/// <summary>
/// Initializes a new instance of the <see cref="PSRemediation" /> class.
/// </summary>
/// <param name="remediation">The raw remediation model.</param>
/// <param name="deployments">The remediation deployments.</param>
public PSRemediation(Remediation remediation, IEnumerable <RemediationDeployment> deployments = null)
{
if (remediation == null)
{
return;
}
this.Id = remediation.Id;
this.Type = remediation.Type;
this.Name = remediation.Name;
this.PolicyAssignmentId = remediation.PolicyAssignmentId;
this.PolicyDefinitionReferenceId = remediation.PolicyDefinitionReferenceId;
this.CreatedOn = remediation.CreatedOn;
this.LastUpdatedOn = remediation.LastUpdatedOn;
this.ProvisioningState = remediation.ProvisioningState;
this.Filters = remediation.Filters != null ? new PSRemediationFilter(remediation.Filters) : null;
this.DeploymentSummary = remediation.DeploymentStatus != null ? new PSRemediationDeploymentSummary(remediation.DeploymentStatus) : null;
this.ResourceDiscoveryMode = remediation.ResourceDiscoveryMode;
this.ResourceCount = remediation.ResourceCount;
this.ParallelDeployments = remediation.ParallelDeployments;
this.FailureThreshold = remediation.FailureThreshold?.Percentage;
this.CorrelationId = remediation.CorrelationId;
this.StatusMessage = remediation.StatusMessage;
if (deployments != null)
{
this.Deployments = deployments.Select(d => new PSRemediationDeployment(d)).ToArray();
}
}
/// <summary>
/// Validates a remediation matches what is expected.
/// </summary>
/// <param name="expected">The expected remediation</param>
/// <param name="actual">The actual remediation</param>
/// <param name="remediationName">The expected remediation name</param>
private void ValidateRemediation(Remediation expected, Remediation actual, string remediationName)
{
Assert.NotNull(actual);
Assert.Equal(expected.PolicyAssignmentId, actual.PolicyAssignmentId, StringComparer.OrdinalIgnoreCase);
Assert.Equal(expected.PolicyDefinitionReferenceId, actual.PolicyDefinitionReferenceId, StringComparer.OrdinalIgnoreCase);
Assert.Equal(remediationName, actual.Name, StringComparer.OrdinalIgnoreCase);
Assert.NotNull(actual.Id);
Assert.Equal("Microsoft.PolicyInsights/remediations", actual.Type, StringComparer.OrdinalIgnoreCase);
Assert.NotNull(actual.CreatedOn);
Assert.NotNull(actual.LastUpdatedOn);
Assert.NotNull(actual.SystemData);
Assert.NotNull(actual.SystemData.CreatedBy);
Assert.NotNull(actual.SystemData.CreatedAt);
Assert.NotNull(actual.CorrelationId);
Assert.Equal(expected.ResourceCount, actual.ResourceCount);
Assert.Equal(expected.ParallelDeployments, actual.ParallelDeployments);
if (expected.FailureThreshold?.Percentage != null)
{
Assert.Equal(expected.FailureThreshold.Percentage, actual.FailureThreshold?.Percentage);
}
else
{
Assert.Null(actual.FailureThreshold?.Percentage);
}
Assert.Equal(expected.Filters?.Locations?.Count, actual.Filters?.Locations?.Count);
foreach (var location in expected.Filters?.Locations ?? Enumerable.Empty <string>())
{
Assert.Contains(location, actual.Filters.Locations, StringComparer.OrdinalIgnoreCase);
}
}
public static void Remediation(string root)
{
Log.Information("Entered in Remediation Block");
string GlobalCsprojpath = string.Empty;
var extensions1 = new List <string> {
".csproj"
};
string[] files2 = Directory.GetFiles(root, "*.*", SearchOption.AllDirectories)
.Where(f => extensions1.IndexOf(Path.GetExtension(f)) >= 0).ToArray();
//string pth = files2[0].Substring(0, files2[0].LastIndexOf("\\"));
foreach (var folder in Directory.GetDirectories(files2[0].Substring(0, files2[0].LastIndexOf("\\"))))
{
DirectoryInfo dir = new DirectoryInfo(folder);
// var results = Array.FindAll(folders, s => s.Equals(dir.Name.ToLower()));
