diff --git a/azure-mgmt-sql/azure/mgmt/sql/models/__init__.py b/azure-mgmt-sql/azure/mgmt/sql/models/__init__.py index 6570ace507ee..6d4bd5f3c186 100644 --- a/azure-mgmt-sql/azure/mgmt/sql/models/__init__.py +++ b/azure-mgmt-sql/azure/mgmt/sql/models/__init__.py @@ -108,6 +108,7 @@ from .server_automatic_tuning_py3 import ServerAutomaticTuning from .server_dns_alias_py3 import ServerDnsAlias from .server_dns_alias_acquisition_py3 import ServerDnsAliasAcquisition + from .server_security_alert_policy_py3 import ServerSecurityAlertPolicy from .restore_point_py3 import RestorePoint from .create_database_restore_point_definition_py3 import CreateDatabaseRestorePointDefinition from .database_operation_py3 import DatabaseOperation @@ -243,6 +244,7 @@ from .server_automatic_tuning import ServerAutomaticTuning from .server_dns_alias import ServerDnsAlias from .server_dns_alias_acquisition import ServerDnsAliasAcquisition + from .server_security_alert_policy import ServerSecurityAlertPolicy from .restore_point import RestorePoint from .create_database_restore_point_definition import CreateDatabaseRestorePointDefinition from .database_operation import DatabaseOperation @@ -388,6 +390,7 @@ ManagedDatabaseCreateMode, AutomaticTuningServerMode, AutomaticTuningServerReason, + SecurityAlertState, RestorePointType, ManagementOperationState, MaxSizeUnit, @@ -508,6 +511,7 @@ 'ServerAutomaticTuning', 'ServerDnsAlias', 'ServerDnsAliasAcquisition', + 'ServerSecurityAlertPolicy', 'RestorePoint', 'CreateDatabaseRestorePointDefinition', 'DatabaseOperation', @@ -652,6 +656,7 @@ 'ManagedDatabaseCreateMode', 'AutomaticTuningServerMode', 'AutomaticTuningServerReason', + 'SecurityAlertState', 'RestorePointType', 'ManagementOperationState', 'MaxSizeUnit', diff --git a/azure-mgmt-sql/azure/mgmt/sql/models/server_security_alert_policy.py b/azure-mgmt-sql/azure/mgmt/sql/models/server_security_alert_policy.py new file mode 100644 index 000000000000..428a8edb608b --- /dev/null +++ b/azure-mgmt-sql/azure/mgmt/sql/models/server_security_alert_policy.py @@ -0,0 +1,82 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from .proxy_resource import ProxyResource + + +class ServerSecurityAlertPolicy(ProxyResource): + """A server security alert policy. + + Variables are only populated by the server, and will be ignored when + sending a request. + + All required parameters must be populated in order to send to Azure. + + :ivar id: Resource ID. + :vartype id: str + :ivar name: Resource name. + :vartype name: str + :ivar type: Resource type. + :vartype type: str + :param state: Required. Specifies the state of the policy, whether it is + enabled or disabled. Possible values include: 'Enabled', 'Disabled' + :type state: str or ~azure.mgmt.sql.models.SecurityAlertState + :param disabled_alerts: Specifies an array of alerts that are disabled. + Allowed values are: Sql_Injection, Sql_Injection_Vulnerability, + Access_Anomaly + :type disabled_alerts: list[str] + :param email_addresses: Specifies an array of e-mail addresses to which + the alert is sent. + :type email_addresses: list[str] + :param email_account_admins: Specifies that the alert is sent to the + account administrators. + :type email_account_admins: bool + :param storage_endpoint: Specifies the blob storage endpoint (e.g. + https://MyAccount.blob.core.windows.net). This blob storage will hold all + Threat Detection audit logs. + :type storage_endpoint: str + :param storage_account_access_key: Specifies the identifier key of the + Threat Detection audit storage account. + :type storage_account_access_key: str + :param retention_days: Specifies the number of days to keep in the Threat + Detection audit logs. + :type retention_days: int + """ + + _validation = { + 'id': {'readonly': True}, + 'name': {'readonly': True}, + 'type': {'readonly': True}, + 'state': {'required': True}, + } + + _attribute_map = { + 'id': {'key': 'id', 'type': 'str'}, + 'name': {'key': 'name', 'type': 'str'}, + 'type': {'key': 'type', 'type': 'str'}, + 'state': {'key': 'properties.state', 'type': 'SecurityAlertState'}, + 'disabled_alerts': {'key': 'properties.disabledAlerts', 'type': '[str]'}, + 'email_addresses': {'key': 'properties.emailAddresses', 'type': '[str]'}, + 'email_account_admins': {'key': 'properties.emailAccountAdmins', 'type': 'bool'}, + 'storage_endpoint': {'key': 'properties.storageEndpoint', 'type': 'str'}, + 'storage_account_access_key': {'key': 'properties.storageAccountAccessKey', 'type': 'str'}, + 'retention_days': {'key': 'properties.retentionDays', 'type': 'int'}, + } + + def __init__(self, **kwargs): + super(ServerSecurityAlertPolicy, self).