Revert "tests....."

This reverts commit 4dddc6c.

Author: dicolanl

src/Dns/Dns.sln

@@ -1,6 +1,6 @@
 Microsoft Visual Studio Solution File, Format Version 12.00
-# Visual Studio Version 16
-VisualStudioVersion = 16.0.30709.132
+# Visual Studio 15
+VisualStudioVersion = 15.0.27703.2042
 MinimumVisualStudioVersion = 10.0.40219.1
 Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "Dns", "Dns\Dns.csproj", "{3CAE1B57-FFEC-4945-A6C5-6E5E8DEA4BA9}"
 EndProject
@@ -40,10 +40,6 @@ Global
 		{142D7B0B-388A-4CEB-A228-7F6D423C5C2E}.Debug|Any CPU.Build.0 = Debug|Any CPU
 		{142D7B0B-388A-4CEB-A228-7F6D423C5C2E}.Release|Any CPU.ActiveCfg = Release|Any CPU
 		{142D7B0B-388A-4CEB-A228-7F6D423C5C2E}.Release|Any CPU.Build.0 = Release|Any CPU
-		{6BD6B80A-06AF-4B5B-9230-69CCFC6C8D64}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
-		{6BD6B80A-06AF-4B5B-9230-69CCFC6C8D64}.Debug|Any CPU.Build.0 = Debug|Any CPU
-		{6BD6B80A-06AF-4B5B-9230-69CCFC6C8D64}.Release|Any CPU.ActiveCfg = Release|Any CPU
-		{6BD6B80A-06AF-4B5B-9230-69CCFC6C8D64}.Release|Any CPU.Build.0 = Release|Any CPU
 		{98CFD96B-A6BC-4F15-AE2C-603FC2B58981}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
 		{98CFD96B-A6BC-4F15-AE2C-603FC2B58981}.Debug|Any CPU.Build.0 = Debug|Any CPU
 		{98CFD96B-A6BC-4F15-AE2C-603FC2B58981}.Release|Any CPU.ActiveCfg = Release|Any CPU

src/Media/Media.sln

@@ -1,6 +1,7 @@
+
 Microsoft Visual Studio Solution File, Format Version 12.00
-# Visual Studio Version 16
-VisualStudioVersion = 16.0.30709.132
+# Visual Studio 15
+VisualStudioVersion = 15.0.27703.2042
 MinimumVisualStudioVersion = 10.0.40219.1
 Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "Media", "Media\Media.csproj", "{A505E64B-6AA8-43AC-90E7-22A94FD38A0F}"
 EndProject
@@ -38,10 +39,6 @@ Global
 		{142D7B0B-388A-4CEB-A228-7F6D423C5C2E}.Debug|Any CPU.Build.0 = Debug|Any CPU
 		{142D7B0B-388A-4CEB-A228-7F6D423C5C2E}.Release|Any CPU.ActiveCfg = Release|Any CPU
 		{142D7B0B-388A-4CEB-A228-7F6D423C5C2E}.Release|Any CPU.Build.0 = Release|Any CPU
-		{6BD6B80A-06AF-4B5B-9230-69CCFC6C8D64}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
-		{6BD6B80A-06AF-4B5B-9230-69CCFC6C8D64}.Debug|Any CPU.Build.0 = Debug|Any CPU
-		{6BD6B80A-06AF-4B5B-9230-69CCFC6C8D64}.Release|Any CPU.ActiveCfg = Release|Any CPU
-		{6BD6B80A-06AF-4B5B-9230-69CCFC6C8D64}.Release|Any CPU.Build.0 = Release|Any CPU
 		{FF81DC73-B8EC-4082-8841-4FBF2B16E7CE}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
 		{FF81DC73-B8EC-4082-8841-4FBF2B16E7CE}.Debug|Any CPU.Build.0 = Debug|Any CPU
 		{FF81DC73-B8EC-4082-8841-4FBF2B16E7CE}.Release|Any CPU.ActiveCfg = Release|Any CPU

src/SecurityInsights/SecurityInsights.Test/ScenarioTests/ActionsTests.cs renamed to src/SecurityInsights/SecurityInsights.Test/ScenarioTests/Actions/ActionsTests.cs

@@ -16,20 +16,18 @@
 .SYNOPSIS
 List Actions by Alert Rule
 #>
-function Get-AzSentinelAlertRuleAction-ListByAlertRule
+function Get-AzSentineAlertRulelAction-ListByAlertRule
 {
 
