/// <summary> /// Initializes a new instance of the <see cref="PSRemediation" /> class. /// </summary> /// <param name="remediation">The raw remediation model.</param> /// <param name="deployments">The remediation deployments.</param> public PSRemediation(Remediation remediation, IEnumerable <RemediationDeployment> deployments = null) { if (remediation == null) { return; } this.Id = remediation.Id; this.Type = remediation.Type; this.Name = remediation.Name; this.PolicyAssignmentId = remediation.PolicyAssignmentId; this.PolicyDefinitionReferenceId = remediation.PolicyDefinitionReferenceId; this.CreatedOn = remediation.CreatedOn; this.LastUpdatedOn = remediation.LastUpdatedOn; this.ProvisioningState = remediation.ProvisioningState; this.Filters = remediation.Filters != null ? new PSRemediationFilter(remediation.Filters) : null; this.DeploymentSummary = remediation.DeploymentStatus != null ? new PSRemediationDeploymentSummary(remediation.DeploymentStatus) : null; this.ResourceDiscoveryMode = remediation.ResourceDiscoveryMode; this.ResourceCount = remediation.ResourceCount; this.ParallelDeployments = remediation.ParallelDeployments; this.FailureThreshold = remediation.FailureThreshold?.Percentage; this.CorrelationId = remediation.CorrelationId; this.StatusMessage = remediation.StatusMessage; if (deployments != null) { this.Deployments = deployments.Select(d => new PSRemediationDeployment(d)).ToArray(); } }
/// <summary> /// Validates a remediation matches what is expected. /// </summary> /// <param name="expected">The expected remediation</param> /// <param name="actual">The actual remediation</param> /// <param name="remediationName">The expected remediation name</param> private void ValidateRemediation(Remediation expected, Remediation actual, string remediationName) { Assert.NotNull(actual); Assert.Equal(expected.PolicyAssignmentId, actual.PolicyAssignmentId, StringComparer.OrdinalIgnoreCase); Assert.Equal(expected.PolicyDefinitionReferenceId, actual.PolicyDefinitionReferenceId, StringComparer.OrdinalIgnoreCase); Assert.Equal(remediationName, actual.Name, StringComparer.OrdinalIgnoreCase); Assert.NotNull(actual.Id); Assert.Equal("Microsoft.PolicyInsights/remediations", actual.Type, StringComparer.OrdinalIgnoreCase); Assert.NotNull(actual.CreatedOn); Assert.NotNull(actual.LastUpdatedOn); Assert.NotNull(actual.SystemData); Assert.NotNull(actual.SystemData.CreatedBy); Assert.NotNull(actual.SystemData.CreatedAt); Assert.NotNull(actual.CorrelationId); Assert.Equal(expected.ResourceCount, actual.ResourceCount); Assert.Equal(expected.ParallelDeployments, actual.ParallelDeployments); if (expected.FailureThreshold?.Percentage != null) { Assert.Equal(expected.FailureThreshold.Percentage, actual.FailureThreshold?.Percentage); } else { Assert.Null(actual.FailureThreshold?.Percentage); } Assert.Equal(expected.Filters?.Locations?.Count, actual.Filters?.Locations?.Count); foreach (var location in expected.Filters?.Locations ?? Enumerable.Empty <string>()) { Assert.Contains(location, actual.Filters.Locations, StringComparer.OrdinalIgnoreCase); } }
public static void Remediation(string root) { Log.Information("Entered in Remediation Block"); string GlobalCsprojpath = string.Empty; var extensions1 = new List <string> { ".csproj" }; string[] files2 = Directory.GetFiles(root, "*.*", SearchOption.AllDirectories) .Where(f => extensions1.IndexOf(Path.GetExtension(f)) >= 0).ToArray(); //string pth = files2[0].Substring(0, files2[0].LastIndexOf("\\")); foreach (var folder in Directory.GetDirectories(files2[0].Substring(0, files2[0].LastIndexOf("\\")))) { DirectoryInfo dir = new DirectoryInfo(folder); // var results = Array.FindAll(folders, s => s.Equals(dir.Name.ToLower())); if (dir.Name != ".vs" && dir.Name != "bin" && dir.Name != "obj" && dir.Name != "Views" && dir.Name != ".svn") { var extensions = new List <string> { ".cs" }; string[] files1 = Directory.GetFiles(folder, "*.