/// <summary> /// Provides a managed instance Advanced Data Security policy model for the given managed instance /// </summary> public ManagedInstanceAdvancedDataSecurityPolicyModel GetManagedInstanceAdvancedDataSecurityPolicy(string resourceGroup, string managedInstanceName) { // Currently Advanced Threat Protection policy is a TD policy until the backend will support Advanced Threat Protection APIs var threatDetectionPolicy = SqlThreatDetectionAdapter.GetManagedInstanceThreatDetectionPolicy(resourceGroup, managedInstanceName); var managedInstanceAdvancedDataSecurityPolicy = new ManagedInstanceAdvancedDataSecurityPolicyModel() { ResourceGroupName = resourceGroup, ManagedInstanceName = managedInstanceName, IsEnabled = (threatDetectionPolicy.ThreatDetectionState == ThreatDetectionStateType.Enabled) }; return(managedInstanceAdvancedDataSecurityPolicy); }
/// <summary> /// This method is responsible to call the right API in the communication layer that will eventually send the information in the /// object to the REST endpoint /// </summary> /// <param name="model">The model object with the data to be sent to the REST endpoints</param> protected override ManagedInstanceAdvancedDataSecurityPolicyModel PersistChanges(ManagedInstanceAdvancedDataSecurityPolicyModel model) { model.IsEnabled = false; ModelAdapter.SetManagedInstanceAdvancedDataSecurity(model); return(model); }
/// <summary> /// Sets a managed instance Advanced Threat Protection policy model for the given managed instance /// </summary> public ManagedInstanceAdvancedDataSecurityPolicyModel SetManagedInstanceAdvancedThreatProtection(ManagedInstanceAdvancedDataSecurityPolicyModel model) { // Currently Advanced Threat Protection policy is a TD policy until the backend will support Advanced Threat Protection APIs var threatDetectionPolicy = SqlThreatDetectionAdapter.GetManagedInstanceThreatDetectionPolicy(model.ResourceGroupName, model.ManagedInstanceName); threatDetectionPolicy.ThreatDetectionState = model.IsEnabled ? ThreatDetectionStateType.Enabled : ThreatDetectionStateType.Disabled; SqlThreatDetectionAdapter.SetManagedInstanceThreatDetectionPolicy(threatDetectionPolicy, AzureEnvironment.Endpoint.StorageEndpointSuffix); return(model); }
/// <summary> /// No sending is needed as this is a Get cmdlet /// </summary> /// <param name="model">The model object with the data to be sent to the REST endpoints</param> protected override ManagedInstanceAdvancedDataSecurityPolicyModel PersistChanges(ManagedInstanceAdvancedDataSecurityPolicyModel model) { return(model); }
/// <summary> /// Provides the model element that this cmdlet operates on /// </summary> /// <returns>A model object</returns> protected override ManagedInstanceAdvancedDataSecurityPolicyModel GetEntity() { ManagedInstanceAdvancedDataSecurityPolicyModel model = base.GetEntity(); return(ModelAdapter.GetManagedInstanceAdvancedDataSecurityPolicy(model.ResourceGroupName, model.ManagedInstanceName)); }
/// <summary> /// This method is responsible to call the right API in the communication layer that will eventually send the information in the /// object to the REST endpoint /// </summary> /// <param name="model">The model object with the data to be sent to the REST endpoints</param> protected override ManagedInstanceAdvancedDataSecurityPolicyModel PersistChanges(ManagedInstanceAdvancedDataSecurityPolicyModel model) { model.IsEnabled = false; ModelAdapter.SetManagedInstanceAdvancedDataSecurity(model, DefaultContext.Environment.GetEndpoint(AzureEnvironment.Endpoint.StorageEndpointSuffix)); return(model); }
/// <summary> /// This method is responsible to call the right API in the communication layer that will eventually send the information in the /// object to the REST endpoint /// </summary> /// <param name="model">The model object with the data to be sent to the REST endpoints</param> protected override ManagedInstanceAdvancedDataSecurityPolicyModel PersistChanges(ManagedInstanceAdvancedDataSecurityPolicyModel model) { model.IsEnabled = true; if (DoNotConfigureVulnerabilityAssessment) { ModelAdapter.SetManagedInstanceAdvancedDataSecurity(model); } else { // Deploy arm template to enable VA - only if VA at server level is not defined var vaAdapter = new SqlVulnerabilityAssessmentAdapter(DefaultContext); var vaModel = vaAdapter.GetVulnerabilityAssessmentSettings(ResourceGroupName, InstanceName, "", ApplyToType.ManagedInstance); if (string.IsNullOrEmpty(vaModel.StorageAccountName)) { var instanceAdapter = new AzureSqlManagedInstanceAdapter(DefaultContext); var instanceModel = instanceAdapter.GetManagedInstance(ResourceGroupName, InstanceName); ModelAdapter.EnableInstanceAdsWithVa(ResourceGroupName, InstanceName, instanceModel.Location, DeploymentName); } else { ModelAdapter.SetManagedInstanceAdvancedDataSecurity(model); } } return(model); }