header to get the + * following values in this evolvable enum: microsoftDefenderForCloud, microsoftSentinel, microsoftThreatIntelligence. */ serviceSource?: ServiceSource; /** @@ -35442,6 +36443,198 @@ export namespace SecurityNamespace { interface ArticleIndicator extends Indicator {} // tslint:disable-next-line: no-empty-interface interface Artifact extends microsoftgraph.Entity {} + interface AuditCoreRoot extends microsoftgraph.Entity { + queries?: NullableOption; + } + interface AuditLogQuery extends microsoftgraph.Entity { + // The administrative units tagged to an audit log record. + administrativeUnitIdFilters?: NullableOption; + // The display name of the saved audit log query. + displayName?: NullableOption; + // The end date of the date range in the query. + filterEndDateTime?: NullableOption; + // The start date of the date range in the query. + filterStartDateTime?: NullableOption; + // The IP address of the device that was used when the activity was logged. + ipAddressFilters?: NullableOption; + // Free text field to search non-indexed properties of the audit log. + keywordFilter?: NullableOption; + /** + * For SharePoint and OneDrive for Business activity, the full path name of the file or folder accessed by the user. For + * Exchange admin audit logging, the name of the object that was modified by the cmdlet. + */ + objectIdFilters?: NullableOption; + /** + * The name of the user or admin activity. For a description of the most common operations/activities, see Search the + * audit log in the Office 365 Protection Center. + */ + operationFilters?: NullableOption; + /** + * The type of operation indicated by the record. The possible values are: exchangeAdmin, exchangeItem, exchangeItemGroup, + * sharePoint, syntheticProbe, sharePointFileOperation, oneDrive, azureActiveDirectory, azureActiveDirectoryAccountLogon, + * dataCenterSecurityCmdlet, complianceDLPSharePoint, sway, complianceDLPExchange, sharePointSharingOperation, + * azureActiveDirectoryStsLogon, skypeForBusinessPSTNUsage, skypeForBusinessUsersBlocked, + * securityComplianceCenterEOPCmdlet, exchangeAggregatedOperation, powerBIAudit, crm, yammer, skypeForBusinessCmdlets, + * discovery, microsoftTeams, threatIntelligence, mailSubmission, microsoftFlow, aeD, microsoftStream, + * complianceDLPSharePointClassification, threatFinder, project, sharePointListOperation, sharePointCommentOperation, + * dataGovernance, kaizala, securityComplianceAlerts, threatIntelligenceUrl, securityComplianceInsights, mipLabel, + * workplaceAnalytics, powerAppsApp, powerAppsPlan, threatIntelligenceAtpContent, labelContentExplorer, teamsHealthcare, + * exchangeItemAggregated, hygieneEvent, dataInsightsRestApiAudit, informationBarrierPolicyApplication, + * sharePointListItemOperation, sharePointContentTypeOperation, sharePointFieldOperation, microsoftTeamsAdmin, hrSignal, + * microsoftTeamsDevice, microsoftTeamsAnalytics, informationWorkerProtection, campaign, dlpEndpoint, airInvestigation, + * quarantine, microsoftForms, applicationAudit, complianceSupervisionExchange, customerKeyServiceEncryption, + * officeNative, mipAutoLabelSharePointItem, mipAutoLabelSharePointPolicyLocation, microsoftTeamsShifts, secureScore, + * mipAutoLabelExchangeItem, cortanaBriefing, search, wdatpAlerts, powerPlatformAdminDlp, powerPlatformAdminEnvironment, + * mdatpAudit, sensitivityLabelPolicyMatch, sensitivityLabelAction, sensitivityLabeledFileAction, attackSim, + * airManualInvestigation, securityComplianceRBAC, userTraining, airAdminActionInvestigation, mstic, + * physicalBadgingSignal, teamsEasyApprovals, aipDiscover, aipSensitivityLabelAction, aipProtectionAction, aipFileDeleted, + * aipHeartBeat, mcasAlerts, onPremisesFileShareScannerDlp, onPremisesSharePointScannerDlp, exchangeSearch, + * sharePointSearch, privacyDataMinimization, labelAnalyticsAggregate, myAnalyticsSettings, securityComplianceUserChange, + * complianceDLPExchangeClassification, complianceDLPEndpoint, mipExactDataMatch, msdeResponseActions, + * msdeGeneralSettings, msdeIndicatorsSettings, ms365DCustomDetection, msdeRolesSettings, mapgAlerts, mapgPolicy, + * mapgRemediation, privacyRemediationAction, privacyDigestEmail, mipAutoLabelSimulationProgress, + * mipAutoLabelSimulationCompletion, mipAutoLabelProgressFeedback, dlpSensitiveInformationType, + * mipAutoLabelSimulationStatistics, largeContentMetadata, microsoft365Group, cdpMlInferencingResult, + * filteringMailMetadata, cdpClassificationMailItem, cdpClassificationDocument, officeScriptsRunAction, + * filteringPostMailDeliveryAction, cdpUnifiedFeedback, tenantAllowBlockList, consumptionResource, healthcareSignal, + * dlpImportResult, cdpCompliancePolicyExecution, multiStageDisposition, privacyDataMatch, filteringDocMetadata, + * filteringEmailFeatures, powerBIDlp, filteringUrlInfo, filteringAttachmentInfo, coreReportingSettings, + * complianceConnector, powerPlatformLockboxResourceAccessRequest, powerPlatformLockboxResourceCommand, + * cdpPredictiveCodingLabel, cdpCompliancePolicyUserFeedback, webpageActivityEndpoint, omePortal, + * cmImprovementActionChange, filteringUrlClick, mipLabelAnalyticsAuditRecord, filteringEntityEvent, filteringRuleHits, + * filteringMailSubmission, labelExplorer, microsoftManagedServicePlatform, powerPlatformServiceActivity, + * scorePlatformGenericAuditRecord, filteringTimeTravelDocMetadata, alert, alertStatus, alertIncident, incidentStatus, + * case, caseInvestigation, recordsManagement, privacyRemediation, dataShareOperation, cdpDlpSensitive, ehrConnector, + * filteringMailGradingResult, publicFolder, privacyTenantAuditHistoryRecord, aipScannerDiscoverEvent, + * eduDataLakeDownloadOperation, m365ComplianceConnector, microsoftGraphDataConnectOperation, microsoftPurview, + * filteringEmailContentFeatures, powerPagesSite, powerAppsResource, plannerPlan, plannerCopyPlan, plannerTask, + * plannerRoster, plannerPlanList, plannerTaskList, plannerTenantSettings, projectForTheWebProject, projectForTheWebTask, + * projectForTheWebRoadmap, projectForTheWebRoadmapItem, projectForTheWebProjectSettings, projectForTheWebRoadmapSettings, + * quarantineMetadata, microsoftTodoAudit, timeTravelFilteringDocMetadata, teamsQuarantineMetadata, + * sharePointAppPermissionOperation, microsoftTeamsSensitivityLabelAction, filteringTeamsMetadata, filteringTeamsUrlInfo, + * filteringTeamsPostDeliveryAction, mdcAssessments, mdcRegulatoryComplianceStandards, mdcRegulatoryComplianceControls, + * mdcRegulatoryComplianceAssessments, mdcSecurityConnectors, mdaDataSecuritySignal, vivaGoals, filteringRuntimeInfo, + * attackSimAdmin, microsoftGraphDataConnectConsent, filteringAtpDetonationInfo, privacyPortal, managedTenants, + * unifiedSimulationMatchedItem, unifiedSimulationSummary, updateQuarantineMetadata, ms365DSuppressionRule, + * purviewDataMapOperation, filteringUrlPostClickAction, irmUserDefinedDetectionSignal, teamsUpdates, + * plannerRosterSensitivityLabel, ms365DIncident, filteringDelistingMetadata, + * complianceDLPSharePointClassificationExtended, microsoftDefenderForIdentityAudit, supervisoryReviewDayXInsight, + * defenderExpertsforXDRAdmin, cdpEdgeBlockedMessage, hostedRpa, cdpContentExplorerAggregateRecord, + * cdpHygieneAttachmentInfo, cdpHygieneSummary, cdpPostMailDeliveryAction, cdpEmailFeatures, cdpHygieneUrlInfo, + * cdpUrlClick, cdpPackageManagerHygieneEvent, filteringDocScan, timeTravelFilteringDocScan, mapgOnboard, + * unknownFutureValue. + */ + recordTypeFilters?: NullableOption; + serviceFilters?: NullableOption; + /** + * Describes the current status of the query. The possible values are: notStarted, running, succeeded, failed, cancelled, + * unknownFutureValue. + */ + status?: NullableOption; + /** + * The UPN (user principal name) of the user who performed the action (specified in the operation property) that resulted + * in the record being logged; for example, myname@mydomain_name. + */ + userPrincipalNameFilters?: NullableOption; + // An individual audit log record. + records?: NullableOption; + } + interface AuditLogRecord extends microsoftgraph.Entity { + // The administrative units tagged to an audit log record. + administrativeUnits?: NullableOption; + // A JSON object that contains the actual audit log data. + auditData?: NullableOption; + /** + * The type of operation indicated by the record. The possible values are: exchangeAdmin, exchangeItem, exchangeItemGroup, + * sharePoint, syntheticProbe, sharePointFileOperation, oneDrive, azureActiveDirectory, azureActiveDirectoryAccountLogon, + * dataCenterSecurityCmdlet, complianceDLPSharePoint, sway, complianceDLPExchange, sharePointSharingOperation, + * azureActiveDirectoryStsLogon, skypeForBusinessPSTNUsage, skypeForBusinessUsersBlocked, + * securityComplianceCenterEOPCmdlet, exchangeAggregatedOperation, powerBIAudit, crm, yammer, skypeForBusinessCmdlets, + * discovery, microsoftTeams, threatIntelligence, mailSubmission, microsoftFlow, aeD, microsoftStream, + * complianceDLPSharePointClassification, threatFinder, project, sharePointListOperation, sharePointCommentOperation, + * dataGovernance, kaizala, securityComplianceAlerts, threatIntelligenceUrl, securityComplianceInsights, mipLabel, + * workplaceAnalytics, powerAppsApp, powerAppsPlan, threatIntelligenceAtpContent, labelContentExplorer, teamsHealthcare, + * exchangeItemAggregated, hygieneEvent, dataInsightsRestApiAudit, informationBarrierPolicyApplication, + * sharePointListItemOperation, sharePointContentTypeOperation, sharePointFieldOperation, microsoftTeamsAdmin, hrSignal, + * microsoftTeamsDevice, microsoftTeamsAnalytics, informationWorkerProtection, campaign, dlpEndpoint, airInvestigation, + * quarantine, microsoftForms, applicationAudit, complianceSupervisionExchange, customerKeyServiceEncryption, + * officeNative, mipAutoLabelSharePointItem, mipAutoLabelSharePointPolicyLocation, microsoftTeamsShifts, secureScore, + * mipAutoLabelExchangeItem, cortanaBriefing, search, wdatpAlerts, powerPlatformAdminDlp, powerPlatformAdminEnvironment, + * mdatpAudit, sensitivityLabelPolicyMatch, sensitivityLabelAction, sensitivityLabeledFileAction, attackSim, + * airManualInvestigation, securityComplianceRBAC, userTraining, airAdminActionInvestigation, mstic, + * physicalBadgingSignal, teamsEasyApprovals, aipDiscover, aipSensitivityLabelAction, aipProtectionAction, aipFileDeleted, + * aipHeartBeat, mcasAlerts, onPremisesFileShareScannerDlp, onPremisesSharePointScannerDlp, exchangeSearch, + * sharePointSearch, privacyDataMinimization, labelAnalyticsAggregate, myAnalyticsSettings, securityComplianceUserChange, + * complianceDLPExchangeClassification, complianceDLPEndpoint, mipExactDataMatch, msdeResponseActions, + * msdeGeneralSettings, msdeIndicatorsSettings, ms365DCustomDetection, msdeRolesSettings, mapgAlerts, mapgPolicy, + * mapgRemediation, privacyRemediationAction, privacyDigestEmail, mipAutoLabelSimulationProgress, + * mipAutoLabelSimulationCompletion, mipAutoLabelProgressFeedback, dlpSensitiveInformationType, + * mipAutoLabelSimulationStatistics, largeContentMetadata, microsoft365Group, cdpMlInferencingResult, + * filteringMailMetadata, cdpClassificationMailItem, cdpClassificationDocument, officeScriptsRunAction, + * filteringPostMailDeliveryAction, cdpUnifiedFeedback, tenantAllowBlockList, consumptionResource, healthcareSignal, + * dlpImportResult, cdpCompliancePolicyExecution, multiStageDisposition, privacyDataMatch, filteringDocMetadata, + * filteringEmailFeatures, powerBIDlp, filteringUrlInfo, filteringAttachmentInfo, coreReportingSettings, + * complianceConnector, powerPlatformLockboxResourceAccessRequest, powerPlatformLockboxResourceCommand, + * cdpPredictiveCodingLabel, cdpCompliancePolicyUserFeedback, webpageActivityEndpoint, omePortal, + * cmImprovementActionChange, filteringUrlClick, mipLabelAnalyticsAuditRecord, filteringEntityEvent, filteringRuleHits, + * filteringMailSubmission, labelExplorer, microsoftManagedServicePlatform, powerPlatformServiceActivity, + * scorePlatformGenericAuditRecord, filteringTimeTravelDocMetadata, alert, alertStatus, alertIncident, incidentStatus, + * case, caseInvestigation, recordsManagement, privacyRemediation, dataShareOperation, cdpDlpSensitive, ehrConnector, + * filteringMailGradingResult, publicFolder, privacyTenantAuditHistoryRecord, aipScannerDiscoverEvent, + * eduDataLakeDownloadOperation, m365ComplianceConnector, microsoftGraphDataConnectOperation, microsoftPurview, + * filteringEmailContentFeatures, powerPagesSite, powerAppsResource, plannerPlan, plannerCopyPlan, plannerTask, + * plannerRoster, plannerPlanList, plannerTaskList, plannerTenantSettings, projectForTheWebProject, projectForTheWebTask, + * projectForTheWebRoadmap, projectForTheWebRoadmapItem, projectForTheWebProjectSettings, projectForTheWebRoadmapSettings, + * quarantineMetadata, microsoftTodoAudit, timeTravelFilteringDocMetadata, teamsQuarantineMetadata, + * sharePointAppPermissionOperation, microsoftTeamsSensitivityLabelAction, filteringTeamsMetadata, filteringTeamsUrlInfo, + * filteringTeamsPostDeliveryAction, mdcAssessments, mdcRegulatoryComplianceStandards, mdcRegulatoryComplianceControls, + * mdcRegulatoryComplianceAssessments, mdcSecurityConnectors, mdaDataSecuritySignal, vivaGoals, filteringRuntimeInfo, + * attackSimAdmin, microsoftGraphDataConnectConsent, filteringAtpDetonationInfo, privacyPortal, managedTenants, + * unifiedSimulationMatchedItem, unifiedSimulationSummary, updateQuarantineMetadata, ms365DSuppressionRule, + * purviewDataMapOperation, filteringUrlPostClickAction, irmUserDefinedDetectionSignal, teamsUpdates, + * plannerRosterSensitivityLabel, ms365DIncident, filteringDelistingMetadata, + * complianceDLPSharePointClassificationExtended, microsoftDefenderForIdentityAudit, supervisoryReviewDayXInsight, + * defenderExpertsforXDRAdmin, cdpEdgeBlockedMessage, hostedRpa, cdpContentExplorerAggregateRecord, + * cdpHygieneAttachmentInfo, cdpHygieneSummary, cdpPostMailDeliveryAction, cdpEmailFeatures, cdpHygieneUrlInfo, + * cdpUrlClick, cdpPackageManagerHygieneEvent, filteringDocScan, timeTravelFilteringDocScan, mapgOnboard, + * unknownFutureValue. + */ + auditLogRecordType?: NullableOption; + /** + * The IP address of the device used when the activity was logged. The IP address is displayed in either an IPv4 or IPv6 + * address format. + */ + clientIp?: NullableOption; + // The date and time in UTC when the user performed the activity. + createdDateTime?: NullableOption; + /** + * For Exchange admin audit logging, the name of the object modified by the cmdlet. For SharePoint activity, the full URL + * path name of the file or folder accessed by a user. For Microsoft Entra activity, the name of the user account that was + * modified. + */ + objectId?: NullableOption; + // The name of the user or admin activity. + operation?: NullableOption; + // The GUID for your organization. + organizationId?: NullableOption; + // The Microsoft 365 service where the activity occurred. + service?: NullableOption; + /** + * The user who performed the action (specified in the Operation property) that resulted in the record being logged. Audit + * records for activity performed by system accounts (such as SHAREPOINT/system or NT AUTHORITY/SYSTEM) are also included + * in the audit log. Another common value for the UserId property is app@sharepoint. It indicates that the 'user' who + * performed the activity was an application with the necessary permissions in SharePoint to perform organization-wide + * actions (such as searching a SharePoint site or OneDrive account) on behalf of a user, admin, or service. + */ + userId?: NullableOption; + // UPN of the user who performed the action. + userPrincipalName?: NullableOption; + /** + * The type of user that performed the operation. The possible values are: regular, reserved, admin, dcAdmin, system, + * application, servicePrincipal, customPolicy, systemPolicy, partnerTechnician, guest, unknownFutureValue. + */ + userType?: NullableOption; + } // tslint:disable-next-line: no-empty-interface interface AuthorityTemplate extends FilePlanDescriptorTemplate {} interface Case extends microsoftgraph.Entity { @@ -35490,9 +36683,16 @@ export namespace SecurityNamespace { citationUrl?: NullableOption; } interface DataSet extends microsoftgraph.Entity { + // The user who created the data set. Read-only. createdBy?: NullableOption; + /** + * The date and time when the review set was created. The timestamp type represents date and time information using ISO + * 8601 format and is always in UTC. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z. Read-only. + */ createdDateTime?: NullableOption; + // The description of the data set. description?: NullableOption; + // The name of the data set. The name is unique with a maximum limit of 64 characters. displayName?: NullableOption; } interface DataSource extends microsoftgraph.Entity { @@ -35530,6 +36730,10 @@ export namespace SecurityNamespace { stageNumber?: string; } interface EdiscoveryAddToReviewSetOperation extends CaseOperation { + additionalDataOptions?: NullableOption; + cloudAttachmentVersion?: NullableOption; + documentVersion?: NullableOption; + itemsToInclude?: NullableOption; // eDiscovery review set to which items matching source collection query gets added. reviewSet?: NullableOption; // eDiscovery search that gets added to review set. @@ -35591,6 +36795,7 @@ export namespace SecurityNamespace { mailboxCount?: NullableOption; // The number of mailboxes that had search hits. siteCount?: NullableOption; + statisticsOptions?: NullableOption; // The estimated count of unindexed items for the collection. unindexedItemCount?: NullableOption; // The estimated size of unindexed items for the collection. @@ -35672,10 +36877,12 @@ export namespace SecurityNamespace { * cloudAttachments, allDocumentVersions, subfolderContents, listAttachments, unknownFutureValue. */ additionalOptions?: NullableOption; + cloudAttachmentVersion?: NullableOption; // The description of the export by the user. description?: NullableOption; // The name of export provided by the user. displayName?: NullableOption; + documentVersion?: NullableOption; // Items to be included in the export. The possible values are: searchHits, partiallyIndexed, unknownFutureValue. exportCriteria?: NullableOption; // Contains the properties for an export file metadata, including downloadUrl, fileName, and size. @@ -36552,6 +37759,28 @@ export namespace SecurityNamespace { // The collection of historical records associated to this WHOIS object. history?: NullableOption; } +// tslint:disable-next-line: no-empty-interface + interface AadRiskDetectionAuditRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface AedAuditRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface AiAppInteractionAuditRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface AipFileDeleted extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface AipHeartBeat extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface AipProtectionActionLogRequest extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface AipScannerDiscoverEvent extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface AipSensitivityLabelActionLogRequest extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface AirAdminActionInvestigationData extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface AirInvestigationData extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface AirManualInvestigationData extends AuditData {} interface AlertComment { // The comment text. comment?: NullableOption; @@ -36645,6 +37874,12 @@ export namespace SecurityNamespace { // Uniform resource name (URN) of the automated investigation where the cluster was identified. urn?: NullableOption; } +// tslint:disable-next-line: no-empty-interface + interface AttackSimAdminAuditRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface AuditData {} +// tslint:disable-next-line: no-empty-interface + interface AuditSearchAuditRecord extends AuditData {} interface AutonomousSystem { // The name of the autonomous system. name?: string; @@ -36655,6 +37890,14 @@ export namespace SecurityNamespace { // A displayable value for these autonomous system details. value?: string; } +// tslint:disable-next-line: no-empty-interface + interface AzureActiveDirectoryAccountLogonAuditRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface AzureActiveDirectoryAuditRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface AzureActiveDirectoryBaseAuditRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface AzureActiveDirectoryStsLogonAuditRecord extends AuditData {} interface AzureResourceEvidence extends AlertEvidence { // The unique identifier for the Azure resource. resourceId?: NullableOption; @@ -36683,6 +37926,32 @@ export namespace SecurityNamespace { // The full URL representation of the blob. url?: NullableOption; } +// tslint:disable-next-line: no-empty-interface + interface CampaignAuditRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface CaseAuditRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface CaseInvestigation extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface CdpColdCrawlStatusRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface CdpContentExplorerAggregateRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface CdpDlpSensitiveAuditRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface CdpDlpSensitiveEndpointAuditRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface CdpLogRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface CdpOcrBillingRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface CdpResourceScopeChangeEventRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface CernerSMSLinkRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface CernerSMSSettingsUpdateRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface CernerSMSUnlinkRecord extends AuditData {} interface CloudApplicationEvidence extends AlertEvidence { // Unique identifier of the application. appId?: NullableOption; @@ -36720,6 +37989,48 @@ export namespace SecurityNamespace { // The user agent that is used for the sign-in, if known. userAgent?: NullableOption; } +// tslint:disable-next-line: no-empty-interface + interface ComplianceConnectorAuditRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface ComplianceDLMExchangeAuditRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface ComplianceDLMSharePointAuditRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface ComplianceDlpApplicationsAuditRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface ComplianceDlpApplicationsClassificationAuditRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface ComplianceDlpBaseAuditRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface ComplianceDlpClassificationBaseAuditRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface ComplianceDlpClassificationBaseCdpRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface ComplianceDlpEndpointAuditRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface ComplianceDlpEndpointDiscoveryAuditRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface ComplianceDlpExchangeAuditRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface ComplianceDlpExchangeClassificationAuditRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface ComplianceDlpExchangeClassificationCdpRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface ComplianceDlpExchangeDiscoveryAuditRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface ComplianceDlpSharePointAuditRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface ComplianceDlpSharePointClassificationAuditRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface ComplianceDlpSharePointClassificationExtendedAuditRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface ComplianceManagerActionRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface ComplianceSupervisionBaseAuditRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface ComplianceSupervisionExchangeAuditRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface ConsumptionResourceAuditRecord extends AuditData {} interface ContainerEvidence extends AlertEvidence { // The list of arguments. args?: NullableOption; @@ -36748,6 +38059,22 @@ export namespace SecurityNamespace { // The registry URI. registry?: NullableOption; } +// tslint:disable-next-line: no-empty-interface + interface CopilotInteractionAuditRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface CoreReportingSettingsAuditRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface CortanaBriefingAuditRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface CpsCommonPolicyAuditRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface CpsPolicyConfigAuditRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface CrmBaseAuditRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface CrmEntityOperationAuditRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface CustomerKeyServiceEncryptionAuditRecord extends AuditData {} interface CvssSummary { // The CVSS