A class representing a database auditing policy
Inheritance: BaseTableAuditingPolicyModel
 /// <summary>
 /// Updates the given model element with the cmdlet specific operation 
 /// </summary>
 /// <param name="model">A model object</param>
 protected override DatabaseAuditingPolicyModel ApplyUserInputToModel(DatabaseAuditingPolicyModel model)
 {
     base.ApplyUserInputToModel(model);
     model.UseServerDefault = UseServerDefaultOptions.Enabled;
     model.StorageAccountName = GetStorageAccountName();
     return model;
 }
        /// <summary>
        /// Updates the given model element with the cmdlet specific operation 
        /// </summary>
        /// <param name="model">A model object</param>
        protected override DatabaseAuditingPolicyModel ApplyUserInputToModel(DatabaseAuditingPolicyModel model)
        {
            base.ApplyUserInputToModel(model);
            AuditStateType orgAuditStateType = model.AuditState;
            model.AuditState = AuditStateType.Enabled;
            model.UseServerDefault = UseServerDefaultOptions.Disabled;
            if (StorageAccountName != null)
            {
                model.StorageAccountName = StorageAccountName;
                ModelAdapter.ClearStorageDetailsCache();
            }
            if (!string.IsNullOrEmpty(StorageKeyType)) // the user enter a key type - we use it (and running over the previously defined key type)
            {
                model.StorageKeyType = (StorageKeyType == SecurityConstants.Primary) ? StorageKeyKind.Primary : StorageKeyKind.Secondary;
            }

            EventType = Util.ProcessAuditEvents(EventType);

            if (EventType != null) // the user provided event types to audit
            {
                model.EventType = EventType.Select(s => SecurityConstants.AuditEventsToAuditEventType[s]).ToArray();
            }

            if (RetentionInDays != null)
            {
                model.RetentionInDays = RetentionInDays;
            }

