/// <summary>
/// Transforms the given model to its endpoints acceptable structure and sends it to the endpoint
/// </summary>
public void SetDatabaseThreatDetectionPolicy(DatabaseThreatDetectionPolicyModel model, String clientId)
{
if (model.ThreatDetectionState == ThreatDetectionStateType.Enabled)
{
if (!IsRightServerVersionForThreatDetection(model.ResourceGroupName, model.ServerName, clientId))
{
throw new Exception(Properties.Resources.ServerNotApplicableForThreatDetection);
}
// Check that auditing is turned on:
DatabaseAuditingPolicyModel databaseAuditingPolicyModel = AuditingAdapter.GetDatabaseAuditingPolicy(model.ResourceGroupName, model.ServerName, model.DatabaseName, clientId);
AuditStateType auditingState = databaseAuditingPolicyModel.AuditState;
if (databaseAuditingPolicyModel.UseServerDefault == UseServerDefaultOptions.Enabled)
{
ServerAuditingPolicyModel serverAuditingPolicyModel = AuditingAdapter.GetServerAuditingPolicy(model.ResourceGroupName, model.ServerName, clientId);
auditingState = serverAuditingPolicyModel.AuditState;
}
if (auditingState != AuditStateType.Enabled)
{
throw new Exception(Properties.Resources.AuditingIsTurnedOff);
}
}
DatabaseSecurityAlertPolicyCreateOrUpdateParameters databaseSecurityAlertPolicyParameters = PolicizeDatabaseSecurityAlertModel(model);
ThreatDetectionCommunicator.SetDatabaseSecurityAlertPolicy(model.ResourceGroupName, model.ServerName, model.DatabaseName, clientId, databaseSecurityAlertPolicyParameters);
}
/// <summary>
/// Updates the given model element with the cmdlet specific operation
/// </summary>
/// <param name="model">A model object</param>
protected override ServerAuditingPolicyModel UpdateModel(ServerAuditingPolicyModel model)
{
base.UpdateModel(model);
model.AuditState = AuditStateType.Enabled;
if (StorageAccountName != null)
{
model.StorageAccountName = StorageAccountName;
}
if (!string.IsNullOrEmpty(StorageKeyType)) // the user enter a key type - we use it (and running over the previously defined key type)
{
model.StorageKeyType = (StorageKeyType == Constants.Primary) ? StorageKeyKind.Primary : StorageKeyKind.Secondary;
}
ProcessShortcuts();
if (EventType != null) // the user provided event types to audit
{
Dictionary <string, AuditEventType> events = new Dictionary <string, AuditEventType>()
{
{ Constants.DataAccess, AuditEventType.DataAccess },
{ Constants.DataChanges, AuditEventType.DataChanges },
{ Constants.SecurityExceptions, AuditEventType.SecurityExceptions },
{ Constants.RevokePermissions, AuditEventType.RevokePermissions },
{ Constants.SchemaChanges, AuditEventType.SchemaChanges }
};
model.EventType = EventType.Select(s => events[s]).ToArray();
}
return(model);
}
/// <summary>
/// Transforms the given server policy object to its cmdlet model representation
/// </summary>
private ServerAuditingPolicyModel ModelizeServerAuditPolicy(ServerAuditingPolicy policy)
{
ServerAuditingPolicyModel serverPolicyModel = new ServerAuditingPolicyModel();
ServerAuditingPolicyProperties properties = policy.Properties;
serverPolicyModel.AuditState = ModelizeAuditState(properties.AuditingState);
ModelizeStorageInfo(serverPolicyModel, properties.StorageAccountName, properties.StorageAccountKey, properties.StorageAccountSecondaryKey);
ModelizeEventTypesInfo(serverPolicyModel, properties.EventTypesToAudit);
return(serverPolicyModel);
}
/// <summary>
/// Transforms the given server policy object to its cmdlet model representation
/// </summary>
private ServerAuditingPolicyModel ModelizeServerAuditPolicy(ServerAuditingPolicy policy)
{
var serverPolicyModel = new ServerAuditingPolicyModel();
var properties = policy.Properties;
serverPolicyModel.AuditState = ModelizeAuditState(properties.AuditingState);
ModelizeStorageInfo(serverPolicyModel, properties.StorageAccountName, properties.StorageAccountKey, properties.StorageAccountSecondaryKey);
ModelizeEventTypesInfo(serverPolicyModel, properties.EventTypesToAudit);
ModelizeRetentionInfo(serverPolicyModel, properties.RetentionDays, properties.AuditLogsTableName, properties.FullAuditLogsTableName);
return(serverPolicyModel);
}
/// <summary>
/// Provides a database server audit policy model for the given database
/// </summary>
public ServerAuditingPolicyModel GetServerAuditingPolicy(string resourceGroup, string serverName, string requestId)