score about this vulnerability. score?: number; @@ -36759,6 +38086,24 @@ export namespace SecurityNamespace { // The CVSS vector string for this vulnerability. vectorString?: NullableOption; } +// tslint:disable-next-line: no-empty-interface + interface DataCenterSecurityBaseAuditRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface DataCenterSecurityCmdletAuditRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface DataGovernanceAuditRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface DataInsightsRestApiAuditRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface DataLakeExportOperationAuditRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface DataShareOperationAuditRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface DefaultAuditData extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface DefenderSecurityAlertBaseRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface DeleteCertificateRecord extends AuditData {} interface DeploymentAccessKeyType { // The deployment access key. deploymentAccessKey?: string; @@ -36819,14 +38164,28 @@ export namespace SecurityNamespace { } // tslint:disable-next-line: no-empty-interface interface Dictionary {} +// tslint:disable-next-line: no-empty-interface + interface DisableConsentRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface DiscoveryAuditRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface DlpEndpointAuditRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface DlpSensitiveInformationTypeCmdletRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface DlpSensitiveInformationTypeRulePackageCmdletRecord extends AuditData {} interface DnsEvidence extends AlertEvidence { dnsServerIp?: NullableOption; domainName?: NullableOption; hostIpAddress?: NullableOption; ipAddresses?: NullableOption; } +// tslint:disable-next-line: no-empty-interface + interface DownloadCertificateRecord extends AuditData {} // tslint:disable-next-line: no-empty-interface interface DynamicColumnValue {} +// tslint:disable-next-line: no-empty-interface + interface Dynamics365BusinessCentralAuditRecord extends AuditData {} interface EmailSender { // The name of the sender. displayName?: NullableOption; @@ -36835,6 +38194,14 @@ export namespace SecurityNamespace { // Sender email address. emailAddress?: NullableOption; } +// tslint:disable-next-line: no-empty-interface + interface EnableConsentRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface EpicSMSLinkRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface EpicSMSSettingsUpdateRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface EpicSMSUnlinkRecord extends AuditData {} interface EventPropagationResult { // The name of the specific location in the workload associated with the event. location?: NullableOption; @@ -36860,11 +38227,31 @@ export namespace SecurityNamespace { */ queryType?: NullableOption; } +// tslint:disable-next-line: no-empty-interface + interface ExchangeAdminAuditRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface ExchangeAggregatedMailboxAuditRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface ExchangeAggregatedOperationRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface ExchangeMailboxAuditBaseRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface ExchangeMailboxAuditGroupRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface ExchangeMailboxAuditRecord extends AuditData {} interface ExportFileMetadata { downloadUrl?: NullableOption; fileName?: NullableOption; size?: NullableOption; } +// tslint:disable-next-line: no-empty-interface + interface FhirBaseUrlAddRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface FhirBaseUrlApproveRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface FhirBaseUrlDeleteRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface FhirBaseUrlUpdateRecord extends AuditData {} interface FileDetails { // The name of the file. fileName?: NullableOption; @@ -36979,6 +38366,10 @@ export namespace SecurityNamespace { // The type of the resource. resourceType?: NullableOption; } +// tslint:disable-next-line: no-empty-interface + interface HealthcareSignalRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface HostedRpaAuditRecord extends AuditData {} interface HostLogonSessionEvidence extends AlertEvidence { account?: NullableOption; endUtcDateTime?: NullableOption; @@ -37054,6 +38445,8 @@ export namespace SecurityNamespace { // The port number. port?: NullableOption; } +// tslint:disable-next-line: no-empty-interface + interface HrSignalAuditRecord extends AuditData {} interface HuntingQueryResults { // The results of the hunting query. results?: NullableOption; @@ -37062,12 +38455,22 @@ export namespace SecurityNamespace { } // tslint:disable-next-line: no-empty-interface interface HuntingRowResult {} +// tslint:disable-next-line: no-empty-interface + interface HygieneEventRecord extends AuditData {} interface Hyperlink { // The name for this hyperlink. name?: string; // The URL for this hyperlink. url?: string; } +// tslint:disable-next-line: interface-name no-empty-interface + interface InformationBarrierPolicyApplicationAuditRecord extends AuditData {} +// tslint:disable-next-line: interface-name no-empty-interface + interface InformationWorkerProtectionAuditRecord extends AuditData {} +// tslint:disable-next-line: interface-name no-empty-interface + interface InsiderRiskScopedUserInsightsRecord extends AuditData {} +// tslint:disable-next-line: interface-name no-empty-interface + interface InsiderRiskScopedUsersRecord extends AuditData {} // tslint:disable-next-line: interface-name interface IntelligenceProfileCountryOrRegionOfOrigin { // A codified representation for this country/region of origin. @@ -37139,6 +38542,12 @@ export namespace SecurityNamespace { location?: NullableOption; stream?: NullableOption; } +// tslint:disable-next-line: interface-name no-empty-interface + interface IrmSecurityAlertRecord extends AuditData {} +// tslint:disable-next-line: interface-name no-empty-interface + interface IrmUserDefinedDetectionRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface KaizalaAuditRecord extends AuditData {} interface KubernetesClusterEvidence extends AlertEvidence { /** * The cloud identifier of the cluster. Can be