public async void TestDatabaseBlobAuditingPolicy()
        {
            using (SqlManagementTestContext context = new SqlManagementTestContext(this))
            {
                ResourceGroup       resourceGroup = context.CreateResourceGroup();
                SqlManagementClient client        = context.GetClient <SqlManagementClient>();
                Server server = context.CreateServer(resourceGroup);

                Database database = client.Databases.CreateOrUpdate(resourceGroup.Name, server.Name, SqlManagementTestUtilities.GenerateName(DatabaseNamePrefix), new Database()
                {
                    Location = server.Location,
                });
                Assert.NotNull(database);

                StorageAccountInformation storageAccountInformation = await CreateStorageAccountAsync(context, resourceGroup);

                DatabaseBlobAuditingPolicy databasePolicy = new DatabaseBlobAuditingPolicy
                {
                    State                       = BlobAuditingPolicyState.Enabled,
                    StorageEndpoint             = storageAccountInformation.Endpoint,
                    StorageAccountAccessKey     = storageAccountInformation.PrimaryKey,
                    RetentionDays               = RetentionDays,
                    IsStorageSecondaryKeyInUse  = IsStorageSecondaryKeyInUse,
                    IsAzureMonitorTargetEnabled = true,
                    QueueDelayMs                = 1000
                };

                ExtendedDatabaseBlobAuditingPolicy extendedDatabasePolicy = new ExtendedDatabaseBlobAuditingPolicy
                {
                    State                       = BlobAuditingPolicyState.Enabled,
                    StorageEndpoint             = storageAccountInformation.Endpoint,
                    StorageAccountAccessKey     = storageAccountInformation.PrimaryKey,
                    RetentionDays               = RetentionDays,
                    IsStorageSecondaryKeyInUse  = IsStorageSecondaryKeyInUse,
                    PredicateExpression         = PredicateExpression,
                    IsAzureMonitorTargetEnabled = true,
                    QueueDelayMs                = 1000
                };

                DatabaseBlobAuditingPolicy databaseResultPolicy = await client.DatabaseBlobAuditingPolicies.CreateOrUpdateAsync(resourceGroup.Name, server.Name, database.Name, databasePolicy);

                VerifyDatabaseBlobAuditingPolicy(databasePolicy, databaseResultPolicy);
                databaseResultPolicy = await client.DatabaseBlobAuditingPolicies.GetAsync(resourceGroup.Name, server.Name, database.Name);

                VerifyDatabaseBlobAuditingPolicy(databasePolicy, databaseResultPolicy);

                ExtendedDatabaseBlobAuditingPolicy extendedDatabaseResultPolicy = await client.ExtendedDatabaseBlobAuditingPolicies.CreateOrUpdateAsync(resourceGroup.Name, server.Name, database.Name, extendedDatabasePolicy);

                VerifyExtendedDatabaseBlobAuditingPolicy(extendedDatabasePolicy, extendedDatabaseResultPolicy);
                extendedDatabaseResultPolicy = await client.ExtendedDatabaseBlobAuditingPolicies.GetAsync(resourceGroup.Name, server.Name, database.Name);

                VerifyExtendedDatabaseBlobAuditingPolicy(extendedDatabasePolicy, extendedDatabaseResultPolicy);

                await client.Databases.DeleteAsync(resourceGroup.Name, server.Name, database.Name);

                await client.Servers.DeleteAsync(resourceGroup.Name, server.Name);
                await DeleteStorageAccountAsync(context, resourceGroup.Name, storageAccountInformation.Name);
            }
        }
        public bool SetExtendedAuditingPolicy(string resourceGroupName, string serverName,
                                              string databaseName, ExtendedDatabaseBlobAuditingPolicy policy)
        {
            IExtendedDatabaseBlobAuditingPoliciesOperations operations = GetCurrentSqlClient().ExtendedDatabaseBlobAuditingPolicies;