if (dir.Name != ".vs" && dir.Name != "bin" && dir.Name != "obj" && dir.Name != "Views" && dir.Name != ".svn")
{
var extensions = new List <string> {
".cs"
};
string[] files1 = Directory.GetFiles(folder, "*.*", SearchOption.AllDirectories)
.Where(f => extensions.IndexOf(Path.GetExtension(f)) >= 0).ToArray();
foreach (var file in files1)
{
Remediation remediation = new Remediation();
var properties = remediation.GetType().GetFields();
List <string> lstremediation = remediation.ReadClassFileForChecking(file, file);
}
}
}
Log.Information("Leaving Remediation Block");
}
/// <summary>
/// Executes the cmdlet to create a remediation resource
/// </summary>
public override void ExecuteCmdlet()
{
if (!string.IsNullOrEmpty(this.Name) && new[] { this.Scope, this.ManagementGroupName, this.ResourceGroupName }.Count(s => s != null) > 1)
{
throw new PSArgumentException(Resources.Error_TooManyScopes);
}
var rootScope = this.GetRootScope(scope: this.Scope, resourceId: this.ResourceId, managementGroupId: this.ManagementGroupName, resourceGroupName: this.ResourceGroupName);
var remediationName = this.GetRemediationName(name: this.Name, resourceId: this.ResourceId);
var remediation = new Remediation(policyAssignmentId: this.PolicyAssignmentId, policyDefinitionReferenceId: this.PolicyDefinitionReferenceId);
if (this.LocationFilter != null)
{
remediation.Filters = new RemediationFilters(this.LocationFilter);
}
if (this.ShouldProcess(target: remediationName, action: string.Format(CultureInfo.InvariantCulture, Resources.CreatingRemediation, rootScope, remediationName)))
{
var result = this.PolicyInsightsClient.Remediations.CreateOrUpdateAtResource(resourceId: rootScope, remediationName: remediationName, parameters: remediation);
if (this.AsJob.IsPresent)
{
result = this.WaitForTerminalState(result);
}
WriteObject(new PSRemediation(result));
}
}
public void Remediations_ManagementGroupCrud()
{
using (var context = MockContext.Start(this.GetType()))
{
var policyInsightsClient = context.GetServiceClient <PolicyInsightsClient>();
// Create a single policy remediation
var remediationName = "3a014f44-0aed-4a55-ac50-8a4cb2016db2";
var remediationParams = new Remediation {
PolicyAssignmentId = ManagementGroupPolicyAssignmentId
};
var createdRemediation = policyInsightsClient.Remediations.CreateOrUpdateAtManagementGroup(managementGroupId: ManagementGroupName, remediationName: remediationName, parameters: remediationParams);
Assert.Equal(ProvisioningState.Accepted, createdRemediation.ProvisioningState);
Assert.Equal(1, createdRemediation.DeploymentStatus.TotalDeployments);
Assert.Equal(0, createdRemediation.DeploymentStatus.SuccessfulDeployments);
Assert.Equal(0, createdRemediation.DeploymentStatus.FailedDeployments);
this.ValidateRemediation(expected: remediationParams, actual: createdRemediation, remediationName: remediationName);
var completedRemediation = this.WaitForCompletion(() => policyInsightsClient.Remediations.GetAtManagementGroup(managementGroupId: ManagementGroupName, remediationName: remediationName));
Assert.Equal(ProvisioningState.Succeeded, completedRemediation.ProvisioningState);
Assert.Equal(1, completedRemediation.DeploymentStatus.TotalDeployments);
Assert.Equal(1, completedRemediation.DeploymentStatus.SuccessfulDeployments);
Assert.Equal(0, completedRemediation.DeploymentStatus.FailedDeployments);
this.ValidateRemediation(expected: remediationParams, actual: completedRemediation, remediationName: remediationName);
// List deployments for the remediation
var deployments = policyInsightsClient.Remediations.ListDeploymentsAtManagementGroup(managementGroupId: ManagementGroupName, remediationName: remediationName);
