/// <summary>
/// Updates the given model element with the cmdlet specific operation
/// </summary>
/// <param name="model">A model object</param>
protected override DatabaseBlobAuditingSettingsModel ApplyUserInputToModel(DatabaseBlobAuditingSettingsModel model)
{
base.ApplyUserInputToModel(model);
model.AuditState = State == SecurityConstants.Enabled ? AuditStateType.Enabled : AuditStateType.Disabled;
if (RetentionInDays != null)
{
model.RetentionInDays = RetentionInDays;
}
if (StorageAccountName != null)
{
model.StorageAccountName = StorageAccountName;
}
if (MyInvocation.BoundParameters.ContainsKey(SecurityConstants.StorageKeyType))
{
// the user enter a key type - we use it (and override the previously defined key type)
model.StorageKeyType = (StorageKeyType == SecurityConstants.Primary)
? StorageKeyKind.Primary
: StorageKeyKind.Secondary;
}
if (AuditActionGroup != null && AuditActionGroup.Length != 0)
{
model.AuditActionGroup = AuditActionGroup;
}
if (AuditAction != null && AuditAction.Length != 0)
{
model.AuditAction = AuditAction;
}
return(model);
}
private void ModelizeDatabaseAuditPolicy(DatabaseBlobAuditingSettingsModel model, ExtendedDatabaseBlobAuditingPolicy policy)
{
model.IsGlobalAuditEnabled = policy.State == BlobAuditingPolicyState.Enabled;
model.IsAzureMonitorTargetEnabled = policy.IsAzureMonitorTargetEnabled;
model.PredicateExpression = policy.PredicateExpression;
ModelizeAuditActionGroups(model, policy.AuditActionsAndGroups);
ModelizeAuditActions(model, policy.AuditActionsAndGroups);
ModelizeStorageInfo(model, policy.StorageEndpoint, policy.IsStorageSecondaryKeyInUse, policy.StorageAccountSubscriptionId);
ModelizeRetentionInfo(model, policy.RetentionDays);
}
/// <summary>
/// Transforms the given model to its endpoints acceptable structure and sends it to the endpoint
/// </summary>
public void SetDatabaseBlobAuditingPolicyV2(DatabaseBlobAuditingSettingsModel model, string storageEndpointSuffix)
{
if (!IsDatabaseInServiceTierForPolicy(model.ResourceGroupName, model.ServerName, model.DatabaseName))
{
throw new Exception(Properties.Resources.DatabaseNotInServiceTierForAuditingPolicy);
}
var parameters = PolicizeBlobAuditingModel(model, storageEndpointSuffix);
Communicator.SetDatabaseAuditingPolicy(model.ResourceGroupName, model.ServerName, model.DatabaseName, parameters);
}
private void ModelizeDatabaseAuditPolicy(BlobAuditingPolicy policy, DatabaseBlobAuditingSettingsModel dbPolicyModel)
{
var properties = policy.Properties;
dbPolicyModel.AuditState = ModelizeAuditState(properties.State);
ModelizeStorageInfo(dbPolicyModel, properties.StorageEndpoint, properties.IsStorageSecondaryKeyInUse);
ModelizeAuditActionGroups(dbPolicyModel, properties.AuditActionsAndGroups);
ModelizeAuditActions(dbPolicyModel, properties.AuditActionsAndGroups);
ModelizeRetentionInfo(dbPolicyModel, properties.RetentionDays);
}
/// <summary>
/// Provides a database audit policy model for the given database
/// </summary>
public void GetDatabaseBlobAuditingPolicyV2(string resourceGroup, string serverName, string databaseName, out DatabaseBlobAuditingSettingsModel model)
{
BlobAuditingPolicy policy;
model = new DatabaseBlobAuditingSettingsModel();
Communicator.GetDatabaseAuditingPolicy(resourceGroup, serverName, databaseName, out policy);
ModelizeDatabaseAuditPolicy(policy, model);
model.ResourceGroupName = resourceGroup;
model.ServerName = serverName;
model.DatabaseName = databaseName;
}
private void ModelizeAuditActions(DatabaseBlobAuditingSettingsModel policyModel, IEnumerable <string> auditActionsAndGroups)
{
var actions = new List <string>();
auditActionsAndGroups.ForEach(item =>
{
AuditActionGroups group;
if (!Enum.TryParse(item, true, out group))
{
actions.Add(item);
}
});
policyModel.AuditAction = actions.ToArray();
}
/// <summary>
/// Updates the given model element with the cmdlet specific operation
/// </summary>
/// <param name="model">A model object</param>
