private void ValidatePolicyStatesQueryResults(PolicyStatesQueryResults queryResults)
{
Assert.NotNull(queryResults);
Assert.False(string.IsNullOrEmpty(queryResults.Odatacontext));
Assert.True(queryResults.Odatacount.HasValue);
Assert.True(queryResults.Odatacount.Value >= 0);
Assert.NotNull(queryResults.Value);
foreach (var policyState in queryResults.Value)
{
Assert.NotNull(policyState);
Assert.Null(policyState.Odataid);
Assert.False(string.IsNullOrEmpty(policyState.Odatacontext));
Assert.True(policyState.Timestamp.HasValue);
Assert.False(string.IsNullOrEmpty(policyState.ResourceId));
Assert.False(string.IsNullOrEmpty(policyState.PolicyAssignmentId));
Assert.False(string.IsNullOrEmpty(policyState.PolicyDefinitionId));
Assert.True(policyState.IsCompliant.HasValue);
Assert.False(string.IsNullOrEmpty(policyState.SubscriptionId));
Assert.False(string.IsNullOrEmpty(policyState.PolicyDefinitionAction));
Assert.NotNull(policyState.AdditionalProperties);
}
}
private void ValidatePolicyStatesQueryResults(PolicyStatesQueryResults queryResults, bool expandPolicyEvaluationDetails = false)
{
Assert.NotNull(queryResults);
Assert.False(string.IsNullOrEmpty(queryResults.Odatacontext));
Assert.True(queryResults.Odatacount.HasValue);
Assert.True(queryResults.Odatacount.Value >= 0);
Assert.NotNull(queryResults.Value);
foreach (var policyState in queryResults.Value)
{
Assert.NotNull(policyState);
Assert.Null(policyState.Odataid);
Assert.False(string.IsNullOrEmpty(policyState.Odatacontext));
Assert.True(policyState.Timestamp.HasValue);
Assert.False(string.IsNullOrEmpty(policyState.ResourceId));
Assert.False(string.IsNullOrEmpty(policyState.PolicyAssignmentId));
Assert.False(string.IsNullOrEmpty(policyState.PolicyDefinitionId));
Assert.True(policyState.IsCompliant.HasValue);
Assert.False(string.IsNullOrEmpty(policyState.SubscriptionId));
Assert.False(string.IsNullOrEmpty(policyState.PolicyDefinitionAction));
Assert.False(string.IsNullOrEmpty(policyState.ComplianceState));
Assert.NotNull(policyState.PolicyDefinitionGroupNames);
Assert.NotEmpty(policyState.PolicyDefinitionGroupNames);
if (expandPolicyEvaluationDetails && string.Equals(policyState.ComplianceState, "NonCompliant", StringComparison.OrdinalIgnoreCase))
{
Assert.NotNull(policyState.PolicyEvaluationDetails);
}
else
{
Assert.Null(policyState.PolicyEvaluationDetails);
}
Assert.NotNull(policyState.PolicyDefinitionVersion);
Assert.NotNull(policyState.PolicySetDefinitionVersion);
Assert.NotNull(policyState.PolicyAssignmentVersion);
Assert.NotNull(policyState.AdditionalProperties);
Assert.False(policyState.AdditionalProperties.ContainsKey("policyDefinitionVersion"));
Assert.False(policyState.AdditionalProperties.ContainsKey("policySetDefinitionVersion"));
Assert.False(policyState.AdditionalProperties.ContainsKey("policyAssignmentVersion"));
}
}
// Get guest configuration policy statuses by initiative definition name
protected IEnumerable <PolicyStatusDetailed> GetPolicyStatusesDetailedByInitiativeName(string resourceGroupName,
string vmName,
string initiativeName,
IEnumerable <GuestConfigurationAssignment> gcrpAssignments)
{
var gcPolicyAssignments = GetPolicyStatuses(resourceGroupName, vmName, gcrpAssignments, initiativeName);
var gcPolicyAssignmentReportList = new List <PolicyStatusDetailed>();
if (gcPolicyAssignments.Count() > 0)
{
var gcPolicyAssignmentsArray = gcPolicyAssignments.ToArray();
// Sort assignments by policy display name
Array.Sort(gcPolicyAssignmentsArray, (first, second) =>
{
return(string.Compare(first.PolicyDisplayName, second.PolicyDisplayName, true));
});
foreach (var gcPolicyAssignment in gcPolicyAssignmentsArray)
{
var reportGuid = CommonHelpers.GetReportGUIDFromID(gcPolicyAssignment.LatestReportId);
GuestConfigurationAssignmentReport gcrpReport = null;
if (gcPolicyAssignment.LatestReportId != null)
{