 	$LogicAppResourceId = "/subscriptions/1c61ccbf-70b3-45a3-a1fb-848ce46d70a6/resourceGroups/ndicola-azsposh/providers/Microsoft.Logic/workflows/Block-AADUser"
-	$TriggerUri = Get-AzLogicAppTriggerCallbackUrl -ResourceGroupName (Get-TestResourceGroupName) -Name "Block-AADUser" -TriggerName "When_a_response_to_an_Azure_Sentinel_alert_is_triggered"
 	$LogicAppResourceId2 = "/subscriptions/1c61ccbf-70b3-45a3-a1fb-848ce46d70a6/resourceGroups/ndicola-azsposh/providers/Microsoft.Logic/workflows/Get-MDATPInvestigationPackage"
-	$TriggerUri2 = Get-AzLogicAppTriggerCallbackUrl -ResourceGroupName (Get-TestResourceGroupName) -Name "Get-MDATPInvestigationPackage" -TriggerName "When_a_response_to_an_Azure_Sentinel_alert_is_triggered"
 
 	#Create Alert Rule
-	$alertRule = New-AzSentinelAlertRule -ResourceGroupName (Get-TestResourceGroupName) -WorkspaceName (Get-TestWorkspaceName) -Kind Scheduled -Enabled $true -DisplayName "PoshModuleTest" -SuppressionDuration (New-TimeSpan -Hours 5) -SuppressionEnabled $false -Severity Low -Query "SecurityAlert | take 1" -QueryFrequency (New-TimeSpan -Hours 5) -QueryPeriod (New-TimeSpan -Hours 5) -TriggerThreshold 10
+	$alertRule = New-AzSentinelAlertRule -ResourceGroupName (Get-TestResourceGroupName) -WorkspaceName (Get-TestWorkspaceName) -Type Scheduled -Enabled $true -DisplayName "PoshModuleTest" -SuprressionDuration "PT5H" -SuprressionEnabled $false
 	#Create Alert Rule Action
-	$action = New-AzSentinelAlertRuleAction -ResourceGroupName (Get-TestResourceGroupName) -WorkspaceName (Get-TestWorkspaceName) -AlertRuleId ($alertRule.Name) -LogicAppResourceId $LogicAppResourceId -TriggerUri ($TriggerUri.value)
+	$action = New-AzSentinelAlertRuleAction -ResourceGroupName (Get-TestResourceGroupName) -WorkspaceName (Get-TestWorkspaceName) -LogicAppResourceId $LogicAppResourceId
 	#Create Alert Rule Action
-	$action2 = New-AzSentinelAlertRuleAction -ResourceGroupName (Get-TestResourceGroupName) -WorkspaceName (Get-TestWorkspaceName) -AlertRuleId ($alertRule.Name) -LogicAppResourceId $LogicAppResourceId2 -TriggerUri ($TriggerUri2.value)
+	$action2 = New-AzSentinelAlertRuleAction -ResourceGroupName (Get-TestResourceGroupName) -WorkspaceName (Get-TestWorkspaceName) -LogicAppResourceId $LogicAppResourceId2
 
 	#Get Alert Rule Actions
     $actions = Get-AzSentinelAlertRuleAction -ResourceGroupName (Get-TestResourceGroupName) -WorkspaceName (Get-TestWorkspaceName) -AlertRuleId ($alertRule.Name)
@@ -48,12 +46,11 @@ function Get-AzSentinelAlertRuleAction-GetAction
 {
 
 	$LogicAppResourceId = "/subscriptions/1c61ccbf-70b3-45a3-a1fb-848ce46d70a6/resourceGroups/ndicola-azsposh/providers/Microsoft.Logic/workflows/Block-AADUser"
-	$TriggerUri = Get-AzLogicAppTriggerCallbackUrl -ResourceGroupName (Get-TestResourceGroupName) -Name "Block-AADUser" -TriggerName "When_a_response_to_an_Azure_Sentinel_alert_is_triggered"
 
