public static PSSecurityAssessment ConvertToPSType(this SecurityAssessment value) { return(new PSSecurityAssessment() { Id = value.Id, Name = value.Name, DisplayName = value.DisplayName, ResourceDetails = value.ResourceDetails.ConvertToPSType(), Status = value.Status.ConvertToPSType() }); }
public override void ExecuteCmdlet() { if (ShouldProcess(Name, VerbsCommon.Set)) { var status = new AssessmentStatus(StatusCode, StatusCause, StatusDescription); var resourceDetails = new AzureResourceDetails(); var assesssment = new SecurityAssessment(resourceDetails: resourceDetails, status: status, additionalData: AdditionalData); var result = SecurityCenterClient.Assessments.CreateOrUpdateWithHttpMessagesAsync(AssessedResourceId ?? $"/subscriptions/{DefaultContext.Subscription.Id}", Name, assesssment).GetAwaiter().GetResult().Body; WriteObject(result.ConvertToPSType(), enumerateCollection: true); } }
internal static string ToSerializedValue(this SecurityAssessment value) { switch (value) { case SecurityAssessment.Low: return("Low"); case SecurityAssessment.Medium: return("Medium"); case SecurityAssessment.High: return("High"); } return(null); }
public void Assessments_CreateOrUpdate_ResourceGroup_Scope() { string resourceId = $"/subscriptions/{SubscriptionId}/resourceGroups/myService1/providers/Microsoft.OperationalInsights/workspaces/TestServiceWS"; string assessmentName = "9b0c3939-c9db-4ffc-ad4b-4673ff25cdd8"; // randomly generated guid using (var context = MockContext.Start(this.GetType())) { var securityCenterClient = GetSecurityCenterClient(context); var securityAssessment = new SecurityAssessment() { ResourceDetails = new AzureResourceDetails() { }, Status = new AssessmentStatus() { Code = AssessmentStatusCode.Healthy, Description = "NA", Cause = "NA" } }; var assessmentMetadata = new SecurityAssessmentMetadata() { DisplayName = "Customer managed metadata", Description = "Customer managed description", AssessmentType = AssessmentType.CustomerManaged, Severity = Severity.Low }; // Assessment metadata must be created prior to creating assessments securityCenterClient.AssessmentsMetadata.CreateInSubscription(assessmentName, assessmentMetadata); var ret = securityCenterClient.Assessments.CreateOrUpdate(resourceId, assessmentName, securityAssessment); ValidateResourceDetails(ret); } }
/// <summary> /// Create a security assessment on your resource. An assessment metadata that /// describes this assessment must be predefined with the same name before /// inserting the assessment result /// </summary> /// <param name='resourceId'> /// The identifier of the resource. /// </param> /// <param name='assessmentName'> /// The Assessment Key - Unique key for the assessment type /// </param> /// <param name='assessment'> /// Calculated assessment on a pre-defined assessment metadata /// </param> /// <param name='customHeaders'> /// Headers that will be added to request. /// </param> /// <param name='cancellationToken'> /// The cancellation token. /// </param> /// <exception cref="CloudException"> /// Thrown when the operation returned an invalid status code /// </exception> /// <exception cref="SerializationException"> /// Thrown when unable to deserialize the response /// </exception> /// <exception cref="ValidationException"> /// Thrown when a required parameter is null /// </exception> /// <exception cref="System.ArgumentNullException"> /// Thrown when a required parameter is null /// </exception> /// <return> /// A response object containing the response body and response headers. /// </return> public async Task <AzureOperationResponse <SecurityAssessment> > CreateOrUpdateWithHttpMessagesAsync(string resourceId, string assessmentName, SecurityAssessment assessment, Dictionary <string, List <string> > customHeaders = null, CancellationToken cancellationToken = default(CancellationToken)) { if (resourceId == null) { throw new ValidationException(ValidationRules.CannotBeNull, "resourceId"); } if (assessmentName == null) { throw new ValidationException(ValidationRules.CannotBeNull, "assessmentName"); } if (assessment == null) { throw new