gcrpReport = GuestConfigurationClient.GuestConfigurationAssignmentReports.Get(resourceGroupName, gcPolicyAssignment.Configuration.Name, reportGuid, vmName);
}
PolicyStatusDetailed policyDetailed = new PolicyStatusDetailed(gcrpReport, gcPolicyAssignment);
QueryOptions queryOptions = new QueryOptions();
queryOptions.Filter = string.Format("resourceGroup eq '{0}' and policyDefinitionAction eq 'deployifnotexists' and contains(ResourceId,'{1}')", resourceGroupName, vmName);
queryOptions.OrderBy = "Timestamp desc";
queryOptions.Top = 1;
PolicyStatesQueryResults policyDbResults = PolicyInsightsClient.PolicyStates.ListQueryResultsForPolicySetDefinition("latest", DefaultContext.Subscription.Id, gcPolicyAssignment.PolicySetDefinitionName, queryOptions);
if (policyDbResults.Odatacount > 0 && policyDbResults.Value[0].IsCompliant.HasValue && !policyDbResults.Value[0].IsCompliant.Value)
{
policyDetailed.ComplianceStatus = "NonCompliant";
}
gcPolicyAssignmentReportList.Add(policyDetailed);
}
}
return(gcPolicyAssignmentReportList);
}
// Get guest configuration policy statuses by initiative definition name
protected IEnumerable <PolicyStatusDetailed> GetPolicyStatusesDetailedByInitiativeName(string resourceGroupName,
string vmName,
string initiativeName,
IEnumerable <GuestConfigurationAssignment> gcrpAssignments)
{
var gcPolicyAssignments = GetPolicyStatuses(resourceGroupName, vmName, gcrpAssignments, initiativeName);
var gcPolicyAssignmentReportList = new List <PolicyStatusDetailed>();
if (gcPolicyAssignments.Count() > 0)
{
var gcPolicyAssignmentsArray = gcPolicyAssignments.ToArray();
// Sort assignments by policy display name
Array.Sort(gcPolicyAssignmentsArray, (first, second) =>
{
return(string.Compare(first.PolicyDisplayName, second.PolicyDisplayName, true));
});
foreach (var gcPolicyAssignment in gcPolicyAssignmentsArray)
{
var reportGuid = CommonHelpers.GetReportGUIDFromID(gcPolicyAssignment.LatestReportId);
GuestConfigurationAssignmentReport gcrpVMReport = null;
GuestConfigurationAssignmentReport gcrpHCReport = null;
GuestConfigurationAssignmentReport gcrpReport = null;
if (gcPolicyAssignment.LatestReportId != null)
{
//check Azure VM
try
{
gcrpVMReport = GuestConfigurationClient.GuestConfigurationAssignmentReports.Get(resourceGroupName, gcPolicyAssignment.Configuration.Name, reportGuid, vmName);
}
catch (GuestConfigurationErrorResponseException exception) when(HttpStatusCode.NotFound.Equals(exception.Response.StatusCode))
{
this.WriteVerbose(string.Format(StringResources.NotFoundByReportId, reportGuid));
}
//check HybridCompute machine
try
{
gcrpHCReport = GuestConfigurationClient.GuestConfigurationHCRPAssignmentReports.Get(resourceGroupName, gcPolicyAssignment.Configuration.Name, reportGuid, vmName);
}
catch (GuestConfigurationErrorResponseException exception) when(HttpStatusCode.NotFound.Equals(exception.Response.StatusCode))
{
this.WriteVerbose(string.Format(StringResources.NotFoundByReportId, reportGuid));
}
gcrpReport = gcrpVMReport != null ? gcrpVMReport : gcrpHCReport;
}
PolicyStatusDetailed policyDetailed = new PolicyStatusDetailed(gcrpReport, gcPolicyAssignment);
QueryOptions queryOptions = new QueryOptions();
queryOptions.Filter = string.Format("PolicySetDefinitionName eq '{0}' and contains(ResourceId,'{1}')", gcPolicyAssignment.PolicySetDefinitionName, vmName);
queryOptions.OrderBy = "Timestamp desc";
queryOptions.Top = 1;
PolicyStatesQueryResults policyDbResults = PolicyInsightsClient.PolicyStates.ListQueryResultsForResourceGroup("latest", DefaultContext.Subscription.Id, resourceGroupName, queryOptions);
if (policyDbResults.Odatacount > 0 && policyDbResults.Value[0].IsCompliant.HasValue && !policyDbResults.Value[0].IsCompliant.Value)
{
policyDetailed.ComplianceStatus = "NonCompliant";
}
gcPolicyAssignmentReportList.Add(policyDetailed);
}
}
return(gcPolicyAssignmentReportList);
}