*", SearchOption.AllDirectories) .Where(f => extensions.IndexOf(Path.GetExtension(f)) >= 0).ToArray(); foreach (var file in files1) { Remediation remediation = new Remediation(); var properties = remediation.GetType().GetFields(); List <string> lstremediation = remediation.ReadClassFileForChecking(file, file); } } } Log.Information("Leaving Remediation Block"); }
/// <summary> /// Executes the cmdlet to create a remediation resource /// </summary> public override void ExecuteCmdlet() { if (!string.IsNullOrEmpty(this.Name) && new[] { this.Scope, this.ManagementGroupName, this.ResourceGroupName }.Count(s => s != null) > 1) { throw new PSArgumentException(Resources.Error_TooManyScopes); } var rootScope = this.GetRootScope(scope: this.Scope, resourceId: this.ResourceId, managementGroupId: this.ManagementGroupName, resourceGroupName: this.ResourceGroupName); var remediationName = this.GetRemediationName(name: this.Name, resourceId: this.ResourceId); var remediation = new Remediation(policyAssignmentId: this.PolicyAssignmentId, policyDefinitionReferenceId: this.PolicyDefinitionReferenceId); if (this.LocationFilter != null) { remediation.Filters = new RemediationFilters(this.LocationFilter); } if (this.ShouldProcess(target: remediationName, action: string.Format(CultureInfo.InvariantCulture, Resources.CreatingRemediation, rootScope, remediationName))) { var result = this.PolicyInsightsClient.Remediations.CreateOrUpdateAtResource(resourceId: rootScope, remediationName: remediationName, parameters: remediation); if (this.AsJob.IsPresent) { result = this.WaitForTerminalState(result); } WriteObject(new PSRemediation(result)); } }
public void Remediations_ManagementGroupCrud() { using (var context = MockContext.Start(this.GetType())) { var policyInsightsClient = context.GetServiceClient <PolicyInsightsClient>(); // Create a single policy remediation var remediationName = "3a014f44-0aed-4a55-ac50-8a4cb2016db2"; var remediationParams = new Remediation { PolicyAssignmentId = ManagementGroupPolicyAssignmentId }; var createdRemediation = policyInsightsClient.Remediations.CreateOrUpdateAtManagementGroup(managementGroupId: ManagementGroupName, remediationName: remediationName, parameters: remediationParams); Assert.Equal(ProvisioningState.Accepted, createdRemediation.ProvisioningState); Assert.Equal(1, createdRemediation.DeploymentStatus.TotalDeployments); Assert.Equal(0, createdRemediation.DeploymentStatus.SuccessfulDeployments); Assert.Equal(0, createdRemediation.DeploymentStatus.FailedDeployments); this.ValidateRemediation(expected: remediationParams, actual: createdRemediation, remediationName: remediationName); var completedRemediation = this.WaitForCompletion(() => policyInsightsClient.Remediations.GetAtManagementGroup(managementGroupId: ManagementGroupName, remediationName: remediationName)); Assert.Equal(ProvisioningState.Succeeded, completedRemediation.ProvisioningState); Assert.Equal(1, completedRemediation.DeploymentStatus.TotalDeployments); Assert.Equal(1, completedRemediation.DeploymentStatus.SuccessfulDeployments); Assert.Equal(0, completedRemediation.DeploymentStatus.FailedDeployments); this.ValidateRemediation(expected: remediationParams, actual: completedRemediation, remediationName: remediationName); // List deployments for the remediation var deployments = policyInsightsClient.Remediations.ListDeploymentsAtManagementGroup(managementGroupId: ManagementGroupName, remediationName: remediationName); Assert.Single(deployments); var