__init__(**kwargs) + self.state = kwargs.get('state', None) + self.disabled_alerts = kwargs.get('disabled_alerts', None) + self.email_addresses = kwargs.get('email_addresses', None) + self.email_account_admins = kwargs.get('email_account_admins', None) + self.storage_endpoint = kwargs.get('storage_endpoint', None) + self.storage_account_access_key = kwargs.get('storage_account_access_key', None) + self.retention_days = kwargs.get('retention_days', None) diff --git a/azure-mgmt-sql/azure/mgmt/sql/models/server_security_alert_policy_py3.py b/azure-mgmt-sql/azure/mgmt/sql/models/server_security_alert_policy_py3.py new file mode 100644 index 000000000000..62457fadcf25 --- /dev/null +++ b/azure-mgmt-sql/azure/mgmt/sql/models/server_security_alert_policy_py3.py @@ -0,0 +1,82 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +from .proxy_resource_py3 import ProxyResource + + +class ServerSecurityAlertPolicy(ProxyResource): + """A server security alert policy. + + Variables are only populated by the server, and will be ignored when + sending a request. + + All required parameters must be populated in order to send to Azure. + + :ivar id: Resource ID. + :vartype id: str + :ivar name: Resource name. + :vartype name: str + :ivar type: Resource type. + :vartype type: str + :param state: Required. Specifies the state of the policy, whether it is + enabled or disabled. Possible values include: 'Enabled', 'Disabled' + :type state: str or ~azure.mgmt.sql.models.SecurityAlertState + :param disabled_alerts: Specifies an array of alerts that are disabled. + Allowed values are: Sql_Injection, Sql_Injection_Vulnerability, + Access_Anomaly + :type disabled_alerts: list[str] + :param email_addresses: Specifies an array of e-mail addresses to which + the alert is sent. + :type email_addresses: list[str] + :param email_account_admins: Specifies that the alert is sent to the + account administrators. + :type email_account_admins: bool + :param storage_endpoint: Specifies the blob storage endpoint (e.g. + https://MyAccount.blob.core.windows.net). This blob storage will hold all + Threat Detection audit logs. + :type storage_endpoint: str + :param storage_account_access_key: Specifies the identifier key of the + Threat Detection audit storage account. + :type storage_account_access_key: str + :param retention_days: Specifies the number of days to keep in the Threat + Detection audit logs. + :type retention_days: int + """ + + _validation = { + 'id': {'readonly': True}, + 'name': {'readonly': True}, + 'type': {'readonly': True}, + 'state': {'required': True}, + } + + _attribute_map = { + 'id': {'key': 'id', 'type': 'str'}, + 'name': {'key': 'name', 'type': 'str'}, + 'type': {'key': 'type', 'type': 'str'}, + 'state': {'key': 'properties.state', 'type': 'SecurityAlertState'}, + 'disabled_alerts': {'key': 'properties.disabledAlerts', 'type': '[str]'}, + 'email_addresses': {'key': 'properties.emailAddresses', 'type': '[str]'}, + 'email_account_admins': {'key': 'properties.emailAccountAdmins', 'type': 'bool'}, + 'storage_endpoint': {'key': 'properties.storageEndpoint', 'type': 'str'}, + 'storage_account_access_key': {'key': 'properties.storageAccountAccessKey', 'type': 'str'}, + 'retention_days': {'key': 'properties.retentionDays', 'type': 'int'}, + } + + def __init__(self, *, state, disabled_alerts=None, email_addresses=None, email_account_admins: bool=None, storage_endpoint: str=None, storage_account_access_key: str=None, retention_days: int=None, **kwargs) -> None: + super(ServerSecurityAlertPolicy, self).