protected override DatabaseBlobAuditingSettingsModel ApplyUserInputToModel(DatabaseBlobAuditingSettingsModel model)
{
base.ApplyUserInputToModel(model);
model.AuditState = State == SecurityConstants.Enabled ? AuditStateType.Enabled : AuditStateType.Disabled;
if (RetentionInDays != null)
{
model.RetentionInDays = RetentionInDays;
}
if (StorageAccountName != null)
{
model.StorageAccountName = StorageAccountName;
}
if (MyInvocation.BoundParameters.ContainsKey(SecurityConstants.StorageKeyType))
{
// the user enter a key type - we use it (and override the previously defined key type)
model.StorageKeyType = (StorageKeyType == SecurityConstants.Primary)
? StorageKeyKind.Primary
: StorageKeyKind.Secondary;
}
if (AuditActionGroup != null)
{
model.AuditActionGroup = AuditActionGroup;
}
if (AuditAction != null)
{
model.AuditAction = AuditAction;
}
if (!StorageAccountSubscriptionId.Equals(Guid.Empty))
{
model.StorageAccountSubscriptionId = StorageAccountSubscriptionId;
}
else if (StorageAccountName != null)
{
model.StorageAccountSubscriptionId = Guid.Parse(DefaultProfile.DefaultContext.Subscription.Id);
}
if (PredicateExpression != null)
{
model.PredicateExpression = PredicateExpression;
}
return(model);
}
internal void GetAuditingSettings(
string resourceGroup, string serverName, string databaseName,
DatabaseBlobAuditingSettingsModel model)
{
ExtendedDatabaseBlobAuditingPolicy policy = Communicator.GetAuditingPolicy(resourceGroup, serverName, databaseName);
ModelizeDatabaseAuditPolicy(model, policy);
if (model is DatabaseDiagnosticAuditingSettingsModel diagnosticModel)
{
diagnosticModel.DiagnosticsEnablingAuditCategory =
Communicator.GetDiagnosticsEnablingAuditCategory(out string nextDiagnosticSettingsName,
resourceGroup, serverName, databaseName);
diagnosticModel.NextDiagnosticSettingsName = nextDiagnosticSettingsName;
}
model.DetermineAuditState();
}
/// <summary>
/// Transforms the given model to its endpoints acceptable structure and sends it to the endpoint
/// </summary>
public void SetDatabaseBlobAuditingPolicyV2(DatabaseBlobAuditingSettingsModel model, string storageEndpointSuffix)
{
if (!IsDatabaseInServiceTierForPolicy(model.ResourceGroupName, model.ServerName, model.DatabaseName))
{
throw new Exception(Properties.Resources.DatabaseNotInServiceTierForAuditingPolicy);
}
if (string.IsNullOrEmpty(model.PredicateExpression))
{
var policy = new Management.Sql.Models.DatabaseBlobAuditingPolicy();
PolicizeBlobAuditingModel(model, storageEndpointSuffix, policy);
Communicator.SetDatabaseAuditingPolicy(model.ResourceGroupName, model.ServerName, model.DatabaseName, policy);
}
else
{
var policy = new Management.Sql.Models.ExtendedDatabaseBlobAuditingPolicy
{
PredicateExpression = model.PredicateExpression
};
PolicizeBlobAuditingModel(model, storageEndpointSuffix, policy);
Communicator.SetExtendedDatabaseAuditingPolicy(model.ResourceGroupName, model.ServerName, model.DatabaseName, policy);
}
}
public bool SetAuditingPolicy(DatabaseBlobAuditingSettingsModel model)
{
if (!IsDatabaseInServiceTierForPolicy(model.ResourceGroupName, model.ServerName, model.DatabaseName))
{
throw new Exception(Properties.Resources.DatabaseNotInServiceTierForAuditingPolicy);
}
if (string.IsNullOrEmpty(model.PredicateExpression))
{
DatabaseBlobAuditingPolicy policy = new DatabaseBlobAuditingPolicy();
PolicizeAuditingSettingsModel(model, policy);
return(Communicator.SetAuditingPolicy(model.ResourceGroupName, model.ServerName, model.DatabaseName, policy));
}
else
{
ExtendedDatabaseBlobAuditingPolicy policy = new ExtendedDatabaseBlobAuditingPolicy
{
PredicateExpression = model.PredicateExpression
};
PolicizeAuditingSettingsModel(model, policy);
return(Communicator.SetExtendedAuditingPolicy(model.ResourceGroupName, model.ServerName, model.DatabaseName, policy));
}
}
/// <summary>
/// This method is responsible to call the right API in the communication layer that will eventually send the information in the
/// object to the REST endpoint
/// </summary>
