diff --git a/azure-mgmt-sql/src/main/java/com/microsoft/azure/management/sql/SecurityAlertState.java b/azure-mgmt-sql/src/main/java/com/microsoft/azure/management/sql/SecurityAlertState.java new file mode 100644 index 00000000000..d37831029c5 --- /dev/null +++ b/azure-mgmt-sql/src/main/java/com/microsoft/azure/management/sql/SecurityAlertState.java @@ -0,0 +1,53 @@ +/** + * Copyright (c) Microsoft Corporation. All rights reserved. + * Licensed under the MIT License. See License.txt in the project root for + * license information. + * + * Code generated by Microsoft (R) AutoRest Code Generator. + */ + +package com.microsoft.azure.management.sql; + +import com.fasterxml.jackson.annotation.JsonCreator; +import com.fasterxml.jackson.annotation.JsonValue; + +/** + * Defines values for SecurityAlertState. + */ +public enum SecurityAlertState { + /** Enum value Enabled. */ + ENABLED("Enabled"), + + /** Enum value Disabled. */ + DISABLED("Disabled"); + + /** The actual serialized value for a SecurityAlertState instance. */ + private String value; + + SecurityAlertState(String value) { + this.value = value; + } + + /** + * Parses a serialized value to a SecurityAlertState instance. + * + * @param value the serialized value to parse. + * @return the parsed SecurityAlertState object, or null if unable to parse. + */ + @JsonCreator + public static SecurityAlertState fromString(String value) { + SecurityAlertState[] items = SecurityAlertState.values(); + for (SecurityAlertState item : items) { + if (item.toString().equalsIgnoreCase(value)) { + return item; + } + } + return null; + } + + @JsonValue + @Override + public String toString() { + return this.value; + } +} diff --git a/azure-mgmt-sql/src/main/java/com/microsoft/azure/management/sql/implementation/ExtendedDatabaseBlobAuditingPoliciesInner.java b/azure-mgmt-sql/src/main/java/com/microsoft/azure/management/sql/implementation/ExtendedDatabaseBlobAuditingPoliciesInner.java new file mode 100644 index 00000000000..5596f1f5350 --- /dev/null +++ b/azure-mgmt-sql/src/main/java/com/microsoft/azure/management/sql/implementation/ExtendedDatabaseBlobAuditingPoliciesInner.java @@ -0,0 +1,260 @@ +/** + * Copyright (c) Microsoft Corporation. All rights reserved. + * Licensed under the MIT License. See License.txt in the project root for + * license information. + * + * Code generated by Microsoft (R) AutoRest Code Generator. + */ + +package com.microsoft.azure.management.sql.implementation; + +import retrofit2.Retrofit; +import com.google.common.reflect.TypeToken; +import com.microsoft.azure.CloudException; +import com.microsoft.rest.ServiceCallback; +import com.microsoft.rest.ServiceFuture; +import com.microsoft.rest.ServiceResponse; +import com.microsoft.rest.Validator; +import java.io.IOException; +import okhttp3.ResponseBody; +import retrofit2.http.Body; +import retrofit2.http.GET; +import retrofit2.http.Header; +import retrofit2.http.Headers; +import retrofit2.http.Path; +import retrofit2.http.PUT; +import retrofit2.http.Query; +import retrofit2.Response; +import rx.functions.Func1; +import rx.Observable; + +/** + * An instance of this class provides access to all the operations defined + * in ExtendedDatabaseBlobAuditingPolicies. + */ +public class ExtendedDatabaseBlobAuditingPoliciesInner { + /** The Retrofit service to perform REST calls. */ + private ExtendedDatabaseBlobAuditingPoliciesService service; + /** The service client containing this operation class. */ + private SqlManagementClientImpl client; + + /** + * Initializes an instance of ExtendedDatabaseBlobAuditingPoliciesInner. + * + * @param retrofit the Retrofit instance built from a Retrofit Builder. + * @param client the instance of the service client containing this operation class. + */ + public ExtendedDatabaseBlobAuditingPoliciesInner(Retrofit retrofit, SqlManagementClientImpl client) { + this.service = retrofit.create(ExtendedDatabaseBlobAuditingPoliciesService.class); + this.client = client; + } + + /** + * The interface defining all the services for ExtendedDatabaseBlobAuditingPolicies to be + * used by Retrofit to perform actually REST calls. + */ + interface ExtendedDatabaseBlobAuditingPoliciesService { + @Headers({ "Content-Type: application/json; charset=utf-8", "x-ms-logging-context: com.microsoft.azure.management.sql.ExtendedDatabaseBlobAuditingPolicies