either an amazonResourceEvidence, azureResourceEvidence, or @@ -37245,12 +38654,22 @@ export namespace SecurityNamespace { */ targetPort?: NullableOption; } +// tslint:disable-next-line: no-empty-interface + interface LabelAnalyticsAggregateAuditRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface LabelContentExplorerAuditRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface LargeContentMetadataAuditRecord extends AuditData {} interface LoggedOnUser { // User account name of the logged-on user. accountName?: NullableOption; // User account domain of the logged-on user. domainName?: NullableOption; } +// tslint:disable-next-line: no-empty-interface + interface M365ComplianceConnectorAuditRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface M365DAADAuditRecord extends AuditData {} interface MailboxConfigurationEvidence extends AlertEvidence { configurationId?: NullableOption; configurationType?: NullableOption; @@ -37283,12 +38702,126 @@ export namespace SecurityNamespace { // Uniform resource name (URN) of the automated investigation where the cluster was identified. urn?: NullableOption; } +// tslint:disable-next-line: no-empty-interface + interface MailSubmissionData extends AuditData {} interface MalwareEvidence extends AlertEvidence { category?: NullableOption; files?: NullableOption; name?: NullableOption; processes?: NullableOption; } +// tslint:disable-next-line: no-empty-interface + interface ManagedServicesAuditRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface ManagedTenantsAuditRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface MapgAlertsAuditRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface MapgOnboardAuditRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface MapgPolicyAuditRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface McasAlertsAuditRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface MdaDataSecuritySignalRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface MdatpAuditRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface MdcEventsRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface MdiAuditRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface MeshWorldsAuditRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface Microsoft365BackupBackupItemAuditRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface Microsoft365BackupBackupPolicyAuditRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface Microsoft365BackupRestoreItemAuditRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface Microsoft365BackupRestoreTaskAuditRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface MicrosoftDefenderExpertsBaseAuditRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface MicrosoftDefenderExpertsXDRAuditRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface MicrosoftFlowAuditRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface MicrosoftFormsAuditRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface MicrosoftGraphDataConnectConsent extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface MicrosoftGraphDataConnectOperation extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface MicrosoftPurviewDataMapOperationRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface MicrosoftPurviewMetadataPolicyOperationRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface MicrosoftPurviewPolicyOperationRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface MicrosoftPurviewPrivacyAuditEvent extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface MicrosoftStreamAuditRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface MicrosoftTeamsAdminAuditRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface MicrosoftTeamsAnalyticsAuditRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface MicrosoftTeamsAuditRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface MicrosoftTeamsDeviceAuditRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface MicrosoftTeamsRetentionLabelActionAuditRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface MicrosoftTeamsSensitivityLabelActionAuditRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface MicrosoftTeamsShiftsAuditRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface MipAutoLabelExchangeItemAuditRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface MipAutoLabelItemAuditRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface MipAutoLabelPolicyAuditRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface MipAutoLabelProgressFeedbackAuditRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface MipAutoLabelSharePointItemAuditRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface MipAutoLabelSharePointPolicyLocationAuditRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface MipAutoLabelSimulationSharePointCompletionRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface MipAutoLabelSimulationSharePointProgressRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface MipAutoLabelSimulationStatisticsRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface MipAutoLabelSimulationStatusRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface MipExactDataMatchAuditRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface MipLabelAnalyticsAuditRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface MipLabelAuditRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface MS365DCustomDetectionAuditRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface MS365DIncidentAuditRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface MS365DSuppressionRuleAuditRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface MsdeGeneralSettingsAuditRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface MsdeIndicatorsSettingsAuditRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface MsdeResponseActionsAuditRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface MsdeRolesSettingsAuditRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface MsticNationStateNotificationRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface MultiStageDispositionAuditRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface MyAnalyticsSettingsAuditRecord extends AuditData {} interface NetworkConnectionEvidence extends AlertEvidence { destinationAddress?: NullableOption; destinationPort?: NullableOption; @@ -37325,6 +38858,80 @@ export namespace SecurityNamespace { */ timeout?: NullableOption; } +// tslint:disable-next-line: no-empty-interface + interface OfficeNativeAuditRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface OmePortalAuditRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface OneDriveAuditRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface OnPremisesFileShareScannerDlpAuditRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface OnPremisesScannerDlpAuditRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface OnPremisesSharePointScannerDlpAuditRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface OwaGetAccessTokenForResourceAuditRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface PeopleAdminSettingsAuditRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface PhysicalBadgingSignalAuditRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface PlannerCopyPlanAuditRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface PlannerPlanAuditRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface PlannerPlanListAuditRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface PlannerRosterAuditRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface PlannerRosterSensitivityLabelAuditRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface PlannerTaskAuditRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface PlannerTaskListAuditRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface PlannerTenantSettingsAuditRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface PowerAppsAuditAppRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface PowerAppsAuditPlanRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface PowerAppsAuditResourceRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface PowerBiAuditRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface PowerBiDlpAuditRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface PowerPagesSiteAuditRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface PowerPlatformAdminDlpAuditRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface PowerPlatformAdminEnvironmentAuditRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface PowerPlatformAdministratorActivityRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface PowerPlatformLockboxResourceAccessRequestAuditRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface PowerPlatformLockboxResourceCommandAuditRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface PowerPlatformServiceActivityAuditRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface PrivacyDataMatchAuditRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface PrivacyDataMinimizationRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface PrivacyDigestEmailRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface PrivacyOpenAccessAuditRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface PrivacyPortalAuditRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface PrivacyRemediationActionRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface PrivacyRemediationRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface PrivacyTenantAuditHistoryRecord extends AuditData {} interface ProcessEvidence extends AlertEvidence { // The status of the detection.The possible values are: detected, blocked, prevented, unknownFutureValue. detectionStatus?: NullableOption; @@ -37353,6 +38960,32 @@ export namespace SecurityNamespace { // User details of the user that ran the process. userAccount?: NullableOption; } +// tslint:disable-next-line: no-empty-interface + interface ProjectAuditRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface ProjectForTheWebAssignedToMeSettingsAuditRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface ProjectForTheWebProjectAuditRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface ProjectForTheWebProjectSettingsAuditRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface ProjectForTheWebRoadmapAuditRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface ProjectForTheWebRoadmapItemAuditRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface ProjectForTheWebRoadmapSettingsAuditRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface ProjectForTheWebTaskAuditRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface PublicFolderAuditRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface PurviewInsiderRiskAlertsRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface PurviewInsiderRiskCasesRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface QuarantineAuditRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface RecordsManagementAuditRecord extends AuditData {} interface RedundancyDetectionSettings { // Indicates whether email threading and near duplicate detection are enabled. isEnabled?: NullableOption; @@ -37406,6 +39039,8 @@ export namespace SecurityNamespace { // The status of the distribution. The possible values are: pending, error, success, notAvaliable. status?: NullableOption; } +// tslint:disable-next-line: no-empty-interface + interface RetentionPolicyAuditRecord extends AuditData {} interface SasTokenEvidence extends AlertEvidence { allowedIpAddresses?: NullableOption; allowedResourceTypes?: NullableOption; @@ -37418,6 +39053,24 @@ export namespace SecurityNamespace { startDateTime?: NullableOption; storageResource?: NullableOption; } +// tslint:disable-next-line: no-empty-interface + interface ScoreEvidence extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface ScorePlatformGenericAuditRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface ScriptRunAuditRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface SearchAuditRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface SecurityComplianceAlertRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface SecurityComplianceCenterEOPCmdletAuditRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface SecurityComplianceInsightsAuditRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface SecurityComplianceRBACAuditRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface SecurityComplianceUserChangeAuditRecord extends AuditData {} interface SecurityGroupEvidence extends AlertEvidence { // The name of the security