/// <param name="model">The model object with the data to be sent to the REST endpoints</param>
protected override DatabaseBlobAuditingSettingsModel PersistChanges(DatabaseBlobAuditingSettingsModel model)
{
model.PersistChanges(ModelAdapter);
return(null);
}
/// <summary>
/// Updates the given model element with the cmdlet specific operation
/// </summary>
/// <param name="model">A model object</param>
protected override DatabaseBlobAuditingSettingsModel ApplyUserInputToModel(DatabaseBlobAuditingSettingsModel model)
{
base.ApplyUserInputToModel(model);
model.AuditState = State == SecurityConstants.Enabled ? AuditStateType.Enabled : AuditStateType.Disabled;
if (AuditActionGroup != null)
{
model.AuditActionGroup = AuditActionGroup;
}
if (AuditAction != null)
{
model.AuditAction = AuditAction;
}
if (PredicateExpression != null)
{
model.PredicateExpression = PredicateExpression;
}
if (ParameterSetName == DefinitionsCommon.BlobStorageParameterSetName ||
ParameterSetName == DefinitionsCommon.StorageAccountSubscriptionIdParameterSetName ||
ParameterSetName == DefinitionsCommon.BlobStorageByParentResourceParameterSetName ||
ParameterSetName == DefinitionsCommon.StorageAccountSubscriptionIdByParentResourceParameterSetName)
{
if (RetentionInDays != null)
{
model.RetentionInDays = RetentionInDays;
}
if (StorageAccountName != null)
{
model.StorageAccountName = StorageAccountName;
}
if (MyInvocation.BoundParameters.ContainsKey(SecurityConstants.StorageKeyType))
{
// the user enter a key type - we use it (and override the previously defined key type)
model.StorageKeyType = (StorageKeyType == SecurityConstants.Primary)
? StorageKeyKind.Primary
: StorageKeyKind.Secondary;
}
if (!StorageAccountSubscriptionId.Equals(Guid.Empty))
{
model.StorageAccountSubscriptionId = StorageAccountSubscriptionId;
}
else if (StorageAccountName != null)
{
model.StorageAccountSubscriptionId = Guid.Parse(DefaultProfile.DefaultContext.Subscription.Id);
}
}
else if (ParameterSetName == DefinitionsCommon.EventHubParameterSetName ||
ParameterSetName == DefinitionsCommon.EventHubByParentResourceParameterSetName)
{
DatabsaeEventHubAuditingSettingsModel eventHubModel = model as DatabsaeEventHubAuditingSettingsModel;
if (EventHubName != null)
{
eventHubModel.EventHubName = EventHubName;
}
if (EventHubAuthorizationRuleResourceId != null)
{
eventHubModel.EventHubAuthorizationRuleResourceId = EventHubAuthorizationRuleResourceId;
}
}
else if (ParameterSetName == DefinitionsCommon.LogAnalyticsParameterSetName ||
ParameterSetName == DefinitionsCommon.LogAnalyticsByParentResourceParameterSetName)
{
DatabaseLogAnalyticsAuditingSettingsModel logAnalyticsModel = model as DatabaseLogAnalyticsAuditingSettingsModel;
if (WorkspaceResourceId != null)
{
logAnalyticsModel.WorkspaceResourceId = WorkspaceResourceId;
}
}
return(model);
}
private void ModelizeDatabaseAuditPolicy(Management.Sql.Models.ExtendedDatabaseBlobAuditingPolicy policy, DatabaseBlobAuditingSettingsModel dbPolicyModel)
{
dbPolicyModel.AuditState = ModelizeAuditState(policy.State.ToString());
ModelizeStorageInfo(dbPolicyModel, policy.StorageEndpoint, policy.IsStorageSecondaryKeyInUse, policy.StorageAccountSubscriptionId);
ModelizeAuditActionGroups(dbPolicyModel, policy.AuditActionsAndGroups);
ModelizeAuditActions(dbPolicyModel, policy.AuditActionsAndGroups);
ModelizeRetentionInfo(dbPolicyModel, policy.RetentionDays);
dbPolicyModel.PredicateExpression = policy.PredicateExpression;
}
/// <summary>
/// Provides a database audit policy model for the given database
/// </summary>
internal void GetDatabaseBlobAuditingPolicy(string resourceGroup, string serverName, string databaseName, DatabaseBlobAuditingSettingsModel model)
{
Management.Sql.Models.ExtendedDatabaseBlobAuditingPolicy policy;
Communicator.GetExtendedDatabaseAuditingPolicy(resourceGroup, serverName, databaseName, out policy);
ModelizeDatabaseAuditPolicy(policy, model);
model.ResourceGroupName = resourceGroup;
model.ServerName = serverName;
model.DatabaseName = databaseName;
}