Assert.Single(deployments);
var deployment = deployments.First();
this.ValidateDeployment(deployment);
Assert.Contains("/subscriptions/e78961ba-36fe-4739-9212-e3031b4c8db7", deployment.DeploymentId, StringComparison.OrdinalIgnoreCase);
Assert.Equal("eastus", deployment.ResourceLocation);
Assert.Contains("Microsoft.SQL/servers", deployment.RemediatedResourceId, StringComparison.OrdinalIgnoreCase);
// Cancel the completed remediation, should fail
try
{
policyInsightsClient.Remediations.CancelAtManagementGroup(managementGroupId: ManagementGroupName, remediationName: remediationName);
Assert.True(false, "Cancelling a completed remediation should have thrown an error");
}
catch (ErrorResponseException ex)
{
Assert.Equal("InvalidCancelRemediationRequest", ex.Body.Error.Code);
Assert.Contains("A completed remediation cannot be cancelled", ex.Body.Error.Message, StringComparison.OrdinalIgnoreCase);
}
// Delete the remediation
var deletedRemediation = policyInsightsClient.Remediations.DeleteAtManagementGroup(managementGroupId: ManagementGroupName, remediationName: remediationName);
Assert.Equal(ProvisioningState.Succeeded, completedRemediation.ProvisioningState);
Assert.Equal(1, deletedRemediation.DeploymentStatus.TotalDeployments);
Assert.Equal(1, deletedRemediation.DeploymentStatus.SuccessfulDeployments);
Assert.Equal(0, deletedRemediation.DeploymentStatus.FailedDeployments);
this.ValidateRemediation(expected: remediationParams, actual: deletedRemediation, remediationName: remediationName);
}
}
public void Remediations_IndividualResourceCrud()
{
using (var context = MockContext.Start(this.GetType()))
{
var policyInsightsClient = context.GetServiceClient <PolicyInsightsClient>();
// Create a single policy remediation
var remediationName = "5f39e0f3-3945-4587-8a24-c1161dc10ef4";
var remediationParams = new Remediation {
PolicyAssignmentId = PolicyAssignmentId
};
var createdRemediation = policyInsightsClient.Remediations.CreateOrUpdateAtResource(resourceId: IndividualResourceId, remediationName: remediationName, parameters: remediationParams);
Assert.Equal(ProvisioningState.Accepted, createdRemediation.ProvisioningState);
Assert.Equal(1, createdRemediation.DeploymentStatus.TotalDeployments);
Assert.Equal(0, createdRemediation.DeploymentStatus.SuccessfulDeployments);
Assert.Equal(0, createdRemediation.DeploymentStatus.FailedDeployments);
this.ValidateRemediation(expected: remediationParams, actual: createdRemediation, remediationName: remediationName);
var completedRemediation = this.WaitForCompletion(() => policyInsightsClient.Remediations.GetAtResource(resourceId: IndividualResourceId, remediationName: remediationName));
Assert.Equal(ProvisioningState.Succeeded, completedRemediation.ProvisioningState);
Assert.Equal(1, completedRemediation.DeploymentStatus.TotalDeployments);
Assert.Equal(1, completedRemediation.DeploymentStatus.SuccessfulDeployments);
Assert.Equal(0, completedRemediation.DeploymentStatus.FailedDeployments);
this.ValidateRemediation(expected: remediationParams, actual: completedRemediation, remediationName: remediationName);
// List deployments for the remediation
var deployments = policyInsightsClient.Remediations.ListDeploymentsAtResource(resourceId: IndividualResourceId, remediationName: remediationName);
Assert.Single(deployments);
var deployment = deployments.First();
this.ValidateDeployment(deployment);
Assert.Contains("/subscriptions/" + SubscriptionId, deployment.DeploymentId, StringComparison.OrdinalIgnoreCase);
Assert.Equal("westcentralus", deployment.ResourceLocation);
Assert.Contains("Microsoft.SQL/servers", deployment.RemediatedResourceId, StringComparison.OrdinalIgnoreCase);