 	#Create Alert Rule
-	$alertRule = New-AzSentinelAlertRule -ResourceGroupName (Get-TestResourceGroupName) -WorkspaceName (Get-TestWorkspaceName) -Kind Scheduled -Enabled $true -DisplayName "PoshModuleTest" -SuppressionDuration (New-TimeSpan -Hours 5) -SuppressionEnabled $false -Severity Low -Query "SecurityAlert | take 1" -QueryFrequency (New-TimeSpan -Hours 5) -QueryPeriod (New-TimeSpan -Hours 5) -TriggerThreshold 10
+	$alertRule = New-AzSentinelAlertRule -ResourceGroupName (Get-TestResourceGroupName) -WorkspaceName (Get-TestWorkspaceName) -Type Scheduled -Enabled $true -DisplayName "PoshModuleTest" -SuprressionDuration "PT5H" -SuprressionEnabled $false
 	#Create Alert Rule Action
-	$action = New-AzSentinelAlertRuleAction -ResourceGroupName (Get-TestResourceGroupName) -WorkspaceName (Get-TestWorkspaceName) -AlertRuleId ($alertRule.Name) -LogicAppResourceId $LogicAppResourceId -TriggerUri ($TriggerUri.value)
+	$action = New-AzSentinelAlertRuleAction -ResourceGroupName (Get-TestResourceGroupName) -WorkspaceName (Get-TestWorkspaceName) -LogicAppResourceId $LogicAppResourceId
 
 	#Get Alert Rule Action
     $action = Get-AzSentinelAlertRuleAction -ResourceGroupName (Get-TestResourceGroupName) -WorkspaceName (Get-TestWorkspaceName) -AlertRuleId ($alertRule.Name) -ActionId ($action.Name)
@@ -71,12 +68,11 @@ Create Action
 function New-AzSentinelAlertRuleAction-Create
 {
     $LogicAppResourceId = "/subscriptions/1c61ccbf-70b3-45a3-a1fb-848ce46d70a6/resourceGroups/ndicola-azsposh/providers/Microsoft.Logic/workflows/Block-AADUser"
-	$TriggerUri = Get-AzLogicAppTriggerCallbackUrl -ResourceGroupName (Get-TestResourceGroupName) -Name "Block-AADUser" -TriggerName "When_a_response_to_an_Azure_Sentinel_alert_is_triggered"
 
 	#Create Alert Rule
-	$alertRule = New-AzSentinelAlertRule -ResourceGroupName (Get-TestResourceGroupName) -WorkspaceName (Get-TestWorkspaceName) -Kind Scheduled -Enabled $true -DisplayName "PoshModuleTest" -SuppressionDuration (New-TimeSpan -Hours 5) -SuppressionEnabled $false -Severity Low -Query "SecurityAlert | take 1" -QueryFrequency (New-TimeSpan -Hours 5) -QueryPeriod (New-TimeSpan -Hours 5) -TriggerThreshold 10
+	$alertRule = New-AzSentinelAlertRule -ResourceGroupName (Get-TestResourceGroupName) -WorkspaceName (Get-TestWorkspaceName) -Type Scheduled -Enabled $true -DisplayName "PoshModuleTest" -SuprressionDuration "PT5H" -SuprressionEnabled $false
 	#Create Alert Rule Action
-	$action = New-AzSentinelAlertRuleAction -ResourceGroupName (Get-TestResourceGroupName) -WorkspaceName (Get-TestWorkspaceName) -AlertRuleId ($alertRule.Name) -LogicAppResourceId $LogicAppResourceId -TriggerUri ($TriggerUri.value)
+	$action = New-AzSentinelAlertRuleAction -ResourceGroupName (Get-TestResourceGroupName) -WorkspaceName (Get-TestWorkspaceName) -LogicAppResourceId $LogicAppResourceId
 
 	#Validate
 	Validate-Action $action
@@ -92,17 +88,15 @@ Update Action
 function Set-AzSentinelAlertRuleAction-Update
 {
 	$LogicAppResourceId = "/subscriptions/1c61ccbf-70b3-45a3-a1fb-848ce46d70a6/resourceGroups/ndicola-azsposh/providers/Microsoft.Logic/workflows/Block-AADUser"
-	$TriggerUri = Get-AzLogicAppTriggerCallbackUrl -ResourceGroupName (Get-TestResourceGroupName) -Name "Block-AADUser" -TriggerName "When_a_response_to_an_Azure_Sentinel_alert_is_triggered"
 	$LogicAppResourceId2 = "/subscriptions/1c61ccbf-70b3-45a3-a1fb-848ce46d70a6/resourceGroups/ndicola-azsposh/providers/Microsoft.Logic/workflows/Get-MDATPInvestigationPackage"
-	$TriggerUri2 = Get-AzLogicAppTriggerCallbackUrl -ResourceGroupName (Get-TestResourceGroupName) -Name "Get-MDATPInvestigationPackage" -TriggerName "When_a_response_to_an_Azure_Sentinel_alert_is_triggered"
 