            return(operations.CreateOrUpdateWithHttpMessagesAsync(resourceGroupName,
                                                                  serverName, databaseName, policy).Result.Response.IsSuccessStatusCode);
        }
 private void VerifyExtendedDatabaseBlobAuditingPolicy(ExtendedDatabaseBlobAuditingPolicy extendedDatabasePolicy, ExtendedDatabaseBlobAuditingPolicy extendedDatabaseResultPolicy)
 {
     Assert.Equal(extendedDatabaseResultPolicy.State, extendedDatabasePolicy.State);
     Assert.Equal(extendedDatabaseResultPolicy.StorageEndpoint, extendedDatabasePolicy.StorageEndpoint);
     Assert.Null(extendedDatabaseResultPolicy.StorageAccountAccessKey);
     Assert.Equal(extendedDatabaseResultPolicy.RetentionDays, extendedDatabasePolicy.RetentionDays);
     Assert.Equal(extendedDatabaseResultPolicy.IsStorageSecondaryKeyInUse, extendedDatabasePolicy.IsStorageSecondaryKeyInUse);
     Assert.Equal(extendedDatabaseResultPolicy.PredicateExpression, extendedDatabasePolicy.PredicateExpression);
 }
예제 #4
0
        internal void GetAuditingSettings(
            string resourceGroup, string serverName, string databaseName,
            DatabaseAuditModel model)
        {
            ExtendedDatabaseBlobAuditingPolicy policy = Communicator.GetAuditingPolicy(resourceGroup, serverName, databaseName);

            model.DiagnosticsEnablingAuditCategory =
                Communicator.GetDiagnosticsEnablingAuditCategory(out string nextDiagnosticSettingsName,
                                                                 resourceGroup, serverName, databaseName);
            model.NextDiagnosticSettingsName = nextDiagnosticSettingsName;
            ModelizeDatabaseAuditPolicy(model, policy);
        }
예제 #5
0
 private void ModelizeDatabaseAuditPolicy(
     DatabaseAuditModel model,
     ExtendedDatabaseBlobAuditingPolicy policy)
 {
     model.IsAzureMonitorTargetEnabled = policy.IsAzureMonitorTargetEnabled;
     model.PredicateExpression         = policy.PredicateExpression;
     model.AuditActionGroup            = ExtractAuditActionGroups(policy.AuditActionsAndGroups);
     model.AuditAction = ExtractAuditActions(policy.AuditActionsAndGroups);
     ModelizeStorageInfo(model, policy.StorageEndpoint, policy.IsStorageSecondaryKeyInUse, policy.StorageAccountSubscriptionId,
                         IsAuditEnabled(policy.State), policy.RetentionDays);
     DetermineTargetsState(model, policy.State);
 }
        private bool SetAudit(DatabaseAuditModel model)
        {
            ValidateDatabaseInServiceTierForPolicy(model.ResourceGroupName, model.ServerName, model.DatabaseName);

            if (string.IsNullOrEmpty(model.PredicateExpression))
            {
                DatabaseBlobAuditingPolicy policy = new DatabaseBlobAuditingPolicy();
                PolicizeAuditModel(model, policy);
                return(Communicator.SetAuditingPolicy(model.ResourceGroupName, model.ServerName, model.DatabaseName, policy));
            }
            else
            {
                ExtendedDatabaseBlobAuditingPolicy policy = new ExtendedDatabaseBlobAuditingPolicy
                {
                    PredicateExpression = model.PredicateExpression
                };

                PolicizeAuditModel(model, policy);
                return(Communicator.SetExtendedAuditingPolicy(model.ResourceGroupName, model.ServerName, model.DatabaseName, policy));
            }
        }
        public bool SetAuditingPolicy(DatabaseBlobAuditingSettingsModel model)
        {
            if (!IsDatabaseInServiceTierForPolicy(model.ResourceGroupName, model.ServerName, model.DatabaseName))
            {
                throw new Exception(Properties.Resources.DatabaseNotInServiceTierForAuditingPolicy);
            }

            if (string.IsNullOrEmpty(model.PredicateExpression))
            {
                DatabaseBlobAuditingPolicy policy = new DatabaseBlobAuditingPolicy();
                PolicizeAuditingSettingsModel(model, policy);
                return(Communicator.SetAuditingPolicy(model.ResourceGroupName, model.ServerName, model.DatabaseName, policy));
            }
            else
            {
                ExtendedDatabaseBlobAuditingPolicy policy = new ExtendedDatabaseBlobAuditingPolicy
                {
                    PredicateExpression = model.PredicateExpression
                };