deployment = deployments.First(); this.ValidateDeployment(deployment); Assert.Contains("/subscriptions/e78961ba-36fe-4739-9212-e3031b4c8db7", deployment.DeploymentId, StringComparison.OrdinalIgnoreCase); Assert.Equal("eastus", deployment.ResourceLocation); Assert.Contains("Microsoft.SQL/servers", deployment.RemediatedResourceId, StringComparison.OrdinalIgnoreCase); // Cancel the completed remediation, should fail try { policyInsightsClient.Remediations.CancelAtManagementGroup(managementGroupId: ManagementGroupName, remediationName: remediationName); Assert.True(false, "Cancelling a completed remediation should have thrown an error"); } catch (ErrorResponseException ex) { Assert.Equal("InvalidCancelRemediationRequest", ex.Body.Error.Code); Assert.Contains("A completed remediation cannot be cancelled", ex.Body.Error.Message, StringComparison.OrdinalIgnoreCase); } // Delete the remediation var deletedRemediation = policyInsightsClient.Remediations.DeleteAtManagementGroup(managementGroupId: ManagementGroupName, remediationName: remediationName); Assert.Equal(ProvisioningState.Succeeded, completedRemediation.ProvisioningState); Assert.Equal(1, deletedRemediation.DeploymentStatus.TotalDeployments); Assert.Equal(1, deletedRemediation.DeploymentStatus.SuccessfulDeployments); Assert.Equal(0, deletedRemediation.DeploymentStatus.FailedDeployments); this.ValidateRemediation(expected: remediationParams, actual: deletedRemediation, remediationName: remediationName); } }
public void Remediations_IndividualResourceCrud() { using (var context = MockContext.Start(this.GetType())) { var policyInsightsClient = context.GetServiceClient <PolicyInsightsClient>(); // Create a single policy remediation var remediationName = "5f39e0f3-3945-4587-8a24-c1161dc10ef4"; var remediationParams = new Remediation { PolicyAssignmentId = PolicyAssignmentId }; var createdRemediation = policyInsightsClient.Remediations.CreateOrUpdateAtResource(resourceId: IndividualResourceId, remediationName: remediationName, parameters: remediationParams); Assert.Equal(ProvisioningState.Accepted, createdRemediation.ProvisioningState); Assert.Equal(1, createdRemediation.DeploymentStatus.TotalDeployments); Assert.Equal(0, createdRemediation.DeploymentStatus.SuccessfulDeployments); Assert.Equal(0, createdRemediation.DeploymentStatus.FailedDeployments); this.ValidateRemediation(expected: remediationParams, actual: createdRemediation, remediationName: remediationName); var completedRemediation = this.WaitForCompletion(() => policyInsightsClient.Remediations.GetAtResource(resourceId: IndividualResourceId, remediationName: remediationName)); Assert.Equal(ProvisioningState.Succeeded, completedRemediation.ProvisioningState); Assert.Equal(1, completedRemediation.DeploymentStatus.TotalDeployments); Assert.Equal(1, completedRemediation.DeploymentStatus.SuccessfulDeployments); Assert.Equal(0, completedRemediation.DeploymentStatus.FailedDeployments); this.ValidateRemediation(expected: remediationParams, actual: completedRemediation, remediationName: remediationName); // List deployments for the remediation var deployments = policyInsightsClient.Remediations.ListDeploymentsAtResource(resourceId: IndividualResourceId, remediationName: remediationName); Assert.Single(deployments); var deployment = deployments.First(); this.ValidateDeployment(deployment); Assert.Contains("/subscriptions/" + SubscriptionId, deployment.DeploymentId, StringComparison.OrdinalIgnoreCase); Assert.Equal("westcentralus", deployment.ResourceLocation); Assert.Contains("Microsoft.SQL/servers", deployment.RemediatedResourceId, StringComparison.OrdinalIgnoreCase); // Cancel the completed remediation, should