            if (TableIdentifier == null)
            {
                if ((orgAuditStateType == AuditStateType.New) && (model.RetentionInDays > 0))
                {
                    // If retention days is greater than 0 and no audit table identifier is supplied , we throw exception giving the user hint on the recommended TableIdentifier we got from the CSM
                    throw new Exception(string.Format(Microsoft.Azure.Commands.Sql.Properties.Resources.InvalidRetentionTypeSet, model.TableIdentifier));
                }
            }
            else
            {
                model.TableIdentifier = TableIdentifier;
            }
            return model;
        }
Ejemplo n.º 3
0
 /// <summary>
 /// Takes the cmdlets model object and transform it to the policy as expected by the endpoint
 /// </summary>
 /// <param name="model">The AuditingPolicy model object</param>
 /// <returns>The communication model object</returns>
 private DatabaseAuditingPolicyCreateOrUpdateParameters PolicizeDatabaseAuditingModel(DatabaseAuditingPolicyModel model)
 {
     DatabaseAuditingPolicyCreateOrUpdateParameters updateParameters = new DatabaseAuditingPolicyCreateOrUpdateParameters();
     DatabaseAuditingPolicyProperties properties = new DatabaseAuditingPolicyProperties();
     updateParameters.Properties = properties;
     properties.AuditingState = PolicizeAuditState(model.AuditState);
     properties.UseServerDefault = (model.UseServerDefault == UseServerDefaultOptions.Enabled) ? SecurityConstants.AuditingEndpoint.Enabled : SecurityConstants.AuditingEndpoint.Disabled;
     properties.StorageAccountName = ExtractStorageAccountName(model);
     properties.StorageAccountResourceGroupName = ExtractStorageAccountResourceGroup(properties.StorageAccountName);
     properties.StorageAccountSubscriptionId = ExtractStorageAccountSubscriptionId(properties.StorageAccountName);
     properties.StorageTableEndpoint = ExtractStorageAccountTableEndpoint(properties.StorageAccountName);
     properties.StorageAccountKey = ExtractStorageAccountKey(properties.StorageAccountName, model, properties.StorageAccountResourceGroupName, StorageKeyKind.Primary);
     properties.StorageAccountSecondaryKey = ExtractStorageAccountKey(properties.StorageAccountName, model, properties.StorageAccountResourceGroupName, StorageKeyKind.Secondary);
     properties.EventTypesToAudit = ExtractEventTypes(model);
     properties.RetentionDays = model.RetentionInDays.ToString();
     properties.AuditLogsTableName = model.TableIdentifier;
     return updateParameters;
 }
Ejemplo n.º 4
0
 private bool IsDatabaseInServiceTierForPolicy(DatabaseAuditingPolicyModel model, string clientId)
 {
     AzureSqlDatabaseCommunicator dbCommunicator = new AzureSqlDatabaseCommunicator(Profile, Subscription);
     Management.Sql.Models.Database database = dbCommunicator.Get(model.ResourceGroupName, model.ServerName, model.DatabaseName, clientId);
     DatabaseEdition edition = DatabaseEdition.None;
     Enum.TryParse<DatabaseEdition>(database.Properties.Edition, true, out edition);
     if(edition == DatabaseEdition.Basic || edition == DatabaseEdition.Standard || edition == DatabaseEdition.Premium || edition == DatabaseEdition.DataWarehouse)
     {
         return true;
     }
     return false;
 }
Ejemplo n.º 5
0
 /// <summary>
 /// Transforms the given model to its endpoints acceptable structure and sends it to the endpoint
 /// </summary>
 public void SetDatabaseAuditingPolicy(DatabaseAuditingPolicyModel model, String clientId)
 {
     if (!IsDatabaseInServiceTierForPolicy(model, clientId))
     {
         throw new Exception(Resources.DatabaseNotInServiceTierForAuditingPolicy);
     }
     DatabaseAuditingPolicyCreateOrUpdateParameters parameters = PolicizeDatabaseAuditingModel(model);
     Communicator.SetDatabaseAuditingPolicy(model.ResourceGroupName, model.ServerName, model.DatabaseName, clientId, parameters);
 }
Ejemplo n.º 6
0
 /// <summary>
 /// Transforms the given database policy object to its cmdlet model representation
 /// </summary>
 private DatabaseAuditingPolicyModel ModelizeDatabaseAuditPolicy(DatabaseAuditingPolicy policy)
 {
     DatabaseAuditingPolicyModel dbPolicyModel = new DatabaseAuditingPolicyModel();
     DatabaseAuditingPolicyProperties properties = policy.Properties;
     dbPolicyModel.AuditState = ModelizeAuditState(properties.AuditingState);
     dbPolicyModel.UseServerDefault = properties.UseServerDefault == SecurityConstants.AuditingEndpoint.Enabled ? UseServerDefaultOptions.Enabled : UseServerDefaultOptions.Disabled;
     ModelizeStorageInfo(dbPolicyModel, properties.StorageAccountName, properties.StorageAccountKey, properties.StorageAccountSecondaryKey);
     ModelizeEventTypesInfo(dbPolicyModel, properties.EventTypesToAudit);
     ModelizeRetentionInfo(dbPolicyModel, properties.RetentionDays, properties.AuditLogsTableName);
     return dbPolicyModel;
 }
Ejemplo n.º 7
0
 /// <summary>
 /// Transforms the given model to its endpoints acceptable structure and sends it to the endpoint
 /// </summary>
 public void SetDatabaseAuditingPolicy(DatabaseAuditingPolicyModel model, String clientId, string storageEndpointSuffix)
 {
     if (!IsDatabaseInServiceTierForPolicy(model, clientId))
     {
         throw new Exception(Microsoft.Azure.Commands.Sql.Properties.Resources.DatabaseNotInServiceTierForAuditingPolicy);
     }
     DatabaseAuditingPolicyCreateOrUpdateParameters parameters = PolicizeDatabaseAuditingModel(model, storageEndpointSuffix);
     Communicator.SetDatabaseAuditingPolicy(model.ResourceGroupName, model.ServerName, model.DatabaseName, clientId, parameters);
 }
 /// <summary>
 /// This method is responsible to call the right API in the communication layer that will eventually send the information in the 
 /// object to the REST endpoint
 /// </summary>
 /// <param name="model">The model object with the data to be sent to the REST endpoints</param>
 protected override DatabaseAuditingPolicyModel PersistChanges(DatabaseAuditingPolicyModel model)
 {
     ModelAdapter.IgnoreStorage = true;
     base.PersistChanges(model);
     return null;
 }
 /// <summary>
 /// Updates the given model element with the cmdlet specific operation 
 /// </summary>
 /// <param name="model">A model object</param>
 protected override DatabaseAuditingPolicyModel ApplyUserInputToModel(DatabaseAuditingPolicyModel model)
 {
     base.ApplyUserInputToModel(model);
     model.AuditState = AuditStateType.Disabled;
     return model;
 }
Ejemplo n.º 10
0
 /// <summary>
 /// Transforms the given model to its endpoints acceptable structure and sends it to the endpoint
 /// </summary>
 public void SetDatabaseAuditingPolicy(DatabaseAuditingPolicyModel model, string clientId, string storageEndpointSuffix)
 {
     if (!IsDatabaseInServiceTierForPolicy(model.ResourceGroupName, model.ServerName, model.DatabaseName, clientId))
     {
         throw new Exception(Properties.Resources.DatabaseNotInServiceTierForAuditingPolicy);
     }
     var parameters = PolicizeDatabaseAuditingModel(model, storageEndpointSuffix);
     Communicator.SetDatabaseAuditingPolicy(model.ResourceGroupName, model.ServerName, model.DatabaseName, clientId, parameters);
 }
Ejemplo n.º 11
0
        /// <summary>
        /// Provides a database audit policy model for the given database
        /// </summary>
        public void GetDatabaseAuditingPolicy(string resourceGroup, string serverName, string databaseName, string requestId, out DatabaseAuditingPolicyModel model)
        {
            DatabaseAuditingPolicy policy;
            Communicator.GetDatabaseAuditingPolicy(resourceGroup, serverName, databaseName, requestId, out policy);
            var dbPolicyModel = ModelizeDatabaseAuditPolicy(policy);

            dbPolicyModel.ResourceGroupName = resourceGroup;
            dbPolicyModel.ServerName = serverName;
            dbPolicyModel.DatabaseName = databaseName;

            FetchedStorageAccountName = policy.Properties.StorageAccountName;
            FetchedStorageAccountResourceGroup = policy.Properties.StorageAccountResourceGroupName;
            FetchedStorageAccountSubscription = policy.Properties.StorageAccountSubscriptionId;
            FetchedStorageAccountTableEndpoint = policy.Properties.StorageTableEndpoint;

            model = dbPolicyModel;
        }
 /// <summary>
 /// No sending is needed as this is a Get cmdlet
 /// </summary>
 /// <param name="model">The model object with the data to be sent to the REST endpoints</param>
 protected override DatabaseAuditingPolicyModel PersistChanges(DatabaseAuditingPolicyModel model) 
 {
     return null;
 }