New module for Security insights (Azure Sentinel) Resource Provider

[dicolanl]

Description

New module for Security Insights (Azure Sentinel) RP.

Checklist

• I have read the Submitting Changes section of CONTRIBUTING.md
• The title of the PR is clear and informative
• The appropriate ChangeLog.md file(s) has been updated:
  • For any service, the ChangeLog.md file can be found at src/{{SERVICE}}/{{SERVICE}}/ChangeLog.md
  • A snippet outlining the change(s) made in the PR should be written under the ## Upcoming Release header -- no new version header should be added
• The PR does not introduce breaking changes
• If applicable, the changes made in the PR have proper test coverage
• For public API changes to cmdlets:
  • a cmdlet design review was approved for the changes in this repository (Microsoft internal only)
    • {Please put the link here}
  • the markdown help files have been regenerated using the commands listed here

[msJinLei]

@dicolanl
Please submit a design review here firstly https://github.com/Azure/azure-powershell-cmdlet-review-pr/issues

[dicolanl]

@dicolanl
Please submit a design review here firstly https://github.com/Azure/azure-powershell-cmdlet-review-pr/issues

Done. https://github.com/Azure/azure-powershell-cmdlet-review-pr/issues/788

[wyunchi-ms]

1. Please record the test case by following the help document here.
2. Please revert the changes in other modules such as Dns, Media and tools/PS-VSPrompt.lnk.
3. Please add your module into azure-powershell-modules

[dicolanl]

@wyunchi-ms I have pushed a new commit with the changes requested.

1. new recordings
   2.Reverted those files
2. added to the documentation

[wyunchi-ms]

Please follow the StaticAnalysis exception to modify the parameter names in your code except Alerts.

