/// <summary>
/// The non-boilerplated test code of the APIs for managing the lifecycle of a given database's auditing policy. It is meant to be called with a name of an already existing database (and therefore already existing
/// server and resource group). This test does not create these resources and does not remove them.
/// </summary>
private void TestDatabaseAuditingAPIs(SqlManagementClient sqlClient, string resourceGroupName, Server server, Database database)
{
DatabaseAuditingPolicyGetResponse getDefaultDatabasePolicyResponse = sqlClient.AuditingPolicy.GetDatabasePolicy(resourceGroupName, server.Name, database.Name);
DatabaseAuditingPolicyProperties properties = getDefaultDatabasePolicyResponse.AuditingPolicy.Properties;
// Verify that the initial Get request contains the default policy.
TestUtilities.ValidateOperationResponse(getDefaultDatabasePolicyResponse, HttpStatusCode.OK);
VerifyDatabaseAuditingPolicyInformation(GetDefaultDatabaseAuditProperties(), properties);
// Modify the policy properties, send and receive, see it its still ok
ChangeDataBaseAuditPolicy(properties);
DatabaseAuditingPolicyCreateOrUpdateParameters updateParams =
new DatabaseAuditingPolicyCreateOrUpdateParameters {
Properties = properties
};
var updateResponse = sqlClient.AuditingPolicy.CreateOrUpdateDatebasePolicy(resourceGroupName, server.Name, database.Name, updateParams);
// Verify that the initial Get request contains the default policy.
TestUtilities.ValidateOperationResponse(updateResponse, HttpStatusCode.OK);
DatabaseAuditingPolicyGetResponse getUpdatedPolicyResponse = sqlClient.AuditingPolicy.GetDatabasePolicy(resourceGroupName, server.Name, database.Name);
DatabaseAuditingPolicyProperties updatedProperties = getUpdatedPolicyResponse.AuditingPolicy.Properties;
// Verify that the Get request contains the updated policy.
TestUtilities.ValidateOperationResponse(getUpdatedPolicyResponse, HttpStatusCode.OK);
VerifyDatabaseAuditingPolicyInformation(properties, updatedProperties);
}
/// <summary>
/// Transforms the given model to its endpoints acceptable structure and sends it to the endpoint
/// </summary>
public void SetDatabaseAuditingPolicy(DatabaseAuditingPolicyModel model, String clientId, string storageEndpointSuffix)
{
if (!IsDatabaseInServiceTierForPolicy(model, clientId))
{
throw new Exception(Microsoft.Azure.Commands.Sql.Properties.Resources.DatabaseNotInServiceTierForAuditingPolicy);
}
DatabaseAuditingPolicyCreateOrUpdateParameters parameters = PolicizeDatabaseAuditingModel(model, storageEndpointSuffix);
Communicator.SetDatabaseAuditingPolicy(model.ResourceGroupName, model.ServerName, model.DatabaseName, clientId, parameters);
}
/// <summary>
/// Transforms the given model to its endpoints acceptable structure and sends it to the endpoint
/// </summary>
public void SetDatabaseAuditingPolicy(DatabaseAuditingPolicyModel model, String clientId)
{
if (!IsDatabaseInServiceTierForPolicy(model, clientId))
{
throw new Exception(Resources.DatabaseNotInServiceTierForAuditingPolicy);
}
DatabaseAuditingPolicyCreateOrUpdateParameters parameters = PolicizeDatabaseAuditingModel(model);
Communicator.SetDatabaseAuditingPolicy(model.ResourceGroupName, model.ServerName, model.DatabaseName, clientId, parameters);
}
/// <summary>
/// Takes the cmdlets model object and transform it to the policy as expected by the endpoint
/// </summary>
/// <param name="policy">The AuditingPolicy object</param>
/// <returns>The communication model object</returns>
private DatabaseAuditingPolicyCreateOrUpdateParameters PolicizeDatabaseAuditingModel(DatabaseAuditingPolicyModel model)
{
DatabaseAuditingPolicyCreateOrUpdateParameters updateParameters = new DatabaseAuditingPolicyCreateOrUpdateParameters();
DatabaseAuditingPolicyProperties properties = new DatabaseAuditingPolicyProperties();
updateParameters.Properties = properties;
properties.AuditingState = PolicizeAuditState(model.AuditState);
properties.UseServerDefault = (model.UseServerDefault == UseServerDefaultOptions.Enabled) ? Constants.AuditingEndpoint.Enabled : Constants.AuditingEndpoint.Disabled;
properties.StorageAccountName = ExtractStorageAccountName(model);
properties.StorageAccountResourceGroupName = ExtractStorageAccountResourceGroup(properties.StorageAccountName);
properties.StorageAccountSubscriptionId = ExtractStorageAccountSubscriptionId(properties.StorageAccountName);
properties.StorageTableEndpoint = ExtractStorageAccountTableEndpoint(properties.StorageAccountName);
properties.StorageAccountKey = ExtractStorageAccountKey(properties.StorageAccountName, model, properties.StorageAccountResourceGroupName, StorageKeyKind.Primary);
properties.StorageAccountSecondaryKey = ExtractStorageAccountKey(properties.StorageAccountName, model, properties.StorageAccountResourceGroupName, StorageKeyKind.Secondary);
properties.EventTypesToAudit = ExtractEventTypes(model);
return(updateParameters);
}
/// <summary>
/// Takes the cmdlets model object and transform it to the policy as expected by the endpoint
/// </summary>
/// <param name="model">The AuditingPolicy model object</param>
/// <returns>The communication model object</returns>
