/// <summary> /// Updates the given model element with the cmdlet specific operation /// </summary> /// <param name="model">A model object</param> protected override DatabaseAuditingPolicyModel ApplyUserInputToModel(DatabaseAuditingPolicyModel model) { base.ApplyUserInputToModel(model); model.UseServerDefault = UseServerDefaultOptions.Enabled; model.StorageAccountName = GetStorageAccountName(); return model; }
/// <summary> /// Updates the given model element with the cmdlet specific operation /// </summary> /// <param name="model">A model object</param> protected override DatabaseAuditingPolicyModel ApplyUserInputToModel(DatabaseAuditingPolicyModel model) { base.ApplyUserInputToModel(model); AuditStateType orgAuditStateType = model.AuditState; model.AuditState = AuditStateType.Enabled; model.UseServerDefault = UseServerDefaultOptions.Disabled; if (StorageAccountName != null) { model.StorageAccountName = StorageAccountName; } if (!string.IsNullOrEmpty(StorageKeyType)) // the user enter a key type - we use it (and running over the previously defined key type) { model.StorageKeyType = (StorageKeyType == SecurityConstants.Primary) ? StorageKeyKind.Primary : StorageKeyKind.Secondary; } EventType = Util.ProcessAuditEvents(EventType); if (EventType != null) // the user provided event types to audit { model.EventType = EventType.Select(s => SecurityConstants.AuditEventsToAuditEventType[s]).ToArray(); } if (RetentionInDays != null) { model.RetentionInDays = RetentionInDays; } if (TableIdentifier == null) { if ((orgAuditStateType == AuditStateType.New) && (model.RetentionInDays > 0)) { // If retention days is greater than 0 and no audit table identifier is supplied , we throw exception giving the user hint on the recommended TableIdentifier we got from the CSM throw new Exception(string.Format(Resources.InvalidRetentionTypeSet, model.TableIdentifier)); } } else { model.TableIdentifier = TableIdentifier; } if (Util.DeprecatedEventTypeFound(EventType)) { WriteWarning(string.Format(Resources.DeprecatedEventTypeUsed)); } return model; }
/// <summary> /// Takes the cmdlets model object and transform it to the policy as expected by the endpoint /// </summary> /// <param name="model">The AuditingPolicy model object</param> /// <returns>The communication model object</returns> private DatabaseAuditingPolicyCreateOrUpdateParameters PolicizeDatabaseAuditingModel(DatabaseAuditingPolicyModel model) { DatabaseAuditingPolicyCreateOrUpdateParameters updateParameters = new DatabaseAuditingPolicyCreateOrUpdateParameters(); DatabaseAuditingPolicyProperties properties = new DatabaseAuditingPolicyProperties(); updateParameters.Properties = properties; properties.AuditingState = PolicizeAuditState(model.AuditState); properties.UseServerDefault = (model.UseServerDefault == UseServerDefaultOptions.Enabled) ? SecurityConstants.AuditingEndpoint.Enabled : SecurityConstants.AuditingEndpoint.Disabled; properties.StorageAccountName = ExtractStorageAccountName(model); properties.StorageAccountResourceGroupName = ExtractStorageAccountResourceGroup(properties.StorageAccountName); properties.StorageAccountSubscriptionId = ExtractStorageAccountSubscriptionId(properties.StorageAccountName); properties.StorageTableEndpoint = ExtractStorageAccountTableEndpoint(properties.StorageAccountName); properties.StorageAccountKey = ExtractStorageAccountKey(properties.StorageAccountName, model, properties.StorageAccountResourceGroupName, StorageKeyKind.Primary); properties.StorageAccountSecondaryKey = ExtractStorageAccountKey(properties.StorageAccountName, model, properties.StorageAccountResourceGroupName, StorageKeyKind.Secondary); properties.EventTypesToAudit = ExtractEventTypes(model); properties.RetentionDays = model.RetentionInDays.ToString(); properties.AuditLogsTableName = model.TableIdentifier; return updateParameters; }