                PolicizeAuditingSettingsModel(model, policy);
                return(Communicator.SetExtendedAuditingPolicy(model.ResourceGroupName, model.ServerName, model.DatabaseName, policy));
            }
        }
        /// <summary>
        /// Creates or updates an extended database's blob auditing policy.
        /// </summary>
        /// <param name='resourceGroupName'>
        /// The name of the resource group that contains the resource. You can obtain
        /// this value from the Azure Resource Manager API or the portal.
        /// </param>
        /// <param name='serverName'>
        /// The name of the server.
        /// </param>
        /// <param name='databaseName'>
        /// The name of the database.
        /// </param>
        /// <param name='parameters'>
        /// The extended database blob auditing policy.
        /// </param>
        /// <param name='customHeaders'>
        /// Headers that will be added to request.
        /// </param>
        /// <param name='cancellationToken'>
        /// The cancellation token.
        /// </param>
        /// <exception cref="CloudException">
        /// Thrown when the operation returned an invalid status code
        /// </exception>
        /// <exception cref="SerializationException">
        /// Thrown when unable to deserialize the response
        /// </exception>
        /// <exception cref="ValidationException">
        /// Thrown when a required parameter is null
        /// </exception>
        /// <exception cref="System.ArgumentNullException">
        /// Thrown when a required parameter is null
        /// </exception>
        /// <return>
        /// A response object containing the response body and response headers.
        /// </return>
        public async Task <AzureOperationResponse <ExtendedDatabaseBlobAuditingPolicy> > CreateOrUpdateWithHttpMessagesAsync(string resourceGroupName, string serverName, string databaseName, ExtendedDatabaseBlobAuditingPolicy parameters, Dictionary <string, List <string> > customHeaders = null, CancellationToken cancellationToken = default(CancellationToken))
        {
            if (resourceGroupName == null)
            {
                throw new ValidationException(ValidationRules.CannotBeNull, "resourceGroupName");
            }
            if (serverName == null)
            {
                throw new ValidationException(ValidationRules.CannotBeNull, "serverName");
            }
            if (databaseName == null)
            {
                throw new ValidationException(ValidationRules.CannotBeNull, "databaseName");
            }
            if (parameters == null)
            {
                throw new ValidationException(ValidationRules.CannotBeNull, "parameters");
            }
            if (parameters != null)
            {
                parameters.Validate();
            }
            if (Client.SubscriptionId == null)
            {
                throw new ValidationException(ValidationRules.CannotBeNull, "this.Client.SubscriptionId");
            }
            string blobAuditingPolicyName = "default";
            string apiVersion             = "2017-03-01-preview";
            // Tracing
            bool   _shouldTrace  = ServiceClientTracing.IsEnabled;
            string _invocationId = null;

            if (_shouldTrace)
            {
                _invocationId = ServiceClientTracing.NextInvocationId.ToString();
                Dictionary <string, object> tracingParameters = new Dictionary <string, object>();
                tracingParameters.Add("resourceGroupName", resourceGroupName);
                tracingParameters.Add("serverName", serverName);
                tracingParameters.Add("databaseName", databaseName);
                tracingParameters.Add("blobAuditingPolicyName", blobAuditingPolicyName);
                tracingParameters.Add("parameters", parameters);
                tracingParameters.Add("apiVersion", apiVersion);
                tracingParameters.Add("cancellationToken", cancellationToken);
                ServiceClientTracing.Enter(_invocationId, this, "CreateOrUpdate", tracingParameters);
            }
            // Construct URL
            var _baseUrl = Client.BaseUri.AbsoluteUri;
            var _url     = new System.Uri(new System.Uri(_baseUrl + (_baseUrl.EndsWith("/") ? "" : "/")), "subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Sql/servers/{serverName}/databases/{databaseName}/extendedAuditingSettings/{blobAuditingPolicyName}").ToString();

            _url = _url.Replace("{resourceGroupName}", System.Uri.EscapeDataString(resourceGroupName));
            _url = _url.Replace("{serverName}", System.Uri.EscapeDataString(serverName));
            _url = _url.Replace("{databaseName}", System.Uri.EscapeDataString(databaseName));
            _url = _url.Replace("{blobAuditingPolicyName}", System.Uri.EscapeDataString(blobAuditingPolicyName));
            _url = _url.Replace("{subscriptionId}", System.Uri.EscapeDataString(Client.SubscriptionId));
            List <string> _queryParameters = new List <string>();

            if (apiVersion != null)
            {
                _queryParameters.Add(string.Format("api-version={0}", System.Uri.EscapeDataString(apiVersion)));
            }
            if (_queryParameters.Count > 0)
            {
                _url += (_url.Contains("?") ? "&" : "?") + string.Join("&", _queryParameters);
            }
            // Create HTTP transport objects
            var _httpRequest = new HttpRequestMessage();
            HttpResponseMessage _httpResponse = null;

            _httpRequest.Method     = new HttpMethod("PUT");
            _httpRequest.RequestUri = new System.Uri(_url);
            // Set Headers
            if (Client.GenerateClientRequestId != null && Client.GenerateClientRequestId.Value)
            {
                _httpRequest.Headers.TryAddWithoutValidation("x-ms-client-request-id", System.Guid.NewGuid().ToString());
            }
            if (Client.AcceptLanguage != null)
            {
                if (_httpRequest.Headers.Contains("accept-language"))
                {
                    _httpRequest.Headers.Remove("accept-language");
                }
                _httpRequest.Headers.TryAddWithoutValidation("accept-language", Client.AcceptLanguage);
            }


            if (customHeaders != null)
            {
                foreach (var _header in customHeaders)
                {
                    if (_httpRequest.Headers.Contains(_header.Key))
                    {
                        _httpRequest.Headers.Remove(_header.Key);
                    }
                    _httpRequest.Headers.TryAddWithoutValidation(_header.Key, _header.Value);
                }
            }

