private void UpdateAfdSecurityPolicy()
{
try
{
PSAfdSecurityPolicy currentPsAfdSecurityPolicy = this.CdnManagementClient.SecurityPolicies.Get(this.ResourceGroupName, this.ProfileName, this.SecurityPolicyName).ToPSAfdSecurityPolicy();
SecurityPolicyWebApplicationFirewallParameters securityPolicyWafParameters = new SecurityPolicyWebApplicationFirewallParameters();
if (ParameterSetName == ObjectParameterSet)
{
securityPolicyWafParameters = this.CreateSecurityPolicyWafParametersByObject(currentPsAfdSecurityPolicy);
}
if (ParameterSetName == FieldsParameterSet)
{
securityPolicyWafParameters = this.CreateSecurityPolicyWafParametersByFields(currentPsAfdSecurityPolicy);
}
this.CdnManagementClient.SecurityPolicies.Patch(this.ResourceGroupName, this.ProfileName, this.SecurityPolicyName, securityPolicyWafParameters);
}
catch (AfdErrorResponseException errorResponse)
{
throw new PSArgumentException(errorResponse.Response.Content);
}
}
private void CreateAfdSecurityPolicy()
{
try
{
SecurityPolicyWebApplicationFirewallParameters securityPolicyParameters = new SecurityPolicyWebApplicationFirewallParameters();
securityPolicyParameters.WafPolicy = new ResourceReference(this.WafPolicyId);
securityPolicyParameters.Associations = new List <SecurityPolicyWebApplicationFirewallAssociation>();
SecurityPolicyWebApplicationFirewallAssociation securityPolicyWebApplicationFirewallAssociation = new SecurityPolicyWebApplicationFirewallAssociation();
securityPolicyWebApplicationFirewallAssociation.Domains = new List <ResourceReference>();
securityPolicyWebApplicationFirewallAssociation.PatternsToMatch = new List <string>
{
"/*",
};
foreach (string domainId in this.DomainId)
{
ResourceReference resourceReference = new ResourceReference(domainId);
securityPolicyWebApplicationFirewallAssociation.Domains.Add(resourceReference);
}
securityPolicyParameters.Associations.Add(securityPolicyWebApplicationFirewallAssociation);
PSAfdSecurityPolicy psAfdSecurityPolicy = this.CdnManagementClient.SecurityPolicies.Create(this.ResourceGroupName, this.ProfileName, this.SecurityPolicyName, securityPolicyParameters).ToPSAfdSecurityPolicy();
WriteObject(psAfdSecurityPolicy);
}
catch (AfdErrorResponseException errorResponse)
{
throw new PSArgumentException(errorResponse.Response.Content);
}
}
private SecurityPolicyWebApplicationFirewallParameters CreateSecurityPolicyWafParametersByFields(PSAfdSecurityPolicy currentSecurityPolicy)
{
bool isWafPolicy = this.MyInvocation.BoundParameters.ContainsKey("WafPolicyId");
bool isDomainIds = this.MyInvocation.BoundParameters.ContainsKey("DomainId");
SecurityPolicyWebApplicationFirewallParameters securityPolicyWafParameters = new SecurityPolicyWebApplicationFirewallParameters
{
WafPolicy = new ResourceReference(currentSecurityPolicy.WafPolicyId),
Associations = new List <SecurityPolicyWebApplicationFirewallAssociation>()
};
SecurityPolicyWebApplicationFirewallAssociation securityPolicyWafAssociation = new SecurityPolicyWebApplicationFirewallAssociation();
securityPolicyWafAssociation.Domains = currentSecurityPolicy.Domains;
securityPolicyWafAssociation.PatternsToMatch = currentSecurityPolicy.PatternsToMatch;
securityPolicyWafParameters.Associations.Add(securityPolicyWafAssociation);
if (isWafPolicy)
{
securityPolicyWafParameters.WafPolicy = new ResourceReference(this.WafPolicyId);
}
return(securityPolicyWafParameters);
}
public static PSAfdSecurityPolicy ToPSAfdSecurityPolicy(this SdkAfdSecurityPolicy sdkAfdSecurityPolicy)
{
SecurityPolicyWebApplicationFirewallParameters securityPolicyWafParameters = (SecurityPolicyWebApplicationFirewallParameters)sdkAfdSecurityPolicy.Parameters;
return(new PSAfdSecurityPolicy
{
Id = sdkAfdSecurityPolicy.Id,
Name = sdkAfdSecurityPolicy.Name,
Type = sdkAfdSecurityPolicy.Type,
ProvisioningState = sdkAfdSecurityPolicy.ProvisioningState,
WafPolicyId = securityPolicyWafParameters.WafPolicy?.Id,
Domains = (List <ResourceReference>)securityPolicyWafParameters?.Associations[0]?.Domains,
PatternsToMatch = (List <string>)securityPolicyWafParameters?.Associations[0]?.PatternsToMatch
});
}