fail try { policyInsightsClient.Remediations.CancelAtResource(resourceId: IndividualResourceId, remediationName: remediationName); Assert.True(false, "Cancelling a completed remediation should have thrown an error"); } catch (ErrorResponseException ex) { Assert.Equal("InvalidCancelRemediationRequest", ex.Body.Error.Code); Assert.Contains("A completed remediation cannot be cancelled", ex.Body.Error.Message, StringComparison.OrdinalIgnoreCase); } // Delete the remediation var deletedRemediation = policyInsightsClient.Remediations.DeleteAtResource(resourceId: IndividualResourceId, remediationName: remediationName); Assert.Equal(ProvisioningState.Succeeded, completedRemediation.ProvisioningState); Assert.Equal(1, deletedRemediation.DeploymentStatus.TotalDeployments); Assert.Equal(1, deletedRemediation.DeploymentStatus.SuccessfulDeployments); Assert.Equal(0, deletedRemediation.DeploymentStatus.FailedDeployments); this.ValidateRemediation(expected: remediationParams, actual: deletedRemediation, remediationName: remediationName); } }
public void Remediations_ReEvaluateCompliance() { using (var context = MockContext.Start(this.GetType())) { var policyInsightsClient = context.GetServiceClient <PolicyInsightsClient>(); // Create a single policy remediation var remediationName = "79535898-0a82-4cbc-bd17-ea08f3cd2ea0"; var remediationParams = new Remediation { PolicyAssignmentId = PolicyAssignmentId, Filters = new RemediationFilters(new[] { "westeurope" }), ResourceDiscoveryMode = ResourceDiscoveryMode.ReEvaluateCompliance }; var createdRemediation = policyInsightsClient.Remediations.CreateOrUpdateAtResourceGroup(subscriptionId: SubscriptionId, resourceGroupName: ResourceGroupName, remediationName: remediationName, parameters: remediationParams); Assert.Equal(ProvisioningState.Accepted, createdRemediation.ProvisioningState); Assert.Equal(0, createdRemediation.DeploymentStatus.TotalDeployments); Assert.Equal(0, createdRemediation.DeploymentStatus.SuccessfulDeployments); Assert.Equal(0, createdRemediation.DeploymentStatus.FailedDeployments); this.ValidateRemediation(expected: remediationParams, actual: createdRemediation, remediationName: remediationName); var completedRemediation = this.WaitForCompletion(() => policyInsightsClient.Remediations.GetAtResourceGroup(subscriptionId: SubscriptionId, resourceGroupName: ResourceGroupName, remediationName: remediationName)); Assert.Equal(ProvisioningState.Succeeded, completedRemediation.ProvisioningState); Assert.Equal(1, completedRemediation.DeploymentStatus.TotalDeployments); Assert.Equal(1, completedRemediation.DeploymentStatus.SuccessfulDeployments); Assert.Equal(0, completedRemediation.DeploymentStatus.FailedDeployments); this.ValidateRemediation(expected: remediationParams, actual: completedRemediation, remediationName: remediationName); // List deployments for the remediation var deployments = policyInsightsClient.Remediations.ListDeploymentsAtResourceGroup(subscriptionId: SubscriptionId, resourceGroupName: ResourceGroupName, remediationName: remediationName); Assert.Single(deployments); var deployment = deployments.First(); this.ValidateDeployment(deployment); Assert.Contains("/subscriptions/" + SubscriptionId, deployment.DeploymentId, StringComparison.OrdinalIgnoreCase); Assert.Equal("westeurope", deployment.ResourceLocation); Assert.Contains("Microsoft.KeyVault/vaults", deployment.RemediatedResourceId, StringComparison.OrdinalIgnoreCase); // Cancel the completed remediation, should fail try { policyInsightsClient.Remediations.CancelAtResourceGroup(subscriptionId: SubscriptionId, resourceGroupName: ResourceGroupName, remediationName: remediationName); Assert.True(false, "Cancelling a completed