{
ServerAuditingPolicy policy = Communicator.GetServerAuditingPolicy(resourceGroup, serverName, requestId);
ServerAuditingPolicyModel serverPolicyModel = ModelizeServerAuditPolicy(policy);
serverPolicyModel.ResourceGroupName = resourceGroup;
serverPolicyModel.ServerName = serverName;
FetchedStorageAccountName = policy.Properties.StorageAccountName;
FetchedStorageAccountResourceGroup = policy.Properties.StorageAccountResourceGroupName;
FetchedStorageAccountSubscription = policy.Properties.StorageAccountSubscriptionId;
FetchedStorageAccountTableEndpoint = policy.Properties.StorageTableEndpoint;
return serverPolicyModel;
}
/// <summary>
/// Updates the given model element with the cmdlet specific operation
/// </summary>
/// <param name="model">A model object</param>
protected override ServerAuditingPolicyModel ApplyUserInputToModel(ServerAuditingPolicyModel model)
{
base.ApplyUserInputToModel(model);
AuditStateType orgAuditStateType = model.AuditState;
model.AuditState = AuditStateType.Enabled;
if (StorageAccountName != null)
{
model.StorageAccountName = StorageAccountName;
}
if (!string.IsNullOrEmpty(StorageKeyType)) // the user enter a key type - we use it (and running over the previously defined key type)
{
model.StorageKeyType = (StorageKeyType == SecurityConstants.Primary) ? StorageKeyKind.Primary : StorageKeyKind.Secondary;
}
EventType = Util.ProcessAuditEvents(EventType);
if (EventType != null) // the user provided event types to audit
{
model.EventType = EventType.Select(s => SecurityConstants.AuditEventsToAuditEventType[s]).ToArray();
}
if (RetentionInDays != null)
{
model.RetentionInDays = RetentionInDays;
}
if (TableIdentifier == null)
{
if ((orgAuditStateType == AuditStateType.New) && (model.RetentionInDays > 0))
{
// If retention days is greater than 0 and no audit table identifier is supplied , we throw exception giving the user hint on the recommended TableIdentifier we got from the CSM
throw new Exception(string.Format(Resources.InvalidRetentionTypeSet, model.TableIdentifier));
}
}
else
{
model.TableIdentifier = TableIdentifier;
}
if (Util.DeprecatedEventTypeFound(EventType))
{
WriteWarning(string.Format(Resources.DeprecatedEventTypeUsed));
}
return(model);
}
/// <summary>
/// Provides a database server audit policy model for the given database
/// </summary>
public void GetServerAuditingPolicy(string resourceGroup, string serverName, out ServerAuditingPolicyModel model)
{
ServerAuditingPolicy policy;
Communicator.GetServerAuditingPolicy(resourceGroup, serverName, out policy);
var serverPolicyModel = ModelizeServerAuditPolicy(policy);
serverPolicyModel.AuditType = AuditType.Table;
serverPolicyModel.ResourceGroupName = resourceGroup;
serverPolicyModel.ServerName = serverName;
FetchedStorageAccountName = policy.Properties.StorageAccountName;
FetchedStorageAccountResourceGroup = policy.Properties.StorageAccountResourceGroupName;
FetchedStorageAccountSubscription = policy.Properties.StorageAccountSubscriptionId;
FetchedStorageAccountTableEndpoint = policy.Properties.StorageTableEndpoint;
model = serverPolicyModel;
}
private void ApplyUserInputToTableAuditingModel(ServerAuditingPolicyModel model)
{
var orgAuditStateType = model.AuditState;
model.AuditState = AuditStateType.Enabled;
if (StorageAccountName != null)
{
model.StorageAccountName = StorageAccountName;
ModelAdapter.ClearStorageDetailsCache();
}
if (MyInvocation.BoundParameters.ContainsKey(SecurityConstants.StorageKeyType)) // the user enter a key type - we use it (and running over the previously defined key type)
{
model.StorageKeyType = (StorageKeyType == SecurityConstants.Primary) ? StorageKeyKind.Primary : StorageKeyKind.Secondary;
}
EventType = Util.ProcessAuditEvents(EventType);
if (EventType != null) // the user provided event types to audit
{
model.EventType = EventType.Select(s => SecurityConstants.AuditEventsToAuditEventType[s]).ToArray();
}
if (RetentionInDays != null)
{
model.RetentionInDays = RetentionInDays;
}
if (TableIdentifier == null)
{
if ((orgAuditStateType == AuditStateType.New) && (model.RetentionInDays > 0))
{
// If retention days is greater than 0 and no audit table identifier is supplied , we throw exception giving the user hint on the recommended TableIdentifier we got from the CSM