__init__(**kwargs) + self.state = state + self.disabled_alerts = disabled_alerts + self.email_addresses = email_addresses + self.email_account_admins = email_account_admins + self.storage_endpoint = storage_endpoint + self.storage_account_access_key = storage_account_access_key + self.retention_days = retention_days diff --git a/azure-mgmt-sql/azure/mgmt/sql/models/sql_management_client_enums.py b/azure-mgmt-sql/azure/mgmt/sql/models/sql_management_client_enums.py index 273dd0d3484b..1a9912914186 100644 --- a/azure-mgmt-sql/azure/mgmt/sql/models/sql_management_client_enums.py +++ b/azure-mgmt-sql/azure/mgmt/sql/models/sql_management_client_enums.py @@ -515,6 +515,12 @@ class AutomaticTuningServerReason(str, Enum): auto_configured = "AutoConfigured" +class SecurityAlertState(str, Enum): + + enabled = "Enabled" + disabled = "Disabled" + + class RestorePointType(str, Enum): continuous = "CONTINUOUS" diff --git a/azure-mgmt-sql/azure/mgmt/sql/operations/__init__.py b/azure-mgmt-sql/azure/mgmt/sql/operations/__init__.py index 953bb00775df..6a439bd7367f 100644 --- a/azure-mgmt-sql/azure/mgmt/sql/operations/__init__.py +++ b/azure-mgmt-sql/azure/mgmt/sql/operations/__init__.py @@ -60,6 +60,7 @@ from .managed_databases_operations import ManagedDatabasesOperations from .server_automatic_tuning_operations import ServerAutomaticTuningOperations from .server_dns_aliases_operations import ServerDnsAliasesOperations +from .server_security_alert_policies_operations import ServerSecurityAlertPoliciesOperations from .restore_points_operations import RestorePointsOperations from .database_operations import DatabaseOperations from .elastic_pool_operations import ElasticPoolOperations @@ -120,6 +121,7 @@ 'ManagedDatabasesOperations', 'ServerAutomaticTuningOperations', 'ServerDnsAliasesOperations', + 'ServerSecurityAlertPoliciesOperations', 'RestorePointsOperations', 'DatabaseOperations', 'ElasticPoolOperations', diff --git a/azure-mgmt-sql/azure/mgmt/sql/operations/server_security_alert_policies_operations.py b/azure-mgmt-sql/azure/mgmt/sql/operations/server_security_alert_policies_operations.py new file mode 100644 index 000000000000..ddbd335574b4 --- /dev/null +++ b/azure-mgmt-sql/azure/mgmt/sql/operations/server_security_alert_policies_operations.py @@ -0,0 +1,211 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for +# license information. +# +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is +# regenerated. +# -------------------------------------------------------------------------- + +import uuid +from msrest.pipeline import ClientRawResponse +from msrestazure.azure_exceptions import CloudError +from msrest.polling import LROPoller, NoPolling +from msrestazure.polling.arm_polling import ARMPolling + +from .. import models + + +class ServerSecurityAlertPoliciesOperations(object): + """ServerSecurityAlertPoliciesOperations operations. + + :param client: Client for service requests. + :param config: Configuration of service client. + :param serializer: An object model serializer. + :param deserializer: An object model deserializer. + :ivar security_alert_policy_name: The name of the security alert policy. Constant value: "Default". + :ivar api_version: The API version to use for the request. Constant value: "2017-03-01-preview". + """ + + models = models + + def __init__(self, client, config, serializer, deserializer): + + self._client = client + self._serialize = serializer + self._deserialize = deserializer + self.security_alert_policy_name = "Default" + self.api_version = "2017-03-01-preview" + + self.config = config + + def get( + self, resource_group_name, server_name, custom_headers=None, raw=False, **operation_config): + """Get a server's security alert policy. + + :param resource_group_name: The name of the resource group that + contains the resource. You can obtain this value from the Azure + Resource Manager API or the portal. + :type resource_group_name: str + :param server_name: The name of the server. + :type server_name: str + :param dict custom_headers: headers that will be added to the request + :param bool raw: returns the direct response alongside the + deserialized response + :param operation_config: :ref:`Operation configuration + overrides`. + :return: ServerSecurityAlertPolicy