/// <summary> /// Changes the database security alert policy with new values /// </summary> private static void ChangeSecurityAlertPolicy(BaseSecurityAlertPolicyProperties properties) { properties.State = "Disabled"; properties.DisabledAlerts = "DisableAlert1"; properties.EmailAddresses = "[email protected];[email protected]"; properties.EmailAccountAdmins = "Disabled"; }
/// <summary> /// Takes the cmdlets model object and transform it to the policy as expected by the endpoint /// </summary> private Management.Sql.Models.ManagedServerSecurityAlertPolicy PolicizeManagedInstanceSecurityAlertModel(BaseThreatDetectionPolicyModel model, string storageEndpointSuffix) { var policy = new Management.Sql.Models.ManagedServerSecurityAlertPolicy() { State = model.ThreatDetectionState == ThreatDetectionStateType.Enabled ? SecurityAlertsPolicyState.Enabled : SecurityAlertsPolicyState.Disabled, DisabledAlerts = ExtractExcludedDetectionType(model), EmailAddresses = model.NotificationRecipientsEmails.Split(';').Where(mail => !string.IsNullOrEmpty(mail)).ToList(), EmailAccountAdmins = model.EmailAdmins, RetentionDays = Convert.ToInt32(model.RetentionInDays), }; if (policy.State == SecurityAlertsPolicyState.Enabled && !policy.EmailAccountAdmins.Value && !policy.EmailAddresses.Any()) { // For new TD policy, make sure EmailAccountAdmins is true policy.EmailAccountAdmins = true; } if (string.IsNullOrEmpty(model.StorageAccountName)) { policy.StorageEndpoint = null; policy.StorageAccountAccessKey = null; } else { BaseSecurityAlertPolicyProperties legacyProperties = new BaseSecurityAlertPolicyProperties(); PopulateStoragePropertiesInPolicy(model, legacyProperties, storageEndpointSuffix); policy.StorageEndpoint = legacyProperties.StorageEndpoint; policy.StorageAccountAccessKey = legacyProperties.StorageAccountAccessKey; } return(policy); }
/// <summary> /// Verify that the received properties match their expected values /// </summary> /// <param name="expected">The expected value of the properties object</param> /// <param name="actual">The properties object that needs to be checked</param> private static void VerifySecurityAlertPolicyInformation(BaseSecurityAlertPolicyProperties expected, BaseSecurityAlertPolicyProperties actual) { Assert.Equal(expected.State, actual.State); Assert.Equal(expected.DisabledAlerts, actual.DisabledAlerts); Assert.Equal(expected.EmailAddresses, actual.EmailAddresses); Assert.Equal(expected.EmailAccountAdmins, actual.EmailAccountAdmins); }
/// <summary> /// Transforms the given database policy object to its cmdlet model representation /// </summary> private BaseThreatDetectionPolicyModel ModelizeThreatDetectionPolicy(BaseSecurityAlertPolicyProperties threatDetectionProperties, BaseThreatDetectionPolicyModel model) { model.ThreatDetectionState = ModelizeThreatDetectionState(threatDetectionProperties.State); model.NotificationRecipientsEmails = threatDetectionProperties.EmailAddresses; model.EmailAdmins = ModelizeThreatDetectionEmailAdmins(threatDetectionProperties.EmailAccountAdmins); ModelizeDisabledAlerts(model, threatDetectionProperties.DisabledAlerts); return(model); }
/// <summary> /// Transforms the given database policy object to its cmdlet model representation /// </summary> private static BaseThreatDetectionPolicyModel ModelizeThreatDetectionPolicy(BaseSecurityAlertPolicyProperties threatDetectionProperties, BaseThreatDetectionPolicyModel model) { model.ThreatDetectionState = ModelizeThreatDetectionState(threatDetectionProperties.State); model.NotificationRecipientsEmails = threatDetectionProperties.EmailAddresses; model.EmailAdmins = ModelizeThreatDetectionEmailAdmins(threatDetectionProperties.EmailAccountAdmins); ModelizeStorageAccount(model, threatDetectionProperties.StorageEndpoint); model.ExcludedDetectionTypes = threatDetectionProperties.DisabledAlerts.Split(';').Where(alert => !string.IsNullOrEmpty(alert)).ToArray() ?? new string[] { }; model.RetentionInDays = (uint)threatDetectionProperties.RetentionDays; return(model); }
/// <summary> /// Transforms the given database policy object to its cmdlet model representation /// </summary> private static BaseThreatDetectionPolicyModel ModelizeThreatDetectionPolicy(BaseSecurityAlertPolicyProperties threatDetectionProperties, BaseThreatDetectionPolicyModel model) { model.ThreatDetectionState = ModelizeThreatDetectionState(threatDetectionProperties.State); model.NotificationRecipientsEmails = threatDetectionProperties.EmailAddresses; model.EmailAdmins = ModelizeThreatDetectionEmailAdmins(threatDetectionProperties.EmailAccountAdmins); ModelizeStorageAccount(model, threatDetectionProperties.StorageEndpoint); ModelizeDisabledAlerts(model, threatDetectionProperties.DisabledAlerts.Split(';')); model.RetentionInDays = (uint)threatDetectionProperties.RetentionDays; return(model); }
private void PopulateStoragePropertiesInPolicy(BaseThreatDetectionPolicyModel model, BaseSecurityAlertPolicyProperties properties, string storageEndpointSuffix) { if (string.IsNullOrEmpty(model.StorageAccountName)) // can happen if the user didn't provide account name for a policy that lacked it { throw new Exception(string.Format(Properties.Resources.NoStorageAccountWhenConfiguringThreatDetectionPolicy)); } properties.StorageEndpoint = string.Format("https://{0}.blob.{1}", model.StorageAccountName, storageEndpointSuffix); properties.StorageAccountAccessKey = AzureCommunicator.GetStorageKeys(model.StorageAccountName)[StorageKeyKind.Primary]; }
private BaseSecurityAlertPolicyProperties PopulateDatabasePolicyProperties(BaseThreatDetectionPolicyModel model, string storageEndpointSuffix, BaseSecurityAlertPolicyProperties properties) { properties.State = model.ThreatDetectionState.ToString(); properties.EmailAddresses = model.NotificationRecipientsEmails ?? ""; properties.EmailAccountAdmins = model.EmailAdmins ? ThreatDetectionStateType.Enabled.ToString() : ThreatDetectionStateType.Disabled.ToString(); properties.DisabledAlerts = string.Join(";", ExtractExcludedDetectionType(model)); PopulateStoragePropertiesInPolicy(model, properties, storageEndpointSuffix); properties.RetentionDays = Convert.ToInt32(model.RetentionInDays); return(properties); }
private BaseSecurityAlertPolicyProperties PopulatePolicyProperties(BaseThreatDetectionPolicyModel model, BaseSecurityAlertPolicyProperties properties) { properties.State = model.ThreatDetectionState.ToString(); properties.EmailAddresses = model.NotificationRecipientsEmails ?? ""; properties.EmailAccountAdmins = model.EmailAdmins ? ThreatDetectionStateType.Enabled.ToString() : ThreatDetectionStateType.Disabled.ToString(); properties.DisabledAlerts = ExtractExcludedDetectionType(model); return(properties); }