throw new Exception(string.Format(Properties.Resources.InvalidRetentionTypeSet, model.TableIdentifier));
}
}
else
{
model.TableIdentifier = TableIdentifier;
}
}
/// <summary>
/// Takes the cmdlets model object and transform it to the policy as expected by the endpoint
/// </summary>
/// <param name="policy">The AuditingPolicy object</param>
/// <returns>The communication model object</returns>
private ServerAuditingPolicyCreateOrUpdateParameters PolicizeServerAuditingModel(ServerAuditingPolicyModel model)
{
ServerAuditingPolicyCreateOrUpdateParameters updateParameters = new ServerAuditingPolicyCreateOrUpdateParameters();
ServerAuditingPolicyProperties properties = new ServerAuditingPolicyProperties();
updateParameters.Properties = properties;
properties.AuditingState = PolicizeAuditState(model.AuditState);
properties.StorageAccountName = ExtractStorageAccountName(model);
properties.StorageAccountResourceGroupName = ExtractStorageAccountResourceGroup(properties.StorageAccountName);
properties.StorageAccountSubscriptionId = ExtractStorageAccountSubscriptionId(properties.StorageAccountName);
properties.StorageTableEndpoint = ExtractStorageAccountTableEndpoint(properties.StorageAccountName);
properties.StorageAccountKey = ExtractStorageAccountKey(properties.StorageAccountName, model, properties.StorageAccountResourceGroupName, StorageKeyKind.Primary);
properties.StorageAccountSecondaryKey = ExtractStorageAccountKey(properties.StorageAccountName, model, properties.StorageAccountResourceGroupName, StorageKeyKind.Secondary);
properties.EventTypesToAudit = ExtractEventTypes(model);
return(updateParameters);
}
/// <summary>
/// Transforms the given model to its endpoints acceptable structure and sends it to the endpoint
/// </summary>
public void SetServerAuditingPolicy(ServerAuditingPolicyModel model, String clientId)
{
ServerAuditingPolicyCreateOrUpdateParameters parameters = PolicizeServerAuditingModel(model);
Communicator.SetServerAuditingPolicy(model.ResourceGroupName, model.ServerName, clientId, parameters);
}
/// <summary>
/// This method is responsible to call the right API in the communication layer that will eventually send the information in the
/// object to the REST endpoint
/// </summary>
/// <param name="model">The model object with the data to be sent to the REST endpoints</param>
protected override ServerAuditingPolicyModel PersistChanges(ServerAuditingPolicyModel model)
{
ModelAdapter.IgnoreStorage = true;
base.PersistChanges(model);
return(null);
}
/// <summary>
/// Updates the given model element with the cmdlet specific operation
/// </summary>
/// <param name="model">A model object</param>
protected override ServerAuditingPolicyModel ApplyUserInputToModel(ServerAuditingPolicyModel model)
{
base.ApplyUserInputToModel(model);
model.AuditState = AuditStateType.Disabled;
return(model);
}
/// <summary>
/// No sending is needed as this is a Get cmdlet
/// </summary>
/// <param name="model">The model object with the data to be sent to the REST endpoints</param>
protected override void SendModel(ServerAuditingPolicyModel model)
{
}
/// <summary>
/// This method is responsible to call the right API in the communication layer that will eventually send the information in the
/// object to the REST endpoint
/// </summary>
/// <param name="model">The model object with the data to be sent to the REST endpoints</param>
protected override void SendModel(ServerAuditingPolicyModel model)
{
ModelAdapter.IgnoreStorage = true;
base.SendModel(model);
}
/// <summary>
/// No sending is needed as this is a Get cmdlet
/// </summary>
/// <param name="model">The model object with the data to be sent to the REST endpoints</param>
protected override ServerAuditingPolicyModel PersistChanges(ServerAuditingPolicyModel model)
{
return null;
}
/// <summary>
/// Transforms the given model to its endpoints acceptable structure and sends it to the endpoint
/// </summary>
public void SetServerAuditingPolicy(ServerAuditingPolicyModel model, String clientId)
{
ServerAuditingPolicyCreateOrUpdateParameters parameters = PolicizeServerAuditingModel(model);
Communicator.SetServerAuditingPolicy(model.ResourceGroupName, model.ServerName, clientId, parameters);
}
/// <summary>