or ClientRawResponse if raw=true + :rtype: ~azure.mgmt.sql.models.ServerSecurityAlertPolicy or + ~msrest.pipeline.ClientRawResponse + :raises: :class:`CloudError` + """ + # Construct URL + url = self.get.metadata['url'] + path_format_arguments = { + 'resourceGroupName': self._serialize.url("resource_group_name", resource_group_name, 'str'), + 'serverName': self._serialize.url("server_name", server_name, 'str'), + 'securityAlertPolicyName': self._serialize.url("self.security_alert_policy_name", self.security_alert_policy_name, 'str'), + 'subscriptionId': self._serialize.url("self.config.subscription_id", self.config.subscription_id, 'str') + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} + query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') + + # Construct headers + header_parameters = {} + header_parameters['Content-Type'] = 'application/json; charset=utf-8' + if self.config.generate_client_request_id: + header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) + if custom_headers: + header_parameters.update(custom_headers) + if self.config.accept_language is not None: + header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') + + # Construct and send request + request = self._client.get(url, query_parameters) + response = self._client.send(request, header_parameters, stream=False, **operation_config) + + if response.status_code not in [200]: + exp = CloudError(response) + exp.request_id = response.headers.get('x-ms-request-id') + raise exp + + deserialized = None + + if response.status_code == 200: + deserialized = self._deserialize('ServerSecurityAlertPolicy', response) + + if raw: + client_raw_response = ClientRawResponse(deserialized, response) + return client_raw_response + + return deserialized + get.metadata = {'url': '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Sql/servers/{serverName}/securityAlertPolicies/{securityAlertPolicyName}'} + + + def _create_or_update_initial( + self, resource_group_name, server_name, parameters, custom_headers=None, raw=False, **operation_config): + # Construct URL + url = self.create_or_update.metadata['url'] + path_format_arguments = { + 'resourceGroupName': self._serialize.url("resource_group_name", resource_group_name, 'str'), + 'serverName': self._serialize.url("server_name", server_name, 'str'), + 'securityAlertPolicyName': self._serialize.url("self.security_alert_policy_name", self.security_alert_policy_name, 'str'), + 'subscriptionId': self._serialize.url("self.config.subscription_id", self.config.subscription_id, 'str') + } + url = self._client.format_url(url, **path_format_arguments) + + # Construct parameters + query_parameters = {} + query_parameters['api-version'] = self._serialize.query("self.api_version", self.api_version, 'str') + + # Construct headers + header_parameters = {} + header_parameters['Content-Type'] = 'application/json; charset=utf-8' + if self.config.generate_client_request_id: + header_parameters['x-ms-client-request-id'] = str(uuid.uuid1()) + if custom_headers: + header_parameters.update(custom_headers) + if self.config.accept_language is not None: + header_parameters['accept-language'] = self._serialize.header("self.config.accept_language", self.config.accept_language, 'str') + + # Construct body + body_content = self._serialize.body(parameters, 'ServerSecurityAlertPolicy') + + # Construct and send request + request = self._client.put(url, query_parameters) + response = self._client.send( + request, header_parameters, body_content, stream=False, **operation_config) + + if response.status_code not in [200, 202]: + exp = CloudError(response) + exp.request_id = response.headers.get('x-ms-request-id') + raise exp + + deserialized = None + + if response.status_code == 200: + deserialized = self._deserialize('ServerSecurityAlertPolicy', response) + + if raw: + client_raw_response = ClientRawResponse(deserialized, response) + return client_raw_response + + return deserialized + + def create_or_update( + self, resource_group_name, server_name, parameters, custom_headers=None, raw=False, polling=True, **operation_config): + """Creates or updates a threat detection