get" }) + @GET("subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Sql/servers/{serverName}/databases/{databaseName}/extendedAuditingSettings/{blobAuditingPolicyName}") + Observable> get(@Path("resourceGroupName") String resourceGroupName, @Path("serverName") String serverName, @Path("databaseName") String databaseName, @Path("blobAuditingPolicyName") String blobAuditingPolicyName, @Path("subscriptionId") String subscriptionId, @Query("api-version") String apiVersion, @Header("accept-language") String acceptLanguage, @Header("User-Agent") String userAgent); + + @Headers({ "Content-Type: application/json; charset=utf-8", "x-ms-logging-context: com.microsoft.azure.management.sql.ExtendedDatabaseBlobAuditingPolicies createOrUpdate" }) + @PUT("subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Sql/servers/{serverName}/databases/{databaseName}/extendedAuditingSettings/{blobAuditingPolicyName}") + Observable> createOrUpdate(@Path("resourceGroupName") String resourceGroupName, @Path("serverName") String serverName, @Path("databaseName") String databaseName, @Path("blobAuditingPolicyName") String blobAuditingPolicyName, @Path("subscriptionId") String subscriptionId, @Body ExtendedDatabaseBlobAuditingPolicyInner parameters, @Query("api-version") String apiVersion, @Header("accept-language") String acceptLanguage, @Header("User-Agent") String userAgent); + + } + + /** + * Gets an extended database's blob auditing policy. + * + * @param resourceGroupName The name of the resource group that contains the resource. You can obtain this value from the Azure Resource Manager API or the portal. + * @param serverName The name of the server. + * @param databaseName The name of the database. + * @throws IllegalArgumentException thrown if parameters fail the validation + * @throws CloudException thrown if the request is rejected by server + * @throws RuntimeException all other wrapped checked exceptions if the request fails to be sent + * @return the ExtendedDatabaseBlobAuditingPolicyInner object if successful. + */ + public ExtendedDatabaseBlobAuditingPolicyInner get(String resourceGroupName, String serverName, String databaseName) { + return getWithServiceResponseAsync(resourceGroupName, serverName, databaseName).toBlocking().single().body(); + } + + /** + * Gets an extended database's blob auditing policy. + * + * @param resourceGroupName The name of the resource group that contains the resource. You can obtain this value from the Azure Resource Manager API or the portal. + * @param serverName The name of the server. + * @param databaseName The name of the database. + * @param serviceCallback the async ServiceCallback to handle successful and failed responses. + * @throws IllegalArgumentException thrown if parameters fail the validation + * @return the {@link ServiceFuture} object + */ + public ServiceFuture getAsync(String resourceGroupName, String serverName, String databaseName, final ServiceCallback serviceCallback) { + return ServiceFuture.fromResponse(getWithServiceResponseAsync(resourceGroupName, serverName, databaseName), serviceCallback); + } + + /** + * Gets an extended database's blob auditing policy. + * + * @param resourceGroupName The name of the resource group that contains the resource. You can obtain this value from the Azure Resource Manager API or the portal. + * @param serverName The name of the server. + * @param databaseName The name of the database. + * @throws IllegalArgumentException thrown if parameters fail the validation + * @return the observable to the ExtendedDatabaseBlobAuditingPolicyInner object + */ + public Observable getAsync(String resourceGroupName, String serverName, String databaseName) { + return getWithServiceResponseAsync(resourceGroupName, serverName, databaseName).map(new Func1, ExtendedDatabaseBlobAuditingPolicyInner>() { + @Override + public ExtendedDatabaseBlobAuditingPolicyInner call(ServiceResponse response) { + return response.body(); + } + }); + } + + /** + * Gets an extended database's blob auditing policy. + * + * @param resourceGroupName The name of the resource group that contains the resource. You can obtain this value from the Azure Resource Manager API or the portal. + * @param serverName The name of the server. + * @param databaseName The name of the database. + * @throws IllegalArgumentException