remediation should have thrown an error"); } catch (ErrorResponseException ex) { Assert.Equal("InvalidCancelRemediationRequest", ex.Body.Error.Code); Assert.Contains("A completed remediation cannot be cancelled", ex.Body.Error.Message, StringComparison.OrdinalIgnoreCase); } // Delete the remediation var deletedRemediation = policyInsightsClient.Remediations.DeleteAtResourceGroup(subscriptionId: SubscriptionId, resourceGroupName: ResourceGroupName, remediationName: remediationName); Assert.Equal(ProvisioningState.Succeeded, completedRemediation.ProvisioningState); Assert.Equal(1, deletedRemediation.DeploymentStatus.TotalDeployments); Assert.Equal(1, deletedRemediation.DeploymentStatus.SuccessfulDeployments); Assert.Equal(0, deletedRemediation.DeploymentStatus.FailedDeployments); this.ValidateRemediation(expected: remediationParams, actual: deletedRemediation, remediationName: remediationName); } }
public static PSSqlVulnerabilityAssessmentRemediation ConvertToPSType(this Remediation value) { return(new PSSqlVulnerabilityAssessmentRemediation() { Automated = value.Automated ?? false, Description = value.Description, PortalLink = value.PortalLink, Scripts = value.Scripts.ToArray() }); }
/// <summary> /// Validates a remediation matches what is expected. /// </summary> /// <param name="expected">The expected remediation</param> /// <param name="actual">The actual remediation</param> /// <param name="remediationName">The expected remediation name</param> private void ValidateRemediation(Remediation expected, Remediation actual, string remediationName) { Assert.NotNull(actual); Assert.Equal(expected.PolicyAssignmentId, actual.PolicyAssignmentId, StringComparer.OrdinalIgnoreCase); Assert.Equal(expected.PolicyDefinitionReferenceId, actual.PolicyDefinitionReferenceId, StringComparer.OrdinalIgnoreCase); Assert.Equal(remediationName, actual.Name, StringComparer.OrdinalIgnoreCase); Assert.NotNull(actual.Id); Assert.Equal("Microsoft.PolicyInsights/remediations", actual.Type, StringComparer.OrdinalIgnoreCase); Assert.NotNull(actual.CreatedOn); Assert.NotNull(actual.LastUpdatedOn); Assert.Equal(expected.Filters?.Locations?.Count, actual.Filters?.Locations?.Count); foreach (var location in expected.Filters?.Locations ?? Enumerable.Empty <string>()) { Assert.Contains(location, actual.Filters.Locations, StringComparer.OrdinalIgnoreCase); } }
/// <summary> /// Waits for the remediation to transition to a terminal state. /// </summary> /// <param name="remediation">The remediation to wait on.</param> /// <returns>The final terminal remediation object</returns> protected Remediation WaitForTerminalState(Remediation remediation) { var rootScope = this.GetRootScope(resourceId: remediation.Id); var remediationName = remediation.Name; while (!this.CancellationToken.IsCancellationRequested && !this.IsComplete(remediation)) { var progress = new ProgressRecord(0, string.Format(CultureInfo.InvariantCulture, Resources.WaitingForRemediationCompletion, rootScope, remediationName), remediation.ProvisioningState) { PercentComplete = remediation.DeploymentStatus.TotalDeployments > 0 ? ((remediation.DeploymentStatus.FailedDeployments.GetValueOrDefault(0) + remediation.DeploymentStatus.SuccessfulDeployments.GetValueOrDefault(0)) / remediation.DeploymentStatus.TotalDeployments.Value) * 100 : 0 }; this.WriteProgress(progress); TestMockSupport.Delay(RemediationCmdletBase.StatePollingInterval); remediation = this.PolicyInsightsClient.Remediations.GetAtResource(resourceId: rootScope, remediationName: remediationName); } return(remediation); }