policy. + + :param resource_group_name: The name of the resource group that + contains the resource. You can obtain this value from the Azure + Resource Manager API or the portal. + :type resource_group_name: str + :param server_name: The name of the server. + :type server_name: str + :param parameters: The server security alert policy. + :type parameters: ~azure.mgmt.sql.models.ServerSecurityAlertPolicy + :param dict custom_headers: headers that will be added to the request + :param bool raw: The poller return type is ClientRawResponse, the + direct response alongside the deserialized response + :param polling: True for ARMPolling, False for no polling, or a + polling object for personal polling strategy + :return: An instance of LROPoller that returns + ServerSecurityAlertPolicy or + ClientRawResponse if raw==True + :rtype: + ~msrestazure.azure_operation.AzureOperationPoller[~azure.mgmt.sql.models.ServerSecurityAlertPolicy] + or + ~msrestazure.azure_operation.AzureOperationPoller[~msrest.pipeline.ClientRawResponse[~azure.mgmt.sql.models.ServerSecurityAlertPolicy]] + :raises: :class:`CloudError` + """ + raw_result = self._create_or_update_initial( + resource_group_name=resource_group_name, + server_name=server_name, + parameters=parameters, + custom_headers=custom_headers, + raw=True, + **operation_config + ) + + def get_long_running_output(response): + deserialized = self._deserialize('ServerSecurityAlertPolicy', response) + + if raw: + client_raw_response = ClientRawResponse(deserialized, response) + return client_raw_response + + return deserialized + + lro_delay = operation_config.get( + 'long_running_operation_timeout', + self.config.long_running_operation_timeout) + if polling is True: polling_method = ARMPolling(lro_delay, **operation_config) + elif polling is False: polling_method = NoPolling() + else: polling_method = polling + return LROPoller(self._client, raw_result, get_long_running_output, polling_method) + create_or_update.metadata = {'url': '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Sql/servers/{serverName}/securityAlertPolicies/{securityAlertPolicyName}'} diff --git a/azure-mgmt-sql/azure/mgmt/sql/sql_management_client.py b/azure-mgmt-sql/azure/mgmt/sql/sql_management_client.py index 39a53dad15fb..9afb33b63ea4 100644 --- a/azure-mgmt-sql/azure/mgmt/sql/sql_management_client.py +++ b/azure-mgmt-sql/azure/mgmt/sql/sql_management_client.py @@ -64,6 +64,7 @@ from .operations.managed_databases_operations import ManagedDatabasesOperations from .operations.server_automatic_tuning_operations import ServerAutomaticTuningOperations from .operations.server_dns_aliases_operations import ServerDnsAliasesOperations +from .operations.server_security_alert_policies_operations import ServerSecurityAlertPoliciesOperations from .operations.restore_points_operations import RestorePointsOperations from .operations.database_operations import DatabaseOperations from .operations.elastic_pool_operations import ElasticPoolOperations @@ -215,6 +216,8 @@ class SqlManagementClient(SDKClient): :vartype server_automatic_tuning: azure.mgmt.sql.operations.ServerAutomaticTuningOperations :ivar server_dns_aliases: ServerDnsAliases operations :vartype server_dns_aliases: azure.mgmt.sql.operations.ServerDnsAliasesOperations + :ivar server_security_alert_policies: ServerSecurityAlertPolicies operations + :vartype server_security_alert_policies: azure.mgmt.sql.operations.ServerSecurityAlertPoliciesOperations :ivar restore_points: RestorePoints operations :vartype restore_points: azure.mgmt.sql.operations.RestorePointsOperations :ivar database_operations: DatabaseOperations operations @@ -351,6 +354,8 @@ def __init__( self._client, self.config, self._serialize, self._deserialize) self.server_dns_aliases = ServerDnsAliasesOperations( self._client, self.config, self._serialize, self._deserialize) + self.server_security_alert_policies = ServerSecurityAlertPoliciesOperations( + self._client, self.config, self._serialize, self._deserialize) self.restore_points = RestorePointsOperations( self._client, self.config, self._serialize, self._deserialize) self.database_operations = DatabaseOperations(