// Cancel the completed remediation, should fail
try
{
policyInsightsClient.Remediations.CancelAtResource(resourceId: IndividualResourceId, remediationName: remediationName);
Assert.True(false, "Cancelling a completed remediation should have thrown an error");
}
catch (ErrorResponseException ex)
{
Assert.Equal("InvalidCancelRemediationRequest", ex.Body.Error.Code);
Assert.Contains("A completed remediation cannot be cancelled", ex.Body.Error.Message, StringComparison.OrdinalIgnoreCase);
}
// Delete the remediation
var deletedRemediation = policyInsightsClient.Remediations.DeleteAtResource(resourceId: IndividualResourceId, remediationName: remediationName);
Assert.Equal(ProvisioningState.Succeeded, completedRemediation.ProvisioningState);
Assert.Equal(1, deletedRemediation.DeploymentStatus.TotalDeployments);
Assert.Equal(1, deletedRemediation.DeploymentStatus.SuccessfulDeployments);
Assert.Equal(0, deletedRemediation.DeploymentStatus.FailedDeployments);
this.ValidateRemediation(expected: remediationParams, actual: deletedRemediation, remediationName: remediationName);
}
}
public void Remediations_ReEvaluateCompliance()
{
using (var context = MockContext.Start(this.GetType()))
{
var policyInsightsClient = context.GetServiceClient <PolicyInsightsClient>();
// Create a single policy remediation
var remediationName = "79535898-0a82-4cbc-bd17-ea08f3cd2ea0";
var remediationParams = new Remediation {
PolicyAssignmentId = PolicyAssignmentId, Filters = new RemediationFilters(new[] { "westeurope" }), ResourceDiscoveryMode = ResourceDiscoveryMode.ReEvaluateCompliance
};
var createdRemediation = policyInsightsClient.Remediations.CreateOrUpdateAtResourceGroup(subscriptionId: SubscriptionId, resourceGroupName: ResourceGroupName, remediationName: remediationName, parameters: remediationParams);
Assert.Equal(ProvisioningState.Accepted, createdRemediation.ProvisioningState);
Assert.Equal(0, createdRemediation.DeploymentStatus.TotalDeployments);
Assert.Equal(0, createdRemediation.DeploymentStatus.SuccessfulDeployments);
Assert.Equal(0, createdRemediation.DeploymentStatus.FailedDeployments);
this.ValidateRemediation(expected: remediationParams, actual: createdRemediation, remediationName: remediationName);
var completedRemediation = this.WaitForCompletion(() => policyInsightsClient.Remediations.GetAtResourceGroup(subscriptionId: SubscriptionId, resourceGroupName: ResourceGroupName, remediationName: remediationName));
Assert.Equal(ProvisioningState.Succeeded, completedRemediation.ProvisioningState);
Assert.Equal(1, completedRemediation.DeploymentStatus.TotalDeployments);
Assert.Equal(1, completedRemediation.DeploymentStatus.SuccessfulDeployments);
Assert.Equal(0, completedRemediation.DeploymentStatus.FailedDeployments);
this.ValidateRemediation(expected: remediationParams, actual: completedRemediation, remediationName: remediationName);
// List deployments for the remediation
var deployments = policyInsightsClient.Remediations.ListDeploymentsAtResourceGroup(subscriptionId: SubscriptionId, resourceGroupName: ResourceGroupName, remediationName: remediationName);
Assert.Single(deployments);
var deployment = deployments.First();
this.ValidateDeployment(deployment);
Assert.Contains("/subscriptions/" + SubscriptionId, deployment.DeploymentId, StringComparison.OrdinalIgnoreCase);
Assert.Equal("westeurope", deployment.ResourceLocation);
Assert.Contains("Microsoft.KeyVault/vaults", deployment.RemediatedResourceId, StringComparison.OrdinalIgnoreCase);
// Cancel the completed remediation, should fail
try
{
policyInsightsClient.Remediations.CancelAtResourceGroup(subscriptionId: SubscriptionId, resourceGroupName: ResourceGroupName, remediationName: remediationName);