ValidationException(ValidationRules.CannotBeNull, "assessment"); } if (assessment != null) { assessment.Validate(); } string apiVersion = "2020-01-01"; // Tracing bool _shouldTrace = ServiceClientTracing.IsEnabled; string _invocationId = null; if (_shouldTrace) { _invocationId = ServiceClientTracing.NextInvocationId.ToString(); Dictionary <string, object> tracingParameters = new Dictionary <string, object>(); tracingParameters.Add("apiVersion", apiVersion); tracingParameters.Add("resourceId", resourceId); tracingParameters.Add("assessmentName", assessmentName); tracingParameters.Add("assessment", assessment); tracingParameters.Add("cancellationToken", cancellationToken); ServiceClientTracing.Enter(_invocationId, this, "CreateOrUpdate", tracingParameters); } // Construct URL var _baseUrl = Client.BaseUri.AbsoluteUri; var _url = new System.Uri(new System.Uri(_baseUrl + (_baseUrl.EndsWith("/") ? "" : "/")), "{resourceId}/providers/Microsoft.Security/assessments/{assessmentName}").ToString(); _url = _url.Replace("{resourceId}", System.Uri.EscapeDataString(resourceId)); _url = _url.Replace("{assessmentName}", System.Uri.EscapeDataString(assessmentName)); List <string> _queryParameters = new List <string>(); if (apiVersion != null) { _queryParameters.Add(string.Format("api-version={0}", System.Uri.EscapeDataString(apiVersion))); } if (_queryParameters.Count > 0) { _url += (_url.Contains("?") ? "&" : "?") + string.Join("&", _queryParameters); } // Create HTTP transport objects var _httpRequest = new HttpRequestMessage(); HttpResponseMessage _httpResponse = null; _httpRequest.Method = new HttpMethod("PUT"); _httpRequest.RequestUri = new System.Uri(_url); // Set Headers if (Client.GenerateClientRequestId != null && Client.GenerateClientRequestId.Value) { _httpRequest.Headers.TryAddWithoutValidation("x-ms-client-request-id", System.Guid.NewGuid().ToString()); } if (Client.AcceptLanguage != null) { if (_httpRequest.Headers.Contains("accept-language")) { _httpRequest.Headers.Remove("accept-language"); } _httpRequest.Headers.TryAddWithoutValidation("accept-language", Client.AcceptLanguage); } if (customHeaders != null) { foreach (var _header in customHeaders) { if (_httpRequest.Headers.Contains(_header.Key)) { _httpRequest.Headers.Remove(_header.Key); } _httpRequest.Headers.TryAddWithoutValidation(_header.Key, _header.Value); } } // Serialize Request string _requestContent = null; if (assessment != null) { _requestContent = Rest.Serialization.SafeJsonConvert.SerializeObject(assessment, Client.SerializationSettings); _httpRequest.Content = new StringContent(_requestContent, System.Text.Encoding.UTF8); _httpRequest.Content.Headers.ContentType = System.Net.Http.Headers.MediaTypeHeaderValue.Parse("application/json; charset=utf-8"); } // Set Credentials if (Client.Credentials != null) { cancellationToken.ThrowIfCancellationRequested(); await Client.Credentials.ProcessHttpRequestAsync(_httpRequest, cancellationToken).ConfigureAwait(false); } // Send Request if (_shouldTrace) { ServiceClientTracing.SendRequest(_invocationId, _httpRequest); } cancellationToken.ThrowIfCancellationRequested(); _httpResponse = await Client.HttpClient.SendAsync(_httpRequest, cancellationToken).ConfigureAwait(false); if (_shouldTrace) { ServiceClientTracing.ReceiveResponse(_invocationId, _httpResponse); } HttpStatusCode _statusCode = _httpResponse.StatusCode; cancellationToken.ThrowIfCancellationRequested(); string _responseContent = null; if ((int)_statusCode != 200 && (int)_statusCode != 201) { var ex = new CloudException(string.Format("Operation returned an invalid status code '{0}'", _statusCode)); try { _responseContent = await _httpResponse.Content.ReadAsStringAsync().ConfigureAwait(false); CloudError _errorBody = Rest.Serialization.SafeJsonConvert.DeserializeObject <CloudError>(_responseContent, Client.DeserializationSettings); if (_errorBody != null) { ex = new CloudException(_errorBody.Message); ex.Body = _errorBody; } } catch (JsonException) { // Ignore the exception } ex.Request = new HttpRequestMessageWrapper(_httpRequest, _requestContent); ex.Response = new