            // Serialize Request
            string _requestContent = null;

            if (parameters != null)
            {
                _requestContent      = Rest.Serialization.SafeJsonConvert.SerializeObject(parameters, Client.SerializationSettings);
                _httpRequest.Content = new StringContent(_requestContent, System.Text.Encoding.UTF8);
                _httpRequest.Content.Headers.ContentType = System.Net.Http.Headers.MediaTypeHeaderValue.Parse("application/json; charset=utf-8");
            }
            // Set Credentials
            if (Client.Credentials != null)
            {
                cancellationToken.ThrowIfCancellationRequested();
                await Client.Credentials.ProcessHttpRequestAsync(_httpRequest, cancellationToken).ConfigureAwait(false);
            }
            // Send Request
            if (_shouldTrace)
            {
                ServiceClientTracing.SendRequest(_invocationId, _httpRequest);
            }
            cancellationToken.ThrowIfCancellationRequested();
            _httpResponse = await Client.HttpClient.SendAsync(_httpRequest, cancellationToken).ConfigureAwait(false);

            if (_shouldTrace)
            {
                ServiceClientTracing.ReceiveResponse(_invocationId, _httpResponse);
            }
            HttpStatusCode _statusCode = _httpResponse.StatusCode;

            cancellationToken.ThrowIfCancellationRequested();
            string _responseContent = null;

            if ((int)_statusCode != 200 && (int)_statusCode != 201)
            {
                var ex = new CloudException(string.Format("Operation returned an invalid status code '{0}'", _statusCode));
                try
                {
                    _responseContent = await _httpResponse.Content.ReadAsStringAsync().ConfigureAwait(false);

                    CloudError _errorBody = Rest.Serialization.SafeJsonConvert.DeserializeObject <CloudError>(_responseContent, Client.DeserializationSettings);
                    if (_errorBody != null)
                    {
                        ex      = new CloudException(_errorBody.Message);
                        ex.Body = _errorBody;
                    }
                }
                catch (JsonException)
                {
                    // Ignore the exception
                }
                ex.Request  = new HttpRequestMessageWrapper(_httpRequest, _requestContent);
                ex.Response = new HttpResponseMessageWrapper(_httpResponse, _responseContent);
                if (_httpResponse.Headers.Contains("x-ms-request-id"))
                {
                    ex.RequestId = _httpResponse.Headers.GetValues("x-ms-request-id").FirstOrDefault();
                }
                if (_shouldTrace)
                {
                    ServiceClientTracing.Error(_invocationId, ex);
                }
                _httpRequest.Dispose();
                if (_httpResponse != null)
                {
                    _httpResponse.Dispose();
                }
                throw ex;
            }
            // Create Result
            var _result = new AzureOperationResponse <ExtendedDatabaseBlobAuditingPolicy>();

            _result.Request  = _httpRequest;
            _result.Response = _httpResponse;
            if (_httpResponse.Headers.Contains("x-ms-request-id"))
            {
                _result.RequestId = _httpResponse.Headers.GetValues("x-ms-request-id").FirstOrDefault();
            }
            // Deserialize Response
            if ((int)_statusCode == 200)
            {
                _responseContent = await _httpResponse.Content.ReadAsStringAsync().ConfigureAwait(false);

                try
                {
                    _result.Body = Rest.Serialization.SafeJsonConvert.DeserializeObject <ExtendedDatabaseBlobAuditingPolicy>(_responseContent, Client.DeserializationSettings);
                }
                catch (JsonException ex)
                {
                    _httpRequest.Dispose();
                    if (_httpResponse != null)
                    {
                        _httpResponse.Dispose();
                    }
                    throw new SerializationException("Unable to deserialize the response.", _responseContent, ex);
                }
            }
            // Deserialize Response
            if ((int)_statusCode == 201)
            {
                _responseContent = await _httpResponse.Content.ReadAsStringAsync().ConfigureAwait(false);