  "AssemblyFileName","ClassName","Target","Severity","ProblemId","Description","Remediation"
  "D:\a\1\s\artifacts\Debug\Az.SecurityInsights\Microsoft.Azure.PowerShell.Cmdlets.SecurityInsights.dll","Microsoft.Azure.Commands.SecurityInsights.Cmdlets.Incidents.NewIncidentsOwner","New-AzSentinelIncidentOwner","1","8100","New-AzSentinelIncidentOwner Does not support ShouldProcess but the cmdlet verb New indicates that it should.","Determine if the cmdlet should implement ShouldProcess and if so determine if it should implement Force / ShouldContinue"
  "D:\a\1\s\artifacts\Debug\Az.SecurityInsights\Microsoft.Azure.PowerShell.Cmdlets.SecurityInsights.dll","Microsoft.Azure.Commands.SecurityInsights.Cmdlets.DataConnectors.NewDataConnectors","New-AzSentinelDataConnector","1","8410","Parameter Alerts of cmdlet New-AzSentinelDataConnector does not follow the enforced naming convention of using a singular noun for a parameter name.","Consider using a singular noun for the parameter name."
  "D:\a\1\s\artifacts\Debug\Az.SecurityInsights\Microsoft.Azure.PowerShell.Cmdlets.SecurityInsights.dll","Microsoft.Azure.Commands.SecurityInsights.Cmdlets.DataConnectors.NewDataConnectors","New-AzSentinelDataConnector","1","8410","Parameter Logs of cmdlet New-AzSentinelDataConnector does not follow the enforced naming convention of using a singular noun for a parameter name.","Consider using a singular noun for the parameter name."
  "D:\a\1\s\artifacts\Debug\Az.SecurityInsights\Microsoft.Azure.PowerShell.Cmdlets.SecurityInsights.dll","Microsoft.Azure.Commands.SecurityInsights.Cmdlets.DataConnectors.NewDataConnectors","New-AzSentinelDataConnector","1","8410","Parameter DiscoveryLogs of cmdlet New-AzSentinelDataConnector does not follow the enforced naming convention of using a singular noun for a parameter name.","Consider using a singular noun for the parameter name."
  "D:\a\1\s\artifacts\Debug\Az.SecurityInsights\Microsoft.Azure.PowerShell.Cmdlets.SecurityInsights.dll","Microsoft.Azure.Commands.SecurityInsights.Cmdlets.DataConnectors.NewDataConnectors","New-AzSentinelDataConnector","1","8410","Parameter Indicators of cmdlet New-AzSentinelDataConnector does not follow the enforced naming convention of using a singular noun for a parameter name.","Consider using a singular noun for the parameter name."
  "D:\a\1\s\artifacts\Debug\Az.SecurityInsights\Microsoft.Azure.PowerShell.Cmdlets.SecurityInsights.dll","Microsoft.Azure.Commands.SecurityInsights.Cmdlets.DataConnectors.UpdateDataConnectors","Update-AzSentinelDataConnector","1","8410","Parameter Alerts of cmdlet Update-AzSentinelDataConnector does not follow the enforced naming convention of using a singular noun for a parameter name.","Consider using a singular noun for the parameter name."
  "D:\a\1\s\artifacts\Debug\Az.SecurityInsights\Microsoft.Azure.PowerShell.Cmdlets.SecurityInsights.dll","Microsoft.Azure.Commands.SecurityInsights.Cmdlets.DataConnectors.UpdateDataConnectors","Update-AzSentinelDataConnector","1","8410","Parameter Logs of cmdlet Update-AzSentinelDataConnector does not follow the enforced naming convention of using a singular noun for a parameter name.","Consider using a singular noun for the parameter name."
  "D:\a\1\s\artifacts\Debug\Az.SecurityInsights\Microsoft.Azure.PowerShell.Cmdlets.SecurityInsights.dll","Microsoft.Azure.Commands.SecurityInsights.Cmdlets.DataConnectors.UpdateDataConnectors","Update-AzSentinelDataConnector","1","8410","Parameter DiscoveryLogs of cmdlet Update-AzSentinelDataConnector does not follow the enforced naming convention of using a singular noun for a parameter name.","Consider using a singular noun for the parameter name."
  "D:\a\1\s\artifacts\Debug\Az.SecurityInsights\Microsoft.Azure.PowerShell.Cmdlets.SecurityInsights.dll","Microsoft.Azure.Commands.SecurityInsights.Cmdlets.DataConnectors.UpdateDataConnectors","Update-AzSentinelDataConnector","1","8410","Parameter Indicators of cmdlet Update-AzSentinelDataConnector does not follow the enforced naming convention of using a singular noun for a parameter name.","Consider using a singular noun for the parameter name."
  "D:\a\1\s\artifacts\Debug\Az.SecurityInsights\Microsoft.Azure.PowerShell.Cmdlets.SecurityInsights.dll","Microsoft.Azure.Commands.SecurityInsights.Cmdlets.Bookmarks.NewBookmarks","New-AzSentinelBookmark","1","8410","Parameter Notes of cmdlet New-AzSentinelBookmark does not follow the enforced naming convention of using a singular noun for a parameter name.","Consider using a singular noun for the parameter name."
  "D:\a\1\s\artifacts\Debug\Az.SecurityInsights\Microsoft.Azure.PowerShell.Cmdlets.SecurityInsights.dll","Microsoft.Azure.Commands.SecurityInsights.Cmdlets.Bookmarks.UpdateBoomarks","Update-AzSentinelBookmark","1","8410","Parameter Notes of cmdlet Update-AzSentinelBookmark does not follow the enforced naming convention of using a singular noun for a parameter name.","Consider using a singular noun for the parameter name."
  "D:\a\1\s\artifacts\Debug\Az.SecurityInsights\Microsoft.Azure.PowerShell.Cmdlets.SecurityInsights.dll","Microsoft.Azure.Commands.SecurityInsights.Cmdlets.AlertRules.NewAlertRules","New-AzSentinelAlertRule","1","8410","Parameter Tactics of cmdlet New-AzSentinelAlertRule does not follow the enforced naming convention of using a singular noun for a parameter name.","Consider using a singular noun for the parameter name."
  "D:\a\1\s\artifacts\Debug\Az.SecurityInsights\Microsoft.Azure.PowerShell.Cmdlets.SecurityInsights.dll","Microsoft.Azure.Commands.SecurityInsights.Cmdlets.Actions.UpdateAlertRules","Update-AzSentinelAlertRule","1","8410","Parameter Tactics of cmdlet Update-AzSentinelAlertRule does not follow the enforced naming convention of using a singular noun for a parameter name.","Consider using a singular noun for the parameter name."
  

[wyunchi-ms]

1. Please revert the changes in other modules such as Dns, Media and tools/PS-VSPrompt.lnk.
2. Is AlertRuleId and BookmarkId these are random generated? It seems that these id are regenerated when we run test cases. So the test framework cannot find the right http record by using url. There are two ways to fix this
   1. Is there any way you can pass a fixed id into cmdlet when create a new AlertRule or other new cmdlet?
   2. Or you can implement a HTTPMockServer.Matcher here is an example.

[dicolanl]

@wyunchi-ms
I updated module per static analysis, except for *-AzSentinelDataConnector. Like Alerts, the other parameters should have exceptions for plural. Logs, DiscoveryLogs, Indicators. How do i add them to the exception list?

1. actually fixed those files this time
2. updated tests to use static guids.

[wyunchi-ms]

/azp run

[azure-pipelines]

Azure Pipelines successfully started running 3 pipeline(s).

[wyunchi-ms]

/azp run

[azure-pipelines]

Azure Pipelines successfully started running 3 pipeline(s).