/// <summary> /// Initializes a new instance of the <see cref="PSRemediation" /> class. /// </summary> /// <param name="remediation">The raw remediation model.</param> /// <param name="deployments">The remediation deployments.</param> public PSRemediation(Remediation remediation, IEnumerable <RemediationDeployment> deployments = null) { if (remediation == null) { return; } this.Id = remediation.Id; this.Type = remediation.Type; this.Name = remediation.Name; this.PolicyAssignmentId = remediation.PolicyAssignmentId; this.PolicyDefinitionReferenceId = remediation.PolicyDefinitionReferenceId; this.CreatedOn = remediation.CreatedOn; this.LastUpdatedOn = remediation.LastUpdatedOn; this.ProvisioningState = remediation.ProvisioningState; this.Filters = remediation.Filters != null ? new PSRemediationFilter(remediation.Filters) : null; this.DeploymentSummary = remediation.DeploymentStatus != null ? new PSRemediationDeploymentSummary(remediation.DeploymentStatus) : null; if (deployments != null) { this.Deployments = deployments.Select(d => new PSRemediationDeployment(d)).ToArray(); } }
/// <summary> /// Checks whether a remediation is complete. /// </summary> /// <param name="remediation">The remediation to check.</param> /// <returns>True if the remediation is complete.</returns> protected bool IsComplete(Remediation remediation) { return(RemediationCmdletBase.TerminalStates.Contains(remediation.ProvisioningState)); }
public static void ParceCVEJson() { if (CVEHolder == null) { CVEHolder = new SortedDictionary <string, List <string> >(); } if (garbage == null) { garbage = new List <string>(); } DirectoryInfo d = new DirectoryInfo(@"C:\Users\patilp\OneDrive - HP Inc\Desktop\Windows UpdaTE poc\XML Files"); FileInfo[] Files = d.GetFiles("*.json"); foreach (FileInfo file in Files) { Console.WriteLine("Parcing File : " + file); try { JObject JsonFile = JObject.Parse(File.ReadAllText(file.FullName.ToString())); List <JToken> VulnerabilityList = JsonFile.SelectToken("Vulnerability").ToList(); foreach (var Vulnerability in VulnerabilityList) { Dictionary <string, string> ProductVsSeverity = new Dictionary <string, string>(); List <JToken> ThreatList = Vulnerability.SelectToken("Threats").ToList(); foreach (var threat in ThreatList) { JToken ProdToken = threat.SelectToken("ProductID"); if (ProdToken == null) { continue; } List <JToken> JtokenproductID = ProdToken.ToList(); foreach (var item in JtokenproductID) { string productID = item.ToObject <string>(); var value = threat.SelectToken("Description.Value"); if (value == null) { continue; } string Severity = threat.SelectToken("Description.Value").ToObject <string>(); if (Severity == "Important" || Severity == "Critical") { if (ProductVsSeverity.ContainsKey(productID)) { ProductVsSeverity[productID] = ProductVsSeverity[productID] + " " + Severity; } else { ProductVsSeverity.Add(productID, Severity); } } } } string CVE_ID = Vulnerability.SelectToken("CVE").ToObject <string>(); List <JToken> RemediationsList = Vulnerability.SelectToken("Remediations").ToList(); foreach (var Remediation in RemediationsList) { String KBCode = "Not Found"; string KBSeverity = ""; var ProductToken = Remediation.SelectToken("ProductID"); if (ProductToken == null) { continue; } List <JToken> ProductList = Remediation.SelectToken("ProductID").ToList(); foreach (var item in ProductList) { if (ProductVsSeverity.ContainsKey(item.ToString())) { KBSeverity = KBSeverity + " " + ProductVsSeverity[item.ToString()]; } } JToken KBCodeToken = Remediation.SelectToken("Description.Value"); if (KBCodeToken != null) { KBCode = KBCodeToken.ToObject <string>(); } if (!CVEHolder.ContainsKey(KBCode) && KBCode.Length < 10) { List <string> CVEList = new List <string>(); CVEHolder.Add(KBCode, CVEList); } else if (KBCode.Length >= 10) { garbage.Add(KBCode); continue; } /*if (!CVEHolder[KBCode].Contains(CVE_ID)) * CVEHolder[KBCode].Add(CVE_ID);*/ if (!CVEHolder[KBCode].Contains(KBSeverity)) { CVEHolder[KBCode].Add(KBSeverity); } } } } catch (Exception ex) { Console.WriteLine("Exception Occured While Parcing File " + file + ":" + ex.Message); } } }