private SecurityPolicyWebApplicationFirewallParameters CreateSecurityPolicyWafParametersByObject(PSAfdSecurityPolicy currentSecurityPolicy)
{
SecurityPolicyWebApplicationFirewallParameters securityPolicyWafParameters = new SecurityPolicyWebApplicationFirewallParameters
{
WafPolicy = new ResourceReference(currentSecurityPolicy.WafPolicyId),
Associations = new List <SecurityPolicyWebApplicationFirewallAssociation>()
};
SecurityPolicyWebApplicationFirewallAssociation securityPolicyWafAssociation = new SecurityPolicyWebApplicationFirewallAssociation();
securityPolicyWafAssociation.Domains = currentSecurityPolicy.Domains;
securityPolicyWafAssociation.PatternsToMatch = currentSecurityPolicy.PatternsToMatch;
securityPolicyWafParameters.Associations.Add(securityPolicyWafAssociation);
if (currentSecurityPolicy.WafPolicyId != this.SecurityPolicy.WafPolicyId)
{
securityPolicyWafParameters.WafPolicy = new ResourceReference(this.SecurityPolicy.WafPolicyId);
}
return(securityPolicyWafParameters);
}
public void AFDOriginGetListTest()
{
var handler1 = new RecordedDelegatingHandler {
StatusCodeToReturn = HttpStatusCode.OK
};
var handler2 = new RecordedDelegatingHandler {
StatusCodeToReturn = HttpStatusCode.OK
};
using (MockContext context = MockContext.Start(this.GetType()))
{
// Create clients
var cdnMgmtClient = CdnTestUtilities.GetCdnManagementClient(context, handler1);
var resourcesClient = CdnTestUtilities.GetResourceManagementClient(context, handler2);
// Create resource group
var resourceGroupName = CdnTestUtilities.CreateResourceGroup(resourcesClient);
try
{
// Create a standard Azure frontdoor profile
string profileName = TestUtilities.GenerateName("profile");
Profile createParameters = new Profile
{
Location = "WestUs",
Sku = new Sku {
Name = SkuName.StandardAzureFrontDoor
},
Tags = new Dictionary <string, string>
{
{ "key1", "value1" },
{ "key2", "value2" }
}
};
var profile = cdnMgmtClient.Profiles.Create(resourceGroupName, profileName, createParameters);
// Create a standard Azure frontdoor endpoint
string endpointName = TestUtilities.GenerateName("endpointName");
var endpointCreateParameters = new AFDEndpoint("WestUs")
{
EnabledState = "Enabled",
OriginResponseTimeoutSeconds = 60,
Tags = new Dictionary <string, string>
{
{ "key1", "value1" },
{ "key2", "value2" }
}
};
var endpoint = cdnMgmtClient.AFDEndpoints.Create(resourceGroupName, profileName, endpointName, endpointCreateParameters);
// Create a standard Azure frontdoor security policy
string securityPolicyName = TestUtilities.GenerateName("securityPolicy");
var policyCreateParameters = new SecurityPolicyWebApplicationFirewallParameters
{
Associations = new List <SecurityPolicyWebApplicationFirewallAssociation>
{
new SecurityPolicyWebApplicationFirewallAssociation
{
Domains = new List <ResourceReference> {
new ResourceReference(endpoint.Id),
},
PatternsToMatch = new List <string>
{
"/*"
},
}
},
WafPolicy = new ResourceReference(id: "/subscriptions/d7cfdb98-c118-458d-8bdf-246be66b1f5e/resourcegroups/chengll-test3632/providers/Microsoft.Network/frontdoorwebapplicationfirewallpolicies/hellowaf"),
};
var securityPolicy = cdnMgmtClient.SecurityPolicies.Create(resourceGroupName, profileName, securityPolicyName, policyCreateParameters);
Assert.NotNull(securityPolicy);
Assert.NotNull(securityPolicy.ProvisioningState);
Assert.NotNull(securityPolicy.Parameters);
var getSecurityPolicy = cdnMgmtClient.SecurityPolicies.Get(resourceGroupName, profileName, securityPolicyName);
Assert.NotNull(getSecurityPolicy);
Assert.NotNull(getSecurityPolicy.ProvisioningState);
Assert.NotNull(getSecurityPolicy.Parameters);
var listSecurityPolicy = cdnMgmtClient.SecurityPolicies.ListByProfile(resourceGroupName, profileName);
Assert.NotNull(listSecurityPolicy);
Assert.Single(listSecurityPolicy);
cdnMgmtClient.SecurityPolicies.Delete(resourceGroupName, profileName, securityPolicyName);
listSecurityPolicy = cdnMgmtClient.SecurityPolicies.ListByProfile(resourceGroupName, profileName);
Assert.NotNull(listSecurityPolicy);
Assert.Empty(listSecurityPolicy);
}
finally
{
// Delete resource group
_ = CdnTestUtilities.DeleteResourceGroupAsync(resourcesClient, resourceGroupName);
}
}
}