thrown if parameters fail the validation + * @return the observable to the ExtendedDatabaseBlobAuditingPolicyInner object + */ + public Observable> getWithServiceResponseAsync(String resourceGroupName, String serverName, String databaseName) { + if (resourceGroupName == null) { + throw new IllegalArgumentException("Parameter resourceGroupName is required and cannot be null."); + } + if (serverName == null) { + throw new IllegalArgumentException("Parameter serverName is required and cannot be null."); + } + if (databaseName == null) { + throw new IllegalArgumentException("Parameter databaseName is required and cannot be null."); + } + if (this.client.subscriptionId() == null) { + throw new IllegalArgumentException("Parameter this.client.subscriptionId() is required and cannot be null."); + } + final String blobAuditingPolicyName = "default"; + final String apiVersion = "2017-03-01-preview"; + return service.get(resourceGroupName, serverName, databaseName, blobAuditingPolicyName, this.client.subscriptionId(), apiVersion, this.client.acceptLanguage(), this.client.userAgent()) + .flatMap(new Func1, Observable>>() { + @Override + public Observable> call(Response response) { + try { + ServiceResponse clientResponse = getDelegate(response); + return Observable.just(clientResponse); + } catch (Throwable t) { + return Observable.error(t); + } + } + }); + } + + private ServiceResponse getDelegate(Response response) throws CloudException, IOException, IllegalArgumentException { + return this.client.restClient().responseBuilderFactory().newInstance(this.client.serializerAdapter()) + .register(200, new TypeToken() { }.getType()) + .registerError(CloudException.class) + .build(response); + } + + /** + * Creates or updates an extended database's blob auditing policy. + * + * @param resourceGroupName The name of the resource group that contains the resource. You can obtain this value from the Azure Resource Manager API or the portal. + * @param serverName The name of the server. + * @param databaseName The name of the database. + * @param parameters The extended database blob auditing policy. + * @throws IllegalArgumentException thrown if parameters fail the validation + * @throws CloudException thrown if the request is rejected by server + * @throws RuntimeException all other wrapped checked exceptions if the request fails to be sent + * @return the ExtendedDatabaseBlobAuditingPolicyInner object if successful. + */ + public ExtendedDatabaseBlobAuditingPolicyInner createOrUpdate(String resourceGroupName, String serverName, String databaseName, ExtendedDatabaseBlobAuditingPolicyInner parameters) { + return createOrUpdateWithServiceResponseAsync(resourceGroupName, serverName, databaseName, parameters).toBlocking().single().body(); + } + + /** + * Creates or updates an extended database's blob auditing policy. + * + * @param resourceGroupName The name of the resource group that contains the resource. You can obtain this value from the Azure Resource Manager API or the portal. + * @param serverName The name of the server. + * @param databaseName The name of the database. + * @param parameters The extended database blob auditing policy. + * @param serviceCallback the async ServiceCallback to handle successful and failed responses. + * @throws IllegalArgumentException thrown if parameters fail the validation + * @return the {@link ServiceFuture} object + */ + public ServiceFuture createOrUpdateAsync(String resourceGroupName, String serverName, String databaseName, ExtendedDatabaseBlobAuditingPolicyInner parameters, final ServiceCallback serviceCallback) { + return ServiceFuture.fromResponse(createOrUpdateWithServiceResponseAsync(resourceGroupName, serverName, databaseName, parameters), serviceCallback); + } + + /** + * Creates or updates an extended database's blob auditing policy. + * + * @param resourceGroupName The name of the resource group that contains the resource. You can obtain this value from the Azure Resource Manager API or the portal. + * @param serverName The name of the server. + * @param databaseName The name of the database. + * @param parameters The extended database blob auditing policy. + * @throws IllegalArgumentException thrown if parameters fail the validation + * @return the observable to the ExtendedDatabaseBlobAuditingPolicyInner object + */ + public