Assert.True(false, "Cancelling a completed remediation should have thrown an error");
}
catch (ErrorResponseException ex)
{
Assert.Equal("InvalidCancelRemediationRequest", ex.Body.Error.Code);
Assert.Contains("A completed remediation cannot be cancelled", ex.Body.Error.Message, StringComparison.OrdinalIgnoreCase);
}
// Delete the remediation
var deletedRemediation = policyInsightsClient.Remediations.DeleteAtResourceGroup(subscriptionId: SubscriptionId, resourceGroupName: ResourceGroupName, remediationName: remediationName);
Assert.Equal(ProvisioningState.Succeeded, completedRemediation.ProvisioningState);
Assert.Equal(1, deletedRemediation.DeploymentStatus.TotalDeployments);
Assert.Equal(1, deletedRemediation.DeploymentStatus.SuccessfulDeployments);
Assert.Equal(0, deletedRemediation.DeploymentStatus.FailedDeployments);
this.ValidateRemediation(expected: remediationParams, actual: deletedRemediation, remediationName: remediationName);
}
}
public static PSSqlVulnerabilityAssessmentRemediation ConvertToPSType(this Remediation value)
{
return(new PSSqlVulnerabilityAssessmentRemediation()
{
Automated = value.Automated ?? false,
Description = value.Description,
PortalLink = value.PortalLink,
Scripts = value.Scripts.ToArray()
});
}
/// <summary>
/// Validates a remediation matches what is expected.
/// </summary>
/// <param name="expected">The expected remediation</param>
/// <param name="actual">The actual remediation</param>
/// <param name="remediationName">The expected remediation name</param>
private void ValidateRemediation(Remediation expected, Remediation actual, string remediationName)
{
Assert.NotNull(actual);
Assert.Equal(expected.PolicyAssignmentId, actual.PolicyAssignmentId, StringComparer.OrdinalIgnoreCase);
Assert.Equal(expected.PolicyDefinitionReferenceId, actual.PolicyDefinitionReferenceId, StringComparer.OrdinalIgnoreCase);
Assert.Equal(remediationName, actual.Name, StringComparer.OrdinalIgnoreCase);
Assert.NotNull(actual.Id);
Assert.Equal("Microsoft.PolicyInsights/remediations", actual.Type, StringComparer.OrdinalIgnoreCase);
Assert.NotNull(actual.CreatedOn);
Assert.NotNull(actual.LastUpdatedOn);
Assert.Equal(expected.Filters?.Locations?.Count, actual.Filters?.Locations?.Count);
foreach (var location in expected.Filters?.Locations ?? Enumerable.Empty <string>())
{
Assert.Contains(location, actual.Filters.Locations, StringComparer.OrdinalIgnoreCase);
}
}
/// <summary>
/// Waits for the remediation to transition to a terminal state.
/// </summary>
/// <param name="remediation">The remediation to wait on.</param>
/// <returns>The final terminal remediation object</returns>
protected Remediation WaitForTerminalState(Remediation remediation)
{
var rootScope = this.GetRootScope(resourceId: remediation.Id);
var remediationName = remediation.Name;
while (!this.CancellationToken.IsCancellationRequested && !this.IsComplete(remediation))
{
var progress = new ProgressRecord(0, string.Format(CultureInfo.InvariantCulture, Resources.WaitingForRemediationCompletion, rootScope, remediationName), remediation.ProvisioningState)
{
PercentComplete = remediation.DeploymentStatus.TotalDeployments > 0
? ((remediation.DeploymentStatus.FailedDeployments.GetValueOrDefault(0) + remediation.DeploymentStatus.SuccessfulDeployments.GetValueOrDefault(0)) / remediation.DeploymentStatus.TotalDeployments.Value) * 100
: 0
};
this.WriteProgress(progress);
TestMockSupport.Delay(RemediationCmdletBase.StatePollingInterval);
remediation = this.PolicyInsightsClient.Remediations.GetAtResource(resourceId: rootScope, remediationName: remediationName);
}
return(remediation);
}
/// <summary>
/// Initializes a new instance of the <see cref="PSRemediation" /> class.