HttpResponseMessageWrapper(_httpResponse, _responseContent); if (_httpResponse.Headers.Contains("x-ms-request-id")) { ex.RequestId = _httpResponse.Headers.GetValues("x-ms-request-id").FirstOrDefault(); } if (_shouldTrace) { ServiceClientTracing.Error(_invocationId, ex); } _httpRequest.Dispose(); if (_httpResponse != null) { _httpResponse.Dispose(); } throw ex; } // Create Result var _result = new AzureOperationResponse <SecurityAssessment>(); _result.Request = _httpRequest; _result.Response = _httpResponse; if (_httpResponse.Headers.Contains("x-ms-request-id")) { _result.RequestId = _httpResponse.Headers.GetValues("x-ms-request-id").FirstOrDefault(); } // Deserialize Response if ((int)_statusCode == 200) { _responseContent = await _httpResponse.Content.ReadAsStringAsync().ConfigureAwait(false); try { _result.Body = Rest.Serialization.SafeJsonConvert.DeserializeObject <SecurityAssessment>(_responseContent, Client.DeserializationSettings); } catch (JsonException ex) { _httpRequest.Dispose(); if (_httpResponse != null) { _httpResponse.Dispose(); } throw new SerializationException("Unable to deserialize the response.", _responseContent, ex); } } // Deserialize Response if ((int)_statusCode == 201) { _responseContent = await _httpResponse.Content.ReadAsStringAsync().ConfigureAwait(false); try { _result.Body = Rest.Serialization.SafeJsonConvert.DeserializeObject <SecurityAssessment>(_responseContent, Client.DeserializationSettings); } catch (JsonException ex) { _httpRequest.Dispose(); if (_httpResponse != null) { _httpResponse.Dispose(); } throw new SerializationException("Unable to deserialize the response.", _responseContent, ex); } } if (_shouldTrace) { ServiceClientTracing.Exit(_invocationId, _result); } return(_result); }
/// <summary> /// For each of the supported 'ResourceDetails' types, validates that the 'ResourceDetails' is at least one of them: /// assignable means not null: serialization \ deserialization was successful /// </summary> /// <param name="item"></param> private static void ValidateResourceDetails(SecurityAssessment item) { Assert.NotNull(item); ValidateResourceDetails(item.ResourceDetails); }
/// <summary> /// Create a security assessment on your resource. An assessment metadata that /// describes this assessment must be predefined with the same name before /// inserting the assessment result /// </summary> /// <param name='operations'> /// The operations group for this extension method. /// </param> /// <param name='resourceId'> /// The identifier of the resource. /// </param> /// <param name='assessmentName'> /// The Assessment Key - Unique key for the assessment type /// </param> /// <param name='assessment'> /// Calculated assessment on a pre-defined assessment metadata /// </param> /// <param name='cancellationToken'> /// The cancellation token. /// </param> public static async Task <SecurityAssessment> CreateOrUpdateAsync(this IAssessmentsOperations operations, string resourceId, string assessmentName, SecurityAssessment assessment, CancellationToken cancellationToken = default(CancellationToken)) { using (var _result = await operations.CreateOrUpdateWithHttpMessagesAsync(resourceId, assessmentName, assessment, null, cancellationToken).ConfigureAwait(false)) { return(_result.Body); } }
/// <summary> /// Create a security assessment on your resource. An assessment metadata that /// describes this assessment must be predefined with the same name before /// inserting the assessment result /// </summary> /// <param name='operations'> /// The operations group for this extension method. /// </param> /// <param name='resourceId'> /// The identifier of the resource. /// </param> /// <param name='assessmentName'> /// The Assessment Key - Unique key for the assessment type /// </param> /// <param name='assessment'> /// Calculated assessment on a pre-defined assessment metadata /// </param> public static SecurityAssessment CreateOrUpdate(this IAssessmentsOperations operations, string resourceId, string assessmentName, SecurityAssessment assessment) { return(operations.CreateOrUpdateAsync(resourceId, assessmentName, assessment).GetAwaiter().GetResult()); }