public override void ExecuteCmdlet()
{
if (ShouldProcess(Name, VerbsCommon.Set))
{
var metadata = new SecurityAssessmentMetadata(displayName: DisplayName, severity: Severity, assessmentType: "CustomerManaged", description: Description, remediationDescription: RemediationDescription);
var result = SecurityCenterClient.AssessmentsMetadata.CreateInSubscriptionWithHttpMessagesAsync(Name, metadata).GetAwaiter().GetResult().Body;
WriteObject(result.ConvertToPSType(), enumerateCollection: true);
}
}
public static PSSecurityAssessmentMetadata ConvertToPSType(this SecurityAssessmentMetadata value)
{
return(new PSSecurityAssessmentMetadata()
{
Id = value.Id,
Name = value.Name,
AssessmentType = value.AssessmentType,
Description = value.Description,
DisplayName = value.DisplayName,
PolicyDefinitionId = value.PolicyDefinitionId,
RemediationDescription = value.RemediationDescription,
Severity = value.Severity
});
}
public void Assessments_CreateOrUpdate_ResourceGroup_Scope()
{
string resourceId = $"/subscriptions/{SubscriptionId}/resourceGroups/myService1/providers/Microsoft.OperationalInsights/workspaces/TestServiceWS";
string assessmentName = "9b0c3939-c9db-4ffc-ad4b-4673ff25cdd8"; // randomly generated guid
using (var context = MockContext.Start(this.GetType()))
{
var securityCenterClient = GetSecurityCenterClient(context);
var securityAssessment = new SecurityAssessment()
{
ResourceDetails = new AzureResourceDetails()
{
},
Status = new AssessmentStatus()
{
Code = AssessmentStatusCode.Healthy,
Description = "NA",
Cause = "NA"
}
};
var assessmentMetadata = new SecurityAssessmentMetadata()
{
DisplayName = "Customer managed metadata",
Description = "Customer managed description",
AssessmentType = AssessmentType.CustomerManaged,
Severity = Severity.Low
};
// Assessment metadata must be created prior to creating assessments
securityCenterClient.AssessmentsMetadata.CreateInSubscription(assessmentName, assessmentMetadata);
var ret = securityCenterClient.Assessments.CreateOrUpdate(resourceId, assessmentName, securityAssessment);
ValidateResourceDetails(ret);
}
}
public override void ExecuteCmdlet()
{
switch (ParameterSetName)
{
case ParameterSetNames.SubscriptionScope:
var metadataList = SecurityCenterClient.AssessmentsMetadata.ListBySubscriptionWithHttpMessagesAsync().GetAwaiter().GetResult().Body;
WriteObject(metadataList.ConvertToPSType(), enumerateCollection: true);
break;
case ParameterSetNames.SubscriptionLevelResource:
SecurityAssessmentMetadata metadata = null;
try
{
metadata = SecurityCenterClient.AssessmentsMetadata.GetWithHttpMessagesAsync(Name).GetAwaiter().GetResult().Body;
}
catch (CloudException e) when(e.Body.Code == "ResourceNotFound")
{
}
if (metadata == null)
{
metadata = SecurityCenterClient.AssessmentsMetadata.GetInSubscriptionWithHttpMessagesAsync(Name).GetAwaiter().GetResult().Body;
}
WriteObject(metadata.ConvertToPSType(), enumerateCollection: false);
break;
case ParameterSetNames.ResourceId:
metadata = SecurityCenterClient.AssessmentsMetadata.GetWithHttpMessagesAsync(AzureIdUtilities.GetResourceName(ResourceId)).GetAwaiter().GetResult().Body;
WriteObject(metadata.ConvertToPSType(), enumerateCollection: false);
break;
default:
throw new PSInvalidOperationException();
}
}
/// <summary>
/// Create metadata information on an assessment type in a specific
/// subscription
/// </summary>
/// <param name='operations'>
/// The operations group for this extension method.
/// </param>
/// <param name='assessmentMetadataName'>
/// The Assessment Key - Unique key for the assessment type
/// </param>
/// <param name='assessmentMetadata'>
/// AssessmentMetadata object
/// </param>
/// <param name='cancellationToken'>
/// The cancellation token.
/// </param>
public static async Task <SecurityAssessmentMetadata> CreateInSubscriptionAsync(this IAssessmentsMetadataOperations operations, string assessmentMetadataName, SecurityAssessmentMetadata assessmentMetadata, CancellationToken cancellationToken = default(CancellationToken))
{
using (var _result = await operations.CreateInSubscriptionWithHttpMessagesAsync(assessmentMetadataName, assessmentMetadata, null, cancellationToken).ConfigureAwait(false))
{
return(_result.Body);
}
}
/// <summary>
/// Create metadata information on an assessment type in a specific
/// subscription
/// </summary>
/// <param name='operations'>
/// The operations group for this extension method.
/// </param>
/// <param name='assessmentMetadataName'>
/// The Assessment Key - Unique key for the assessment type
/// </param>
/// <param name='assessmentMetadata'>
/// AssessmentMetadata object
/// </param>
public static SecurityAssessmentMetadata CreateInSubscription(this IAssessmentsMetadataOperations operations, string assessmentMetadataName, SecurityAssessmentMetadata assessmentMetadata)
{
return(operations.CreateInSubscriptionAsync(assessmentMetadataName, assessmentMetadata).GetAwaiter().GetResult());
}