/// </summary>
/// <param name="remediation">The raw remediation model.</param>
/// <param name="deployments">The remediation deployments.</param>
public PSRemediation(Remediation remediation, IEnumerable <RemediationDeployment> deployments = null)
{
if (remediation == null)
{
return;
}
this.Id = remediation.Id;
this.Type = remediation.Type;
this.Name = remediation.Name;
this.PolicyAssignmentId = remediation.PolicyAssignmentId;
this.PolicyDefinitionReferenceId = remediation.PolicyDefinitionReferenceId;
this.CreatedOn = remediation.CreatedOn;
this.LastUpdatedOn = remediation.LastUpdatedOn;
this.ProvisioningState = remediation.ProvisioningState;
this.Filters = remediation.Filters != null ? new PSRemediationFilter(remediation.Filters) : null;
this.DeploymentSummary = remediation.DeploymentStatus != null ? new PSRemediationDeploymentSummary(remediation.DeploymentStatus) : null;
if (deployments != null)
{
this.Deployments = deployments.Select(d => new PSRemediationDeployment(d)).ToArray();
}
}
/// <summary>
/// Checks whether a remediation is complete.
/// </summary>
/// <param name="remediation">The remediation to check.</param>
/// <returns>True if the remediation is complete.</returns>
protected bool IsComplete(Remediation remediation)
{
return(RemediationCmdletBase.TerminalStates.Contains(remediation.ProvisioningState));
}
public static void ParceCVEJson()
{
if (CVEHolder == null)
{
CVEHolder = new SortedDictionary <string, List <string> >();
}
if (garbage == null)
{
garbage = new List <string>();
}
DirectoryInfo d = new DirectoryInfo(@"C:\Users\patilp\OneDrive - HP Inc\Desktop\Windows UpdaTE poc\XML Files");
FileInfo[] Files = d.GetFiles("*.json");
foreach (FileInfo file in Files)
{
Console.WriteLine("Parcing File : " + file);
try
{
JObject JsonFile = JObject.Parse(File.ReadAllText(file.FullName.ToString()));
List <JToken> VulnerabilityList = JsonFile.SelectToken("Vulnerability").ToList();
foreach (var Vulnerability in VulnerabilityList)
{
Dictionary <string, string> ProductVsSeverity = new Dictionary <string, string>();
List <JToken> ThreatList = Vulnerability.SelectToken("Threats").ToList();
foreach (var threat in ThreatList)
{
JToken ProdToken = threat.SelectToken("ProductID");
if (ProdToken == null)
{
continue;
}
List <JToken> JtokenproductID = ProdToken.ToList();
foreach (var item in JtokenproductID)
{
string productID = item.ToObject <string>();
var value = threat.SelectToken("Description.Value");
if (value == null)
{
continue;
}
string Severity = threat.SelectToken("Description.Value").ToObject <string>();
if (Severity == "Important" || Severity == "Critical")
{
if (ProductVsSeverity.ContainsKey(productID))
{
ProductVsSeverity[productID] = ProductVsSeverity[productID] + " " + Severity;
}
else
{
ProductVsSeverity.Add(productID, Severity);
}
}
}
}
string CVE_ID = Vulnerability.SelectToken("CVE").ToObject <string>();
List <JToken> RemediationsList = Vulnerability.SelectToken("Remediations").ToList();
foreach (var Remediation in RemediationsList)
{
String KBCode = "Not Found";
string KBSeverity = "";
var ProductToken = Remediation.SelectToken("ProductID");
if (ProductToken == null)
{
continue;
}
List <JToken> ProductList = Remediation.SelectToken("ProductID").ToList();
foreach (var item in ProductList)
{
if (ProductVsSeverity.ContainsKey(item.ToString()))
{
KBSeverity = KBSeverity + " " + ProductVsSeverity[item.ToString()];
}
}
JToken KBCodeToken = Remediation.SelectToken("Description.Value");
if (KBCodeToken != null)
{
KBCode = KBCodeToken.ToObject <string>();
}
if (!CVEHolder.ContainsKey(KBCode) && KBCode.Length < 10)
{
List <string> CVEList = new List <string>();
CVEHolder.Add(KBCode, CVEList);
}
else if (KBCode.Length >= 10)
{
garbage.Add(KBCode);