 	#Create Alert Rule
-	$alertRule = New-AzSentinelAlertRule -ResourceGroupName (Get-TestResourceGroupName) -WorkspaceName (Get-TestWorkspaceName) -Kind Scheduled -Enabled $true -DisplayName "PoshModuleTest" -SuppressionDuration (New-TimeSpan -Hours 5) -SuppressionEnabled $false -Severity Low -Query "SecurityAlert | take 1" -QueryFrequency (New-TimeSpan -Hours 5) -QueryPeriod (New-TimeSpan -Hours 5) -TriggerThreshold 10
+	$alertRule = New-AzSentinelAlertRule -ResourceGroupName (Get-TestResourceGroupName) -WorkspaceName (Get-TestWorkspaceName) -Type Scheduled -Enabled $true -DisplayName "PoshModuleTest" -SuprressionDuration "PT5H" -SuprressionEnabled $false
 	#Create Alert Rule Action
-	$action = New-AzSentinelAlertRuleAction -ResourceGroupName (Get-TestResourceGroupName) -WorkspaceName (Get-TestWorkspaceName) -AlertRuleId ($alertRule.Name) -LogicAppResourceId $LogicAppResourceId -TriggerUri ($TriggerUri.value)
+	$action = New-AzSentinelAlertRuleAction -ResourceGroupName (Get-TestResourceGroupName) -WorkspaceName (Get-TestWorkspaceName) -LogicAppResourceId $LogicAppResourceId
 
 	#update action
-	$action = Set=AzSentinelAlertRuleAction -ResourceGroupName (Get-TestResourceGroupName) -WorkspaceName (Get-TestWorkspaceName) -AlertRuleId ($alertRule.Name) -LogicAppResourceId $LogicAppResourceId2 -TriggerUri ($TriggerUri2.value)
+	$action = Set=AzSentinelAlertRuleAction -ResourceGroupName (Get-TestResourceGroupName) -WorkspaceName (Get-TestWorkspaceName) -LogicAppResourceId $LogicAppResourceId2
 
 	# Validate
 	Validate-Action $action
@@ -118,13 +112,11 @@ Delete Action
 function Remove-AzSentinelAlertRuleAction-Delete
 {
 	$LogicAppResourceId = "/subscriptions/1c61ccbf-70b3-45a3-a1fb-848ce46d70a6/resourceGroups/ndicola-azsposh/providers/Microsoft.Logic/workflows/Block-AADUser"
-	$TriggerUri = Get-AzLogicAppTriggerCallbackUrl -ResourceGroupName (Get-TestResourceGroupName) -Name "Block-AADUser" -TriggerName "When_a_response_to_an_Azure_Sentinel_alert_is_triggered"
 
 	#Create Alert Rule
-	$alertRule = New-AzSentinelAlertRule -ResourceGroupName (Get-TestResourceGroupName) -WorkspaceName (Get-TestWorkspaceName) -Kind Scheduled -Enabled $true -DisplayName "PoshModuleTest" -SuppressionDuration (New-TimeSpan -Hours 5) -SuppressionEnabled $false -Severity Low -Query "SecurityAlert | take 1" -QueryFrequency (New-TimeSpan -Hours 5) -QueryPeriod (New-TimeSpan -Hours 5) -TriggerThreshold 10
+	$alertRule = New-AzSentinelAlertRule -ResourceGroupName (Get-TestResourceGroupName) -WorkspaceName (Get-TestWorkspaceName) -Type Scheduled -Enabled $true -DisplayName "PoshModuleTest" -SuprressionDuration "PT5H" -SuprressionEnabled $false
 	#Create Alert Rule Action
-	$action = New-AzSentinelAlertRuleAction -ResourceGroupName (Get-TestResourceGroupName) -WorkspaceName (Get-TestWorkspaceName) -AlertRuleId ($alertRule.Name) -LogicAppResourceId $LogicAppResourceId -TriggerUri ($TriggerUri.value)
-	#delete
+	$action = New-AzSentinelAlertRuleAction -ResourceGroupName (Get-TestResourceGroupName) -WorkspaceName (Get-TestWorkspaceName) -LogicAppResourceId $LogicAppResourceId
 	Remove-AzSentinelAlertRuleAction -ResourceGroupName (Get-TestResourceGroupName) -WorkspaceName (Get-TestWorkspaceName) -ActionId ($action.Name)
 	# Validate
 	Validate-Action $action