/// Transforms the given model to its endpoints acceptable structure and sends it to the endpoint
/// </summary>
public void SetServerAuditingPolicy(ServerAuditingPolicyModel model, string clientId, string storageEndpointSuffix)
{
var parameters = PolicizeServerAuditingModel(model, storageEndpointSuffix);
Communicator.SetServerAuditingPolicy(model.ResourceGroupName, model.ServerName, clientId, parameters);
}
/// <summary>
/// No sending is needed as this is a Get cmdlet
/// </summary>
/// <param name="model">The model object with the data to be sent to the REST endpoints</param>
protected override ServerAuditingPolicyModel PersistChanges(ServerAuditingPolicyModel model)
{
return(null);
}
/// <summary>
/// Updates the given model element with the cmdlet specific operation
/// </summary>
/// <param name="model">A model object</param>
protected override ServerAuditingPolicyModel ApplyUserInputToModel(ServerAuditingPolicyModel model)
{
base.ApplyUserInputToModel(model);
AuditStateType orgAuditStateType = model.AuditState;
model.AuditState = AuditStateType.Enabled;
if (StorageAccountName != null)
{
model.StorageAccountName = StorageAccountName;
}
if (!string.IsNullOrEmpty(StorageKeyType)) // the user enter a key type - we use it (and running over the previously defined key type)
{
model.StorageKeyType = (StorageKeyType == SecurityConstants.Primary) ? StorageKeyKind.Primary : StorageKeyKind.Secondary;
}
EventType = Util.ProcessAuditEvents(EventType);
if (EventType != null) // the user provided event types to audit
{
model.EventType = EventType.Select(s => SecurityConstants.AuditEventsToAuditEventType[s]).ToArray();
}
if (RetentionInDays != null)
{
model.RetentionInDays = RetentionInDays;
}
if (TableIdentifier == null)
{
if ((orgAuditStateType == AuditStateType.New) && (model.RetentionInDays > 0))
{
// If retention days is greater than 0 and no audit table identifier is supplied , we throw exception giving the user hint on the recommended TableIdentifier we got from the CSM
throw new Exception(string.Format(Resources.InvalidRetentionTypeSet, model.TableIdentifier));
}
}
else
{
model.TableIdentifier = TableIdentifier;
}
return model;
}
/// <summary>
/// Provides a database server audit policy model for the given database
/// </summary>
public void GetServerAuditingPolicy(string resourceGroup, string serverName, string requestId, out ServerAuditingPolicyModel model)
{
ServerAuditingPolicy policy;
Communicator.GetServerAuditingPolicy(resourceGroup, serverName, requestId, out policy);
var serverPolicyModel = ModelizeServerAuditPolicy(policy);
serverPolicyModel.ResourceGroupName = resourceGroup;
serverPolicyModel.ServerName = serverName;
FetchedStorageAccountName = policy.Properties.StorageAccountName;
FetchedStorageAccountResourceGroup = policy.Properties.StorageAccountResourceGroupName;
FetchedStorageAccountSubscription = policy.Properties.StorageAccountSubscriptionId;
FetchedStorageAccountTableEndpoint = policy.Properties.StorageTableEndpoint;
model = serverPolicyModel;
}
/// <summary>
/// Transforms the given model to its endpoints acceptable structure and sends it to the endpoint
/// </summary>
public void SetServerAuditingPolicy(ServerAuditingPolicyModel model, string clientId, string storageEndpointSuffix)
{
var parameters = PolicizeServerAuditingModel(model, storageEndpointSuffix);
Communicator.SetServerAuditingPolicy(model.ResourceGroupName, model.ServerName, clientId, parameters);
}
/// <summary>
/// Takes the cmdlets model object and transform it to the policy as expected by the endpoint
/// </summary>
/// <param name="model">The AuditingPolicy model object</param>
/// <param name="storageEndpointSuffix">The suffix of the storage endpoint</param>
/// <returns>The communication model object</returns>
private ServerAuditingPolicyCreateOrUpdateParameters PolicizeServerAuditingModel(ServerAuditingPolicyModel model, string storageEndpointSuffix)
{
var updateParameters = new ServerAuditingPolicyCreateOrUpdateParameters();
var properties = new ServerAuditingPolicyProperties();
updateParameters.Properties = properties;
properties.AuditingState = model.AuditState.ToString();
properties.StorageAccountName = ExtractStorageAccountName(model);
properties.StorageAccountResourceGroupName = ExtractStorageAccountResourceGroup(properties.StorageAccountName);