continue;
}
/*if (!CVEHolder[KBCode].Contains(CVE_ID))
* CVEHolder[KBCode].Add(CVE_ID);*/
if (!CVEHolder[KBCode].Contains(KBSeverity))
{
CVEHolder[KBCode].Add(KBSeverity);
}
}
}
}
catch (Exception ex)
{
Console.WriteLine("Exception Occured While Parcing File " + file + ":" + ex.Message);
}
}
}
public void Remediations_SubscriptionCrud()
{
using (var context = MockContext.Start(this.GetType()))
{
var policyInsightsClient = context.GetServiceClient <PolicyInsightsClient>();
// Create a single policy remediation
var remediationName = "b49b6437-706d-4208-8508-65d87a9b2e37";
var remediationParams = new Remediation
{
PolicyAssignmentId = PolicyAssignmentId,
Filters = new RemediationFilters(new[] { "eastus" }),
ParallelDeployments = 1,
ResourceCount = 1,
FailureThreshold = new RemediationPropertiesFailureThreshold {
Percentage = 0.42
}
};
var createdRemediation = policyInsightsClient.Remediations.CreateOrUpdateAtSubscription(subscriptionId: SubscriptionId, remediationName: remediationName, parameters: remediationParams);
Assert.Equal(ProvisioningState.Accepted, createdRemediation.ProvisioningState);
Assert.Equal(0, createdRemediation.DeploymentStatus.TotalDeployments);
Assert.Equal(0, createdRemediation.DeploymentStatus.SuccessfulDeployments);
Assert.Equal(0, createdRemediation.DeploymentStatus.FailedDeployments);
this.ValidateRemediation(expected: remediationParams, actual: createdRemediation, remediationName: remediationName);
var completedRemediation = this.WaitForCompletion(() => policyInsightsClient.Remediations.GetAtSubscription(subscriptionId: SubscriptionId, remediationName: remediationName));
Assert.Equal(ProvisioningState.Succeeded, completedRemediation.ProvisioningState);
Assert.Equal(1, completedRemediation.DeploymentStatus.TotalDeployments);
Assert.Equal(1, completedRemediation.DeploymentStatus.SuccessfulDeployments);
Assert.Equal(0, completedRemediation.DeploymentStatus.FailedDeployments);
this.ValidateRemediation(expected: remediationParams, actual: completedRemediation, remediationName: remediationName);
// List deployments for the remediation
var deployments = policyInsightsClient.Remediations.ListDeploymentsAtSubscription(subscriptionId: SubscriptionId, remediationName: remediationName);
Assert.Single(deployments);
var deployment = deployments.First();
this.ValidateDeployment(deployment);
Assert.Contains("/subscriptions/" + SubscriptionId, deployment.DeploymentId, StringComparison.OrdinalIgnoreCase);
Assert.Equal("eastus", deployment.ResourceLocation);
Assert.Contains("Microsoft.KeyVault/vaults", deployment.RemediatedResourceId, StringComparison.OrdinalIgnoreCase);
// Cancel the completed remediation, should fail
try
{
policyInsightsClient.Remediations.CancelAtSubscription(subscriptionId: SubscriptionId, remediationName: remediationName);
Assert.True(false, "Cancelling a completed remediation should have thrown an error");
}
catch (ErrorResponseException ex)
{
Assert.Equal("InvalidCancelRemediationRequest", ex.Body.Error.Code);
Assert.Contains("A completed remediation cannot be cancelled", ex.Body.Error.Message, StringComparison.OrdinalIgnoreCase);
}
// Delete the remediation
var deletedRemediation = policyInsightsClient.Remediations.DeleteAtSubscription(subscriptionId: SubscriptionId, remediationName: remediationName);
Assert.Equal(ProvisioningState.Succeeded, completedRemediation.ProvisioningState);
Assert.Equal(1, deletedRemediation.DeploymentStatus.TotalDeployments);
Assert.Equal(1, deletedRemediation.DeploymentStatus.SuccessfulDeployments);
Assert.Equal(0, deletedRemediation.DeploymentStatus.FailedDeployments);
this.ValidateRemediation(expected: remediationParams, actual: deletedRemediation, remediationName: remediationName);
}
}