Observable createOrUpdateAsync(String resourceGroupName, String serverName, String databaseName, ExtendedDatabaseBlobAuditingPolicyInner parameters) { + return createOrUpdateWithServiceResponseAsync(resourceGroupName, serverName, databaseName, parameters).map(new Func1, ExtendedDatabaseBlobAuditingPolicyInner>() { + @Override + public ExtendedDatabaseBlobAuditingPolicyInner call(ServiceResponse response) { + return response.body(); + } + }); + } + + /** + * Creates or updates an extended database's blob auditing policy. + * + * @param resourceGroupName The name of the resource group that contains the resource. You can obtain this value from the Azure Resource Manager API or the portal. + * @param serverName The name of the server. + * @param databaseName The name of the database. + * @param parameters The extended database blob auditing policy. + * @throws IllegalArgumentException thrown if parameters fail the validation + * @return the observable to the ExtendedDatabaseBlobAuditingPolicyInner object + */ + public Observable> createOrUpdateWithServiceResponseAsync(String resourceGroupName, String serverName, String databaseName, ExtendedDatabaseBlobAuditingPolicyInner parameters) { + if (resourceGroupName == null) { + throw new IllegalArgumentException("Parameter resourceGroupName is required and cannot be null."); + } + if (serverName == null) { + throw new IllegalArgumentException("Parameter serverName is required and cannot be null."); + } + if (databaseName == null) { + throw new IllegalArgumentException("Parameter databaseName is required and cannot be null."); + } + if (this.client.subscriptionId() == null) { + throw new IllegalArgumentException("Parameter this.client.subscriptionId() is required and cannot be null."); + } + if (parameters == null) { + throw new IllegalArgumentException("Parameter parameters is required and cannot be null."); + } + Validator.validate(parameters); + final String blobAuditingPolicyName = "default"; + final String apiVersion = "2017-03-01-preview"; + return service.createOrUpdate(resourceGroupName, serverName, databaseName, blobAuditingPolicyName, this.client.subscriptionId(), parameters, apiVersion, this.client.acceptLanguage(), this.client.userAgent()) + .flatMap(new Func1, Observable>>() { + @Override + public Observable> call(Response response) { + try { + ServiceResponse clientResponse = createOrUpdateDelegate(response); + return Observable.just(clientResponse); + } catch (Throwable t) { + return Observable.error(t); + } + } + }); + } + + private ServiceResponse createOrUpdateDelegate(Response response) throws CloudException, IOException, IllegalArgumentException { + return this.client.restClient().responseBuilderFactory().newInstance(this.client.serializerAdapter()) + .register(200, new TypeToken() { }.getType()) + .register(201, new TypeToken() { }.getType()) + .registerError(CloudException.class) + .build(response); + } + +} diff --git a/azure-mgmt-sql/src/main/java/com/microsoft/azure/management/sql/implementation/ExtendedDatabaseBlobAuditingPolicyInner.java b/azure-mgmt-sql/src/main/java/com/microsoft/azure/management/sql/implementation/ExtendedDatabaseBlobAuditingPolicyInner.java new file mode 100644 index 00000000000..35b9b15f739 --- /dev/null +++ b/azure-mgmt-sql/src/main/java/com/microsoft/azure/management/sql/implementation/ExtendedDatabaseBlobAuditingPolicyInner.java @@ -0,0 +1,394 @@ +/** + * Copyright (c) Microsoft Corporation. All rights reserved. + * Licensed under the MIT License. See License.txt in the project root for + * license information. + * + * Code generated by Microsoft (R) AutoRest Code Generator. + */ + +package com.microsoft.azure.management.sql.implementation; + +import com.microsoft.azure.management.sql.BlobAuditingPolicyState; +import java.util.List; +import java.util.UUID; +import com.fasterxml.jackson.annotation.JsonProperty; +import com.microsoft.rest.serializer.JsonFlatten; + +/** + * An extended database blob auditing policy. + */ +@JsonFlatten +public class ExtendedDatabaseBlobAuditingPolicyInner extends ProxyResourceInner { + /** + * Specifies condition of where clause when creating an audit. + */ + @JsonProperty(value = "properties.predicateExpression") + private String predicateExpression; + + /** + * Specifies the state of the policy. If state is Enabled, storageEndpoint + * and storageAccountAccessKey are required. Possible values include: + * 'Enabled', 'Disabled'. + */ + @JsonProperty(value = "properties.state", required = true) + private BlobAuditingPolicyState state; + + /** + * Specifies the blob storage endpoint (e.g. + * https://MyAccount.blob.core.windows.net). If state is Enabled, + * storageEndpoint is required. + */ + @JsonProperty(value = "properties.storageEndpoint") + private String storageEndpoint; + + /** + * Specifies the identifier key of the auditing storage account. If state + * is Enabled, storageAccountAccessKey is required. + */ + @JsonProperty(value = "properties.storageAccountAccessKey") + private String storageAccountAccessKey; + + /** + * Specifies the number of days to keep in the audit logs. + */ + @JsonProperty(value = "properties.retentionDays") + private Integer retentionDays; + + /** + * Specifies the Actions-Groups and Actions to audit. + * + * The recommended set of action groups to use is the following combination + * - this will audit all the queries and stored procedures executed against + * the database, as well as successful and failed logins: + * + * BATCH_COMPLETED_GROUP, + * SUCCESSFUL_DATABASE_AUTHENTICATION_GROUP, + * FAILED_DATABASE_AUTHENTICATION_GROUP. + * + * This above combination is also the set that is configured by default + * when enabling auditing from the Azure portal. + * + * The supported action groups to audit are (note: choose only specific + * groups that cover your auditing needs. Using unnecessary groups could + * lead to very large quantities of audit records): + * + * APPLICATION_ROLE_CHANGE_PASSWORD_GROUP + * BACKUP_RESTORE_GROUP + * DATABASE_LOGOUT_GROUP + * DATABASE_OBJECT_CHANGE_GROUP + * DATABASE_OBJECT_OWNERSHIP_CHANGE_GROUP + * DATABASE_OBJECT_PERMISSION_CHANGE_GROUP + * DATABASE_OPERATION_GROUP + * DATABASE_PERMISSION_CHANGE_GROUP + * DATABASE_PRINCIPAL_CHANGE_GROUP + * DATABASE_PRINCIPAL_IMPERSONATION_GROUP + * DATABASE_ROLE_MEMBER_CHANGE_GROUP + * FAILED_DATABASE_AUTHENTICATION_GROUP + * SCHEMA_OBJECT_ACCESS_GROUP + * SCHEMA_OBJECT_CHANGE_GROUP + * SCHEMA_OBJECT_OWNERSHIP_CHANGE_GROUP + * SCHEMA_OBJECT_PERMISSION_CHANGE_GROUP + * SUCCESSFUL_DATABASE_AUTHENTICATION_GROUP + * USER_CHANGE_PASSWORD_GROUP + * BATCH_STARTED_GROUP + * BATCH_COMPLETED_GROUP + * + * These are groups that cover all sql statements and stored procedures + * executed against the database, and should not be used in combination + * with other groups as this will result in duplicate audit logs. + * + * For more information, see [Database-Level Audit Action + * Groups](https://docs.microsoft.com/en-us/sql/relational-databases/security/auditing/sql-server-audit-action-groups-and-actions#database-level-audit-action-groups). + * + * For Database auditing policy, specific Actions can also be specified + * (note that Actions cannot be specified for Server auditing policy). The + * supported actions to audit are: + * SELECT + * UPDATE + * INSERT + * DELETE + * EXECUTE + * RECEIVE + * REFERENCES + * + * The general form for defining an action to be audited is: + * <action> ON <object> BY <principal> + * + * Note that <object> in the above format can refer to an object like + * a table, view, or stored procedure, or an entire database or schema. For + * the latter cases, the forms DATABASE::<db_name> and + * SCHEMA::<schema_name> are used, respectively. + * + * For example: + * SELECT on dbo.myTable by public + * SELECT on DATABASE::myDatabase by public + * SELECT on SCHEMA::mySchema by public + * + * For more information, see [Database-Level Audit + * Actions](https://docs.microsoft.com/en-us/sql/relational-databases/security/auditing/sql-server-audit-action-groups-and-actions#database-level-audit-actions). + */ + @JsonProperty(value = "properties.auditActionsAndGroups") + private List auditActionsAndGroups; + + /** + * Specifies the blob storage subscription Id. + */ + @JsonProperty(value = "properties.storageAccountSubscriptionId") + private UUID storageAccountSubscriptionId; + + /** + * Specifies whether storageAccountAccessKey value is the storage's + * secondary key. + */ + @JsonProperty(value = "properties.isStorageSecondaryKeyInUse") + private Boolean isStorageSecondaryKeyInUse; + + /** + * Get specifies condition of where clause when creating an audit. + * + * @return the