private DatabaseAuditingPolicyCreateOrUpdateParameters PolicizeDatabaseAuditingModel(DatabaseAuditingPolicyModel model, string storageEndpointSuffix)
{
DatabaseAuditingPolicyCreateOrUpdateParameters updateParameters = new DatabaseAuditingPolicyCreateOrUpdateParameters();
DatabaseAuditingPolicyProperties properties = new DatabaseAuditingPolicyProperties();
updateParameters.Properties = properties;
properties.AuditingState = PolicizeAuditState(model.AuditState);
properties.UseServerDefault = (model.UseServerDefault == UseServerDefaultOptions.Enabled) ? SecurityConstants.AuditingEndpoint.Enabled : SecurityConstants.AuditingEndpoint.Disabled;
properties.StorageAccountName = ExtractStorageAccountName(model);
properties.StorageAccountResourceGroupName = ExtractStorageAccountResourceGroup(properties.StorageAccountName);
properties.StorageAccountSubscriptionId = ExtractStorageAccountSubscriptionId(properties.StorageAccountName);
properties.StorageTableEndpoint = ExtractStorageAccountTableEndpoint(properties.StorageAccountName, storageEndpointSuffix);
properties.StorageAccountKey = ExtractStorageAccountKey(properties.StorageAccountName, model, properties.StorageAccountResourceGroupName, StorageKeyKind.Primary);
properties.StorageAccountSecondaryKey = ExtractStorageAccountKey(properties.StorageAccountName, model, properties.StorageAccountResourceGroupName, StorageKeyKind.Secondary);
properties.EventTypesToAudit = ExtractEventTypes(model);
properties.RetentionDays = model.RetentionInDays.ToString();
properties.AuditLogsTableName = model.TableIdentifier;
return updateParameters;
}
/// <summary>
/// Calls the set audit APIs for the database auditing policy for the given database in the given database server in the given resource group
/// </summary>
public void SetDatabaseAuditingPolicy(string resourceGroupName, string serverName, string databaseName, string clientRequestId, DatabaseAuditingPolicyCreateOrUpdateParameters parameters)
{
IAuditingPolicyOperations operations = GetCurrentSqlClient(clientRequestId).AuditingPolicy;
operations.CreateOrUpdateDatabasePolicy(resourceGroupName, serverName, databaseName, parameters);
}
/// <summary>
/// Creates or updates an Azure SQL Database auditing policy.
/// </summary>
/// <param name='operations'>
/// Reference to the
/// Microsoft.Azure.Management.Sql.IAuditingPolicyOperations.
/// </param>
/// <param name='resourceGroupName'>
/// Required. The name of the Resource Group to which the server
/// belongs.
/// </param>
/// <param name='serverName'>
/// Required. The name of the Azure SQL Database Server on which the
/// database is hosted.
/// </param>
/// <param name='databaseName'>
/// Required. The name of the Azure SQL Database for which the auditing
/// policy applies.
/// </param>
/// <param name='parameters'>
/// Required. The required parameters for createing or updating a Azure
/// SQL Database auditing policy.
/// </param>
/// <returns>
/// A standard service response including an HTTP status code and
/// request ID.
/// </returns>
public static AzureOperationResponse CreateOrUpdateDatabasePolicy(this IAuditingPolicyOperations operations, string resourceGroupName, string serverName, string databaseName, DatabaseAuditingPolicyCreateOrUpdateParameters parameters)
{
return(Task.Factory.StartNew((object s) =>
{
return ((IAuditingPolicyOperations)s).CreateOrUpdateDatabasePolicyAsync(resourceGroupName, serverName, databaseName, parameters);
}
, operations, CancellationToken.None, TaskCreationOptions.None, TaskScheduler.Default).Unwrap().GetAwaiter().GetResult());
}
/// <summary>
/// Creates or updates an Azure SQL Database auditing policy.
/// </summary>
/// <param name='operations'>
/// Reference to the
/// Microsoft.Azure.Management.Sql.IAuditingPolicyOperations.
/// </param>
/// <param name='resourceGroupName'>
/// Required. The name of the Resource Group to which the server
/// belongs.
/// </param>
/// <param name='serverName'>
/// Required. The name of the Azure SQL Database Server on which the
/// database is hosted.
/// </param>
/// <param name='databaseName'>
/// Required. The name of the Azure SQL Database for which the auditing
/// policy applies.
/// </param>
/// <param name='parameters'>
/// Required. The required parameters for createing or updating a Azure
/// SQL Database auditing policy.
/// </param>
/// <returns>
/// A standard service response including an HTTP status code and
/// request ID.
/// </returns>
public static Task <AzureOperationResponse> CreateOrUpdateDatabasePolicyAsync(this IAuditingPolicyOperations operations, string resourceGroupName, string serverName, string databaseName, DatabaseAuditingPolicyCreateOrUpdateParameters parameters)
{
return(operations.CreateOrUpdateDatabasePolicyAsync(resourceGroupName, serverName, databaseName, parameters, CancellationToken.None));
}
/// <summary>
/// Transforms the given model to its endpoints acceptable structure and sends it to the endpoint
/// </summary>
public void SetDatabaseAuditingPolicy(DatabaseAuditingPolicyModel model, String clientId)
{
DatabaseAuditingPolicyCreateOrUpdateParameters parameters = PolicizeDatabaseAuditingModel(model);
Communicator.SetDatabaseAuditingPolicy(model.ResourceGroupName, model.ServerName, model.DatabaseName, clientId, parameters);
}