private bool IsDatabaseInServiceTierForPolicy(DatabaseAuditingPolicyModel model, string clientId) { AzureSqlDatabaseCommunicator dbCommunicator = new AzureSqlDatabaseCommunicator(Profile, Subscription); Management.Sql.Models.Database database = dbCommunicator.Get(model.ResourceGroupName, model.ServerName, model.DatabaseName, clientId); DatabaseEdition edition = DatabaseEdition.None; Enum.TryParse<DatabaseEdition>(database.Properties.Edition, true, out edition); if(edition == DatabaseEdition.Basic || edition == DatabaseEdition.Standard || edition == DatabaseEdition.Premium || edition == DatabaseEdition.DataWarehouse) { return true; } return false; }
/// <summary> /// Transforms the given model to its endpoints acceptable structure and sends it to the endpoint /// </summary> public void SetDatabaseAuditingPolicy(DatabaseAuditingPolicyModel model, String clientId) { if (!IsDatabaseInServiceTierForPolicy(model, clientId)) { throw new Exception(Resources.DatabaseNotInServiceTierForAuditingPolicy); } DatabaseAuditingPolicyCreateOrUpdateParameters parameters = PolicizeDatabaseAuditingModel(model); Communicator.SetDatabaseAuditingPolicy(model.ResourceGroupName, model.ServerName, model.DatabaseName, clientId, parameters); }
/// <summary> /// Transforms the given database policy object to its cmdlet model representation /// </summary> private DatabaseAuditingPolicyModel ModelizeDatabaseAuditPolicy(DatabaseAuditingPolicy policy) { DatabaseAuditingPolicyModel dbPolicyModel = new DatabaseAuditingPolicyModel(); DatabaseAuditingPolicyProperties properties = policy.Properties; dbPolicyModel.AuditState = ModelizeAuditState(properties.AuditingState); dbPolicyModel.UseServerDefault = properties.UseServerDefault == SecurityConstants.AuditingEndpoint.Enabled ? UseServerDefaultOptions.Enabled : UseServerDefaultOptions.Disabled; ModelizeStorageInfo(dbPolicyModel, properties.StorageAccountName, properties.StorageAccountKey, properties.StorageAccountSecondaryKey); ModelizeEventTypesInfo(dbPolicyModel, properties.EventTypesToAudit); ModelizeRetentionInfo(dbPolicyModel, properties.RetentionDays, properties.AuditLogsTableName); return dbPolicyModel; }
/// <summary> /// This method is responsible to call the right API in the communication layer that will eventually send the information in the /// object to the REST endpoint /// </summary> /// <param name="model">The model object with the data to be sent to the REST endpoints</param> protected override DatabaseAuditingPolicyModel PersistChanges(DatabaseAuditingPolicyModel model) { ModelAdapter.IgnoreStorage = true; base.PersistChanges(model); return null; }
/// <summary> /// Updates the given model element with the cmdlet specific operation /// </summary> /// <param name="model">A model object</param> protected override DatabaseAuditingPolicyModel ApplyUserInputToModel(DatabaseAuditingPolicyModel model) { base.ApplyUserInputToModel(model); model.AuditState = AuditStateType.Disabled; return model; }
/// <summary> /// Transforms the given model to its endpoints acceptable structure and sends it to the endpoint /// </summary> public void SetDatabaseAuditingPolicy(DatabaseAuditingPolicyModel model, String clientId) { DatabaseAuditingPolicyCreateOrUpdateParameters parameters = PolicizeDatabaseAuditingModel(model); Communicator.SetDatabaseAuditingPolicy(model.ResourceGroupName, model.ServerName, model.DatabaseName, clientId, parameters); }
/// <summary> /// No sending is needed as this is a Get cmdlet /// </summary> /// <param name="model">The model object with the data to be sent to the REST endpoints</param> protected override DatabaseAuditingPolicyModel PersistChanges(DatabaseAuditingPolicyModel model) { return null; }