predicateExpression value + */ + public String predicateExpression() { + return this.predicateExpression; + } + + /** + * Set specifies condition of where clause when creating an audit. + * + * @param predicateExpression the predicateExpression value to set + * @return the ExtendedDatabaseBlobAuditingPolicyInner object itself. + */ + public ExtendedDatabaseBlobAuditingPolicyInner withPredicateExpression(String predicateExpression) { + this.predicateExpression = predicateExpression; + return this; + } + + /** + * Get specifies the state of the policy. If state is Enabled, storageEndpoint and storageAccountAccessKey are required. Possible values include: 'Enabled', 'Disabled'. + * + * @return the state value + */ + public BlobAuditingPolicyState state() { + return this.state; + } + + /** + * Set specifies the state of the policy. If state is Enabled, storageEndpoint and storageAccountAccessKey are required. Possible values include: 'Enabled', 'Disabled'. + * + * @param state the state value to set + * @return the ExtendedDatabaseBlobAuditingPolicyInner object itself. + */ + public ExtendedDatabaseBlobAuditingPolicyInner withState(BlobAuditingPolicyState state) { + this.state = state; + return this; + } + + /** + * Get specifies the blob storage endpoint (e.g. https://MyAccount.blob.core.windows.net). If state is Enabled, storageEndpoint is required. + * + * @return the storageEndpoint value + */ + public String storageEndpoint() { + return this.storageEndpoint; + } + + /** + * Set specifies the blob storage endpoint (e.g. https://MyAccount.blob.core.windows.net). If state is Enabled, storageEndpoint is required. + * + * @param storageEndpoint the storageEndpoint value to set + * @return the ExtendedDatabaseBlobAuditingPolicyInner object itself. + */ + public ExtendedDatabaseBlobAuditingPolicyInner withStorageEndpoint(String storageEndpoint) { + this.storageEndpoint = storageEndpoint; + return this; + } + + /** + * Get specifies the identifier key of the auditing storage account. If state is Enabled, storageAccountAccessKey is required. + * + * @return the storageAccountAccessKey value + */ + public String storageAccountAccessKey() { + return this.storageAccountAccessKey; + } + + /** + * Set specifies the identifier key of the auditing storage account. If state is Enabled, storageAccountAccessKey is required. + * + * @param storageAccountAccessKey the storageAccountAccessKey value to set + * @return the ExtendedDatabaseBlobAuditingPolicyInner object itself. + */ + public ExtendedDatabaseBlobAuditingPolicyInner withStorageAccountAccessKey(String storageAccountAccessKey) { + this.storageAccountAccessKey = storageAccountAccessKey; + return this; + } + + /** + * Get specifies the number of days to keep in the audit logs. + * + * @return the retentionDays value + */ + public Integer retentionDays() { + return this.retentionDays; + } + + /** + * Set specifies the number of days to keep in the audit logs. + * + * @param retentionDays the retentionDays value to set + * @return the ExtendedDatabaseBlobAuditingPolicyInner object itself. + */ + public ExtendedDatabaseBlobAuditingPolicyInner withRetentionDays(Integer retentionDays) { + this.retentionDays = retentionDays; + return this; + } + + /** + * Get specifies the Actions-Groups and Actions to audit. + The recommended set of action groups to use is the following combination - this will audit all the queries and stored procedures executed against the database, as well as successful and failed logins: + BATCH_COMPLETED_GROUP, + SUCCESSFUL_DATABASE_AUTHENTICATION_GROUP, + FAILED_DATABASE_AUTHENTICATION_GROUP. + This above combination is also the set that is configured by default when enabling auditing from the Azure portal. + The supported action groups to audit are (note: choose only specific groups that cover your auditing needs. Using unnecessary groups could lead to very large quantities of audit records): + APPLICATION_ROLE_CHANGE_PASSWORD_GROUP + BACKUP_RESTORE_GROUP + DATABASE_LOGOUT_GROUP + DATABASE_OBJECT_CHANGE_GROUP + DATABASE_OBJECT_OWNERSHIP_CHANGE_GROUP + DATABASE_OBJECT_PERMISSION_CHANGE_GROUP + DATABASE_OPERATION_GROUP + DATABASE_PERMISSION_CHANGE_GROUP + DATABASE_PRINCIPAL_CHANGE_GROUP + DATABASE_PRINCIPAL_IMPERSONATION_GROUP + DATABASE_ROLE_MEMBER_CHANGE_GROUP + FAILED_DATABASE_AUTHENTICATION_GROUP + SCHEMA_OBJECT_ACCESS_GROUP + SCHEMA_OBJECT_CHANGE_GROUP + SCHEMA_OBJECT_OWNERSHIP_CHANGE_GROUP + SCHEMA_OBJECT_PERMISSION_CHANGE_GROUP + SUCCESSFUL_DATABASE_AUTHENTICATION_GROUP + USER_CHANGE_PASSWORD_GROUP + BATCH_STARTED_GROUP + BATCH_COMPLETED_GROUP + These are groups that cover all sql statements and stored procedures executed against the database, and should not be used in combination with other groups as this will result in duplicate audit logs. + For more information, see [Database-Level Audit Action Groups](https://docs.microsoft.com/en-us/sql/relational-databases/security/auditing/sql-server-audit-action-groups-and-actions#database-level-audit-action-groups). + For Database auditing policy, specific Actions can also be specified (note that Actions cannot be specified for Server auditing policy). The supported actions to audit are: + SELECT + UPDATE + INSERT + DELETE + EXECUTE + RECEIVE + REFERENCES + The general form for defining an action to be audited is: + <action> ON <object> BY <principal> + Note that <object> in the above format can refer to an object like a table, view, or stored procedure, or an entire database or schema. For the latter cases, the forms DATABASE::<db_name> and SCHEMA::<schema_name> are used, respectively. + For example: + SELECT on dbo.myTable by public + SELECT on DATABASE::myDatabase by public + SELECT on SCHEMA::mySchema by public + For more information, see [Database-Level Audit Actions](https://docs.microsoft.com/en-us/sql/relational-databases/security/auditing/sql-server-audit-action-groups-and-actions#database-level-audit-actions). + * + * @return the auditActionsAndGroups value + */ + public List auditActionsAndGroups() { + return this.auditActionsAndGroups; + } + + /** + * Set specifies the Actions-Groups and Actions to audit. + The recommended set of action groups to use is the following combination - this will audit all the queries and stored procedures executed against the database, as well as successful and failed logins: + BATCH_COMPLETED_GROUP, + SUCCESSFUL_DATABASE_AUTHENTICATION_GROUP, + FAILED_DATABASE_AUTHENTICATION_GROUP. + This above combination is also the set that is configured by default when enabling auditing from the Azure portal. + The supported action groups to audit are (note: choose only specific groups that cover your auditing needs. Using unnecessary groups could lead to very large quantities of audit records): + APPLICATION_ROLE_CHANGE_PASSWORD_GROUP + BACKUP_RESTORE_GROUP + DATABASE_LOGOUT_GROUP + DATABASE_OBJECT_CHANGE_GROUP + DATABASE_OBJECT_OWNERSHIP_CHANGE_GROUP + DATABASE_OBJECT_PERMISSION_CHANGE_GROUP + DATABASE_OPERATION_GROUP + DATABASE_PERMISSION_CHANGE_GROUP + DATABASE_PRINCIPAL_CHANGE_GROUP + DATABASE_PRINCIPAL_IMPERSONATION_GROUP + DATABASE_ROLE_MEMBER_CHANGE_GROUP + FAILED_DATABASE_AUTHENTICATION_GROUP + SCHEMA_OBJECT_ACCESS_GROUP + SCHEMA_OBJECT_CHANGE_GROUP + SCHEMA_OBJECT_OWNERSHIP_CHANGE_GROUP + SCHEMA_OBJECT_PERMISSION_CHANGE_GROUP + SUCCESSFUL_DATABASE_AUTHENTICATION_GROUP + USER_CHANGE_PASSWORD_GROUP + BATCH_STARTED_GROUP + BATCH_COMPLETED_GROUP + These are groups that cover all sql statements and stored procedures executed against the database, and should not be used in combination with other groups as this will result in duplicate audit logs. + For more information, see [Database-Level Audit Action Groups](https://docs.microsoft.com/en-us/sql/relational-databases/security/auditing/sql-server-audit-action-groups-and-actions#database-level-audit-action-groups). + For Database auditing policy, specific Actions can also be specified (note that Actions cannot be specified for Server auditing policy). The supported actions to audit are: + SELECT + UPDATE + INSERT + DELETE + EXECUTE + RECEIVE + REFERENCES + The general form for defining an action to be audited is: + <action> ON <object> BY <principal> + Note that <object> in the above format can refer to an object like a table, view, or stored procedure, or an entire database or schema. For the latter cases, the forms DATABASE::<db_name> and SCHEMA::<schema_name> are used, respectively. + For example: + SELECT on dbo.myTable by public + SELECT on DATABASE::myDatabase by public + SELECT on SCHEMA::mySchema by public + For more information, see [Database-Level Audit