properties.StorageAccountSubscriptionId = ExtractStorageAccountSubscriptionId(properties.StorageAccountName);
properties.StorageTableEndpoint = ExtractStorageAccountTableEndpoint(properties.StorageAccountName, storageEndpointSuffix);
properties.StorageAccountKey = ExtractStorageAccountKey(properties.StorageAccountName, model, properties.StorageAccountResourceGroupName, StorageKeyKind.Primary);
properties.StorageAccountSecondaryKey = ExtractStorageAccountKey(properties.StorageAccountName, model, properties.StorageAccountResourceGroupName, StorageKeyKind.Secondary);
properties.EventTypesToAudit = ExtractEventTypes(model);
properties.RetentionDays = model.RetentionInDays.ToString();
properties.AuditLogsTableName = model.TableIdentifier;
return(updateParameters);
}
/// <summary>
/// Updates the given model element with the cmdlet specific operation
/// </summary>
/// <param name="model">A model object</param>
protected override ServerAuditingPolicyModel ApplyUserInputToModel(ServerAuditingPolicyModel model)
{
base.ApplyUserInputToModel(model);
model.AuditState = AuditStateType.Disabled;
return model;
}
/// <summary>
/// Transforms the given server policy object to its cmdlet model representation
/// </summary>
private ServerAuditingPolicyModel ModelizeServerAuditPolicy(ServerAuditingPolicy policy)
{
ServerAuditingPolicyModel serverPolicyModel = new ServerAuditingPolicyModel();
ServerAuditingPolicyProperties properties = policy.Properties;
serverPolicyModel.AuditState = ModelizeAuditState(properties.AuditingState);
ModelizeStorageInfo(serverPolicyModel, properties.StorageAccountName, properties.StorageAccountKey, properties.StorageAccountSecondaryKey);
ModelizeEventTypesInfo(serverPolicyModel, properties.EventTypesToAudit);
ModelizeRetentionInfo(serverPolicyModel, properties.RetentionDays, properties.AuditLogsTableName);
return serverPolicyModel;
}
/// <summary>
/// This method is responsible to call the right API in the communication layer that will eventually send the information in the
/// object to the REST endpoint
/// </summary>
/// <param name="model">The model object with the data to be sent to the REST endpoints</param>
protected override ServerAuditingPolicyModel PersistChanges(ServerAuditingPolicyModel model)
{
ModelAdapter.IgnoreStorage = true;
base.PersistChanges(model);
return null;
}
/// <summary>
/// Takes the cmdlets model object and transform it to the policy as expected by the endpoint
/// </summary>
/// <param name="model">The AuditingPolicy model object</param>
/// <returns>The communication model object</returns>
private ServerAuditingPolicyCreateOrUpdateParameters PolicizeServerAuditingModel(ServerAuditingPolicyModel model)
{
ServerAuditingPolicyCreateOrUpdateParameters updateParameters = new ServerAuditingPolicyCreateOrUpdateParameters();
ServerAuditingPolicyProperties properties = new ServerAuditingPolicyProperties();
updateParameters.Properties = properties;
properties.AuditingState = PolicizeAuditState(model.AuditState);
properties.StorageAccountName = ExtractStorageAccountName(model);
properties.StorageAccountResourceGroupName = ExtractStorageAccountResourceGroup(properties.StorageAccountName);
properties.StorageAccountSubscriptionId = ExtractStorageAccountSubscriptionId(properties.StorageAccountName);
properties.StorageTableEndpoint = ExtractStorageAccountTableEndpoint(properties.StorageAccountName);
properties.StorageAccountKey = ExtractStorageAccountKey(properties.StorageAccountName, model, properties.StorageAccountResourceGroupName, StorageKeyKind.Primary);
properties.StorageAccountSecondaryKey = ExtractStorageAccountKey(properties.StorageAccountName, model, properties.StorageAccountResourceGroupName, StorageKeyKind.Secondary);
properties.EventTypesToAudit = ExtractEventTypes(model);
properties.RetentionDays = model.RetentionInDays.ToString();
properties.AuditLogsTableName = model.TableIdentifier;
return updateParameters;
}
/// <summary>
/// Updates the given model element with the cmdlet specific operation
/// </summary>
/// <param name="model">A model object</param>
protected override ServerAuditingPolicyModel UpdateModel(ServerAuditingPolicyModel model)
{
base.UpdateModel(model);
model.AuditState = AuditStateType.Disabled;
return(model);
}