group. displayName?: NullableOption; @@ -37447,12 +39100,42 @@ export namespace SecurityNamespace { servicePrincipalType?: NullableOption; tenantId?: NullableOption; } +// tslint:disable-next-line: no-empty-interface + interface SharePointAppPermissionOperationAuditRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface SharePointAuditRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface SharePointCommentOperationAuditRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface SharePointContentTypeOperationAuditRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface SharePointESignatureAuditRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface SharePointFieldOperationAuditRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface SharePointFileOperationAuditRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface SharePointListOperationAuditRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface SharePointSharingOperationAuditRecord extends AuditData {} interface SinglePropertySchema { // The name of the property. name?: NullableOption; // The type of the property. type?: NullableOption; } +// tslint:disable-next-line: no-empty-interface + interface SkypeForBusinessBaseAuditRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface SkypeForBusinessCmdletsAuditRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface SkypeForBusinessPSTNUsageAuditRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface SkypeForBusinessUsersBlockedAuditRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface SmsCreatePhoneNumberRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface SmsDeletePhoneNumberRecord extends AuditData {} interface SslCertificateEntity { // A physical address of the entity. address?: NullableOption; @@ -37489,6 +39172,14 @@ export namespace SecurityNamespace { submissionId?: NullableOption; submitter?: NullableOption; } +// tslint:disable-next-line: no-empty-interface + interface SupervisoryReviewDayXInsightsAuditRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface SyntheticProbeAuditRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface TeamsEasyApprovalsAuditRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface TeamsHealthcareAuditRecord extends AuditData {} interface TeamsMessageEvidence extends AlertEvidence { // The identifier of the campaign that this Teams message is part of. campaignId?: NullableOption; @@ -37551,6 +39242,20 @@ export namespace SecurityNamespace { // The URLs contained in this Teams message. urls?: NullableOption; } +// tslint:disable-next-line: no-empty-interface + interface TeamsUpdatesAuditRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface TenantAllowBlockListAuditRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface ThreatFinderAuditRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface ThreatIntelligenceAtpContentData extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface ThreatIntelligenceMailData extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface ThreatIntelligenceUrlClickData extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface TodoAuditRecord extends AuditData {} interface TopicModelingSettings { /** * Indicates whether the themes model should dynamically optimize the number of generated topics. To learn more, see @@ -37570,6 +39275,22 @@ export namespace SecurityNamespace { */ topicCount?: NullableOption; } +// tslint:disable-next-line: no-empty-interface + interface UamOperationAuditRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface UnifiedGroupAuditRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface UnifiedSimulationMatchedItemAuditRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface UnifiedSimulationSummaryAuditRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface UploadCertificateRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface UrbacAssignmentAuditRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface UrbacEnableStateAuditRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface UrbacRoleAuditRecord extends AuditData {} interface UrlEvidence extends AlertEvidence { // The Unique Resource Locator (URL). url?: NullableOption; @@ -37593,6 +39314,30 @@ export namespace SecurityNamespace { // The user account details. userAccount?: NullableOption; } +// tslint:disable-next-line: no-empty-interface + interface UserTrainingAuditRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface VfamBasePolicyAuditRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface VfamCreatePolicyAuditRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface VfamDeletePolicyAuditRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface VfamUpdatePolicyAuditRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface VivaGoalsAuditRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface VivaLearningAdminAuditRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface VivaLearningAuditRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface VivaPulseAdminAuditRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface VivaPulseOrganizerAuditRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface VivaPulseReportAuditRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface VivaPulseResponseAuditRecord extends AuditData {} interface VmMetadata { // The cloud provider hosting the virtual machine. The possible values are: unknown, azure, unknownFutureValue. cloudProvider?: VmCloudProvider; @@ -37603,6 +39348,8 @@ export namespace SecurityNamespace { // Unique identifier of the virtual machine instance. vmId?: NullableOption; } +// tslint:disable-next-line: no-empty-interface + interface WdatpAlertsAuditRecord extends AuditData {} interface WhoisContact { // The physical address of the entity. address?: NullableOption; @@ -37630,6 +39377,12 @@ export namespace SecurityNamespace { lastSeenDateTime?: NullableOption; host?: Host; } +// tslint:disable-next-line: no-empty-interface + interface Windows365CustomerLockboxAuditRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface WorkplaceAnalyticsAuditRecord extends AuditData {} +// tslint:disable-next-line: no-empty-interface + interface YammerAuditRecord extends AuditData {} } export namespace TermStore { type RelationType = "pin" | "reuse" | "unknownFutureValue";