src/SecurityInsights/SecurityInsights.Test/ScenarioTests/ActionsTests.ps1 renamed to src/SecurityInsights/SecurityInsights.Test/ScenarioTests/Actions/ActionsTests.ps1

@@ -46,7 +46,6 @@ public void RunPowerShellTest(ServiceManagement.Common.Models.XunitTracingInterc
             var mockName = sf.GetMethod().Name;
 
             _helper.TracingInterceptor = logger;
-
             var providers = new Dictionary<string, string>();
             var providersToIgnore = new Dictionary<string, string>();
             HttpMockServer.Matcher = new PermissiveRecordMatcherWithApiExclusion(true, providers, providersToIgnore);
@@ -62,11 +61,10 @@ public void RunPowerShellTest(ServiceManagement.Common.Models.XunitTracingInterc
                 _helper.SetupModules(
                     AzureModule.AzureResourceManager,
                     _helper.RMProfileModule,
-                    _helper.GetRMModulePath(@"AzureRM.LogicApp.psd1"),
-                    _helper.GetRMModulePath(@"AzureRM.Resources.psd1"),
                     _helper.GetRMModulePath(@"AzureRM.SecurityInsights.psd1"),
                     "ScenarioTests\\Common.ps1",
                     "ScenarioTests\\" + callingClassName + ".ps1",
+                    "AzureRM.Storage.ps1",
                     "AzureRM.Resources.ps1");
 
                 _helper.RunPowerShellTest(scripts);
@@ -77,7 +75,8 @@ protected void SetupManagementClients(MockContext context)
         {
             var resourcesClient = GetResourcesClient(context);
             var securityInsightsClient = GetSecurityInsightsClient(context);
-            _helper.SetupManagementClients(securityInsightsClient, resourcesClient);
+            var storageClient = GetStorageManagementClient(context);
+            _helper.SetupManagementClients(securityInsightsClient, resourcesClient, storageClient);
         }
 
         private static SecurityInsightsClient GetSecurityInsightsClient(MockContext context)
@@ -88,5 +87,9 @@ private static ResourceManagementClient GetResourcesClient(MockContext context)
         {
             return context.GetServiceClient<ResourceManagementClient>(TestEnvironmentFactory.GetTestEnvironment());
         }
+        private static StorageManagementClient GetStorageManagementClient(MockContext context)
+        {
+            return context.GetServiceClient<StorageManagementClient>(TestEnvironmentFactory.GetTestEnvironment());
+        }
     }
 }

src/SecurityInsights/SecurityInsights.Test/ScenarioTests/TestController.cs

@@ -21,7 +21,7 @@
   </ItemGroup>
 
   <ItemGroup>
-    <None Update="ScenarioTests\ActionsTests.ps1">
+    <None Update="ScenarioTests\Actions\ActionsTests.ps1">
       <CopyToOutputDirectory>PreserveNewest</CopyToOutputDirectory>
     </None>
   </ItemGroup>

src/SecurityInsights/SecurityInsights.Test/SecurityInsights.Test.csproj

@@ -21,7 +21,6 @@
 using System;
 using Microsoft.Azure.Management.SecurityInsights.Models;
 using Microsoft.Azure.Commands.SecurityInsights.Models.Actions;
-using Microsoft.Azure.Management.SecurityInsights;
 
 namespace Microsoft.Azure.Commands.SecurityInsights.Cmdlets.Actions
 {
@@ -40,14 +39,14 @@ public class NewAlertRuleActions : SecurityInsightsCmdletBase
         [Parameter(ParameterSetName = ParameterSetNames.ActionId, Mandatory = true, HelpMessage = ParameterHelpMessages.AlertRuleId)]
         public string AlertRuleId { get; set; }
 
-        [Parameter(ParameterSetName = ParameterSetNames.ActionId, Mandatory = false, HelpMessage = ParameterHelpMessages.ActionId)]
+        [Parameter(ParameterSetName = ParameterSetNames.ActionId, Mandatory = true, HelpMessage = ParameterHelpMessages.ActionId)]
         public string ActionId { get; set; }
 