                try
                {
                    _result.Body = Rest.Serialization.SafeJsonConvert.DeserializeObject <ExtendedDatabaseBlobAuditingPolicy>(_responseContent, Client.DeserializationSettings);
                }
                catch (JsonException ex)
                {
                    _httpRequest.Dispose();
                    if (_httpResponse != null)
                    {
                        _httpResponse.Dispose();
                    }
                    throw new SerializationException("Unable to deserialize the response.", _responseContent, ex);
                }
            }
            if (_shouldTrace)
            {
                ServiceClientTracing.Exit(_invocationId, _result);
            }
            return(_result);
        }
예제 #9
0
        /// <summary>
        /// Calls the set extended blob audit APIs for the database auditing policy for the given database in the given database server in the given resource group
        /// </summary>
        public void SetExtendedDatabaseAuditingPolicy(string resourceGroupName, string serverName, string databaseName, ExtendedDatabaseBlobAuditingPolicy policy)
        {
            var operations = GetCurrentSqlClient().ExtendedDatabaseBlobAuditingPolicies;

            operations.CreateOrUpdate(resourceGroupName, serverName, databaseName, policy);
        }
예제 #10
0
 /// <summary>
 /// Gets the database extended blob auditing policy for the given database in the given database server in the given resource group
 /// </summary>
 public void GetExtendedDatabaseAuditingPolicy(string resourceGroupName, string serverName, string databaseName, out ExtendedDatabaseBlobAuditingPolicy policy)
 {
     policy = GetCurrentSqlClient().ExtendedDatabaseBlobAuditingPolicies.Get(resourceGroupName, serverName, databaseName);
 }
예제 #11
0
 /// <summary>
 /// Creates or updates an extended database's blob auditing policy.
 /// </summary>
 /// <param name='operations'>
 /// The operations group for this extension method.
 /// </param>
 /// <param name='resourceGroupName'>
 /// The name of the resource group that contains the resource. You can obtain
 /// this value from the Azure Resource Manager API or the portal.
 /// </param>
 /// <param name='serverName'>
 /// The name of the server.
 /// </param>
 /// <param name='databaseName'>
 /// The name of the database.
 /// </param>
 /// <param name='parameters'>
 /// The extended database blob auditing policy.
 /// </param>
 /// <param name='cancellationToken'>
 /// The cancellation token.
 /// </param>
 public static async Task <ExtendedDatabaseBlobAuditingPolicy> CreateOrUpdateAsync(this IExtendedDatabaseBlobAuditingPoliciesOperations operations, string resourceGroupName, string serverName, string databaseName, ExtendedDatabaseBlobAuditingPolicy parameters, CancellationToken cancellationToken = default(CancellationToken))
 {
     using (var _result = await operations.CreateOrUpdateWithHttpMessagesAsync(resourceGroupName, serverName, databaseName, parameters, null, cancellationToken).ConfigureAwait(false))
     {
         return(_result.Body);
     }
 }
예제 #12
0
 /// <summary>
 /// Creates or updates an extended database's blob auditing policy.
 /// </summary>
 /// <param name='operations'>
 /// The operations group for this extension method.
 /// </param>
 /// <param name='resourceGroupName'>
 /// The name of the resource group that contains the resource. You can obtain
 /// this value from the Azure Resource Manager API or the portal.
 /// </param>
 /// <param name='serverName'>
 /// The name of the server.
 /// </param>
 /// <param name='databaseName'>
 /// The name of the database.
 /// </param>
 /// <param name='parameters'>
 /// The extended database blob auditing policy.
 /// </param>
 public static ExtendedDatabaseBlobAuditingPolicy CreateOrUpdate(this IExtendedDatabaseBlobAuditingPoliciesOperations operations, string resourceGroupName, string serverName, string databaseName, ExtendedDatabaseBlobAuditingPolicy parameters)
 {
     return(operations.CreateOrUpdateAsync(resourceGroupName, serverName, databaseName, parameters).GetAwaiter().GetResult());
 }
예제 #13
0
 private void ModelizeDatabaseAuditPolicy(DatabaseBlobAuditingSettingsModel model, ExtendedDatabaseBlobAuditingPolicy policy)
 {
     model.IsGlobalAuditEnabled        = policy.State == BlobAuditingPolicyState.Enabled;
     model.IsAzureMonitorTargetEnabled = policy.IsAzureMonitorTargetEnabled;
     model.PredicateExpression         = policy.PredicateExpression;
     ModelizeAuditActionGroups(model, policy.AuditActionsAndGroups);
     ModelizeAuditActions(model, policy.AuditActionsAndGroups);
     ModelizeStorageInfo(model, policy.StorageEndpoint, policy.IsStorageSecondaryKeyInUse, policy.StorageAccountSubscriptionId);
     ModelizeRetentionInfo(model, policy.RetentionDays);
 }