public void Remediations_SubscriptionCrud() { using (var context = MockContext.Start(this.GetType())) { var policyInsightsClient = context.GetServiceClient <PolicyInsightsClient>(); // Create a single policy remediation var remediationName = "b49b6437-706d-4208-8508-65d87a9b2e37"; var remediationParams = new Remediation { PolicyAssignmentId = PolicyAssignmentId, Filters = new RemediationFilters(new[] { "eastus" }), ParallelDeployments = 1, ResourceCount = 1, FailureThreshold = new RemediationPropertiesFailureThreshold { Percentage = 0.42 } }; var createdRemediation = policyInsightsClient.Remediations.CreateOrUpdateAtSubscription(subscriptionId: SubscriptionId, remediationName: remediationName, parameters: remediationParams); Assert.Equal(ProvisioningState.Accepted, createdRemediation.ProvisioningState); Assert.Equal(0, createdRemediation.DeploymentStatus.TotalDeployments); Assert.Equal(0, createdRemediation.DeploymentStatus.SuccessfulDeployments); Assert.Equal(0, createdRemediation.DeploymentStatus.FailedDeployments); this.ValidateRemediation(expected: remediationParams, actual: createdRemediation, remediationName: remediationName); var completedRemediation = this.WaitForCompletion(() => policyInsightsClient.Remediations.GetAtSubscription(subscriptionId: SubscriptionId, remediationName: remediationName)); Assert.Equal(ProvisioningState.Succeeded, completedRemediation.ProvisioningState); Assert.Equal(1, completedRemediation.DeploymentStatus.TotalDeployments); Assert.Equal(1, completedRemediation.DeploymentStatus.SuccessfulDeployments); Assert.Equal(0, completedRemediation.DeploymentStatus.FailedDeployments); this.ValidateRemediation(expected: remediationParams, actual: completedRemediation, remediationName: remediationName); // List deployments for the remediation var deployments = policyInsightsClient.Remediations.ListDeploymentsAtSubscription(subscriptionId: SubscriptionId, remediationName: remediationName); Assert.Single(deployments); var deployment = deployments.First(); this.ValidateDeployment(deployment); Assert.Contains("/subscriptions/" + SubscriptionId, deployment.DeploymentId, StringComparison.OrdinalIgnoreCase); Assert.Equal("eastus", deployment.ResourceLocation); Assert.Contains("Microsoft.KeyVault/vaults", deployment.RemediatedResourceId, StringComparison.OrdinalIgnoreCase); // Cancel the completed remediation, should fail try { policyInsightsClient.Remediations.CancelAtSubscription(subscriptionId: SubscriptionId, remediationName: remediationName); Assert.True(false, "Cancelling a completed remediation should have thrown an error"); } catch (ErrorResponseException ex) { Assert.Equal("InvalidCancelRemediationRequest", ex.Body.Error.Code); Assert.Contains("A completed remediation cannot be cancelled", ex.Body.Error.Message, StringComparison.OrdinalIgnoreCase); } // Delete the remediation var deletedRemediation = policyInsightsClient.Remediations.DeleteAtSubscription(subscriptionId: SubscriptionId, remediationName: remediationName); Assert.Equal(ProvisioningState.Succeeded, completedRemediation.ProvisioningState); Assert.Equal(1, deletedRemediation.DeploymentStatus.TotalDeployments); Assert.Equal(1, deletedRemediation.DeploymentStatus.SuccessfulDeployments); Assert.Equal(0, deletedRemediation.DeploymentStatus.FailedDeployments); this.ValidateRemediation(expected: remediationParams, actual: deletedRemediation, remediationName: remediationName); } }