         [Parameter(ParameterSetName = ParameterSetNames.ActionId, Mandatory = true, HelpMessage = ParameterHelpMessages.LogicAppResourceId)]
         [ValidateNotNullOrEmpty]
         public string LogicAppResourceId { get; set; }
 
-        [Parameter(ParameterSetName = ParameterSetNames.ActionId, Mandatory = true, HelpMessage = ParameterHelpMessages.TriggerUri)] 
+        [Parameter(ParameterSetName = ParameterSetNames.ActionId, Mandatory = false, HelpMessage = ParameterHelpMessages.TriggerUri)] 
         public string TriggerUri { get; set; }
 
         public override void ExecuteCmdlet()
@@ -67,7 +66,7 @@ public override void ExecuteCmdlet()
 
             if (ShouldProcess(name, VerbsCommon.New))
             {
-                var outputaction = SecurityInsightsClient.AlertRules.CreateOrUpdateAction(ResourceGroupName, WorkspaceName, AlertRuleId, name, action);
+                var outputaction = SecurityInsightsClient.AlertRules.CreateOrUpdateActionWithHttpMessagesAsync(ResourceGroupName, WorkspaceName, AlertRuleId, name, action).GetAwaiter().GetResult().Body;
 
                 WriteObject(outputaction.ConvertToPSType(), enumerateCollection: false);
             }

src/SecurityInsights/SecurityInsights/Cmdlets/Actions/NewAlertRuleActions.cs

@@ -99,19 +99,19 @@ public class NewAlertRules : SecurityInsightsCmdletBase
         [ValidateNotNullOrEmpty]
         public bool SuppressionEnabled { get; set; }
 
-        [Parameter(ParameterSetName = ParameterSetNames.ScheduledAlertRule, Mandatory = true, HelpMessage = ParameterHelpMessages.Query)]
+        [Parameter(ParameterSetName = ParameterSetNames.ScheduledAlertRule, Mandatory = false, HelpMessage = ParameterHelpMessages.Query)]
         [ValidateNotNullOrEmpty]
         public string Query { get; set; }
 
-        [Parameter(ParameterSetName = ParameterSetNames.ScheduledAlertRule, Mandatory = true, HelpMessage = ParameterHelpMessages.QueryFrequency)]
+        [Parameter(ParameterSetName = ParameterSetNames.ScheduledAlertRule, Mandatory = false, HelpMessage = ParameterHelpMessages.QueryFrequency)]
         [ValidateNotNullOrEmpty]
         public TimeSpan? QueryFrequency { get; set; }
 
-        [Parameter(ParameterSetName = ParameterSetNames.ScheduledAlertRule, Mandatory = true, HelpMessage = ParameterHelpMessages.QueryPeriod)]
+        [Parameter(ParameterSetName = ParameterSetNames.ScheduledAlertRule, Mandatory = false, HelpMessage = ParameterHelpMessages.QueryPeriod)]
         [ValidateNotNullOrEmpty]
         public TimeSpan? QueryPeriod { get; set; }
 
-        [Parameter(ParameterSetName = ParameterSetNames.ScheduledAlertRule, Mandatory = true, HelpMessage = ParameterHelpMessages.Severity)]
+        [Parameter(ParameterSetName = ParameterSetNames.ScheduledAlertRule, Mandatory = false, HelpMessage = ParameterHelpMessages.Severity)]
         [ValidateSet("High", "Informational", "Low", "Medium")]
         [ValidateNotNullOrEmpty]
         public string Severity { get; set; }
@@ -125,7 +125,7 @@ public class NewAlertRules : SecurityInsightsCmdletBase
         [ValidateNotNullOrEmpty]
         public TriggerOperator TriggerOperator { get; set; }
 
-        [Parameter(ParameterSetName = ParameterSetNames.ScheduledAlertRule, Mandatory = true, HelpMessage = ParameterHelpMessages.TriggerThreshold)]
+        [Parameter(ParameterSetName = ParameterSetNames.ScheduledAlertRule, Mandatory = false, HelpMessage = ParameterHelpMessages.TriggerThreshold)]
         [ValidateNotNullOrEmpty]
         public int? TriggerThreshold { get; set; }