Actions](https://docs.microsoft.com/en-us/sql/relational-databases/security/auditing/sql-server-audit-action-groups-and-actions#database-level-audit-actions). + * + * @param auditActionsAndGroups the auditActionsAndGroups value to set + * @return the ExtendedDatabaseBlobAuditingPolicyInner object itself. + */ + public ExtendedDatabaseBlobAuditingPolicyInner withAuditActionsAndGroups(List auditActionsAndGroups) { + this.auditActionsAndGroups = auditActionsAndGroups; + return this; + } + + /** + * Get specifies the blob storage subscription Id. + * + * @return the storageAccountSubscriptionId value + */ + public UUID storageAccountSubscriptionId() { + return this.storageAccountSubscriptionId; + } + + /** + * Set specifies the blob storage subscription Id. + * + * @param storageAccountSubscriptionId the storageAccountSubscriptionId value to set + * @return the ExtendedDatabaseBlobAuditingPolicyInner object itself. + */ + public ExtendedDatabaseBlobAuditingPolicyInner withStorageAccountSubscriptionId(UUID storageAccountSubscriptionId) { + this.storageAccountSubscriptionId = storageAccountSubscriptionId; + return this; + } + + /** + * Get specifies whether storageAccountAccessKey value is the storage's secondary key. + * + * @return the isStorageSecondaryKeyInUse value + */ + public Boolean isStorageSecondaryKeyInUse() { + return this.isStorageSecondaryKeyInUse; + } + + /** + * Set specifies whether storageAccountAccessKey value is the storage's secondary key. + * + * @param isStorageSecondaryKeyInUse the isStorageSecondaryKeyInUse value to set + * @return the ExtendedDatabaseBlobAuditingPolicyInner object itself. + */ + public ExtendedDatabaseBlobAuditingPolicyInner withIsStorageSecondaryKeyInUse(Boolean isStorageSecondaryKeyInUse) { + this.isStorageSecondaryKeyInUse = isStorageSecondaryKeyInUse; + return this; + } + +} diff --git a/azure-mgmt-sql/src/main/java/com/microsoft/azure/management/sql/implementation/ExtendedServerBlobAuditingPoliciesInner.java b/azure-mgmt-sql/src/main/java/com/microsoft/azure/management/sql/implementation/ExtendedServerBlobAuditingPoliciesInner.java new file mode 100644 index 00000000000..6ca32af2d04 --- /dev/null +++ b/azure-mgmt-sql/src/main/java/com/microsoft/azure/management/sql/implementation/ExtendedServerBlobAuditingPoliciesInner.java @@ -0,0 +1,326 @@ +/** + * Copyright (c) Microsoft Corporation. All rights reserved. + * Licensed under the MIT License. See License.txt in the project root for + * license information. + * + * Code generated by Microsoft (R) AutoRest Code Generator. + */ + +package com.microsoft.azure.management.sql.implementation; + +import retrofit2.Retrofit; +import com.google.common.reflect.TypeToken; +import com.microsoft.azure.CloudException; +import com.microsoft.rest.ServiceCallback; +import com.microsoft.rest.ServiceFuture; +import com.microsoft.rest.ServiceResponse; +import com.microsoft.rest.Validator; +import java.io.IOException; +import okhttp3.ResponseBody; +import retrofit2.http.Body; +import retrofit2.http.GET; +import retrofit2.http.Header; +import retrofit2.http.Headers; +import retrofit2.http.Path; +import retrofit2.http.PUT; +import retrofit2.http.Query; +import retrofit2.Response; +import rx.functions.Func1; +import rx.Observable; + +/** + * An instance of this class provides access to all the operations defined + * in ExtendedServerBlobAuditingPolicies. + */ +public class ExtendedServerBlobAuditingPoliciesInner { + /** The Retrofit service to perform REST calls. */ + private ExtendedServerBlobAuditingPoliciesService service; + /** The service client containing this operation class. */ + private SqlManagementClientImpl client; + + /** + * Initializes an instance of ExtendedServerBlobAuditingPoliciesInner. + * + * @param retrofit the Retrofit instance built from a Retrofit Builder. + * @param client the instance of the service client containing this operation class. + */ + public ExtendedServerBlobAuditingPoliciesInner(Retrofit retrofit, SqlManagementClientImpl client) { + this.service = retrofit.create(ExtendedServerBlobAuditingPoliciesService.class); + this.client = client; + } + + /** + * The interface defining all the services for ExtendedServerBlobAuditingPolicies to be + * used by Retrofit to perform actually REST calls. + */ + interface ExtendedServerBlobAuditingPoliciesService { + @Headers({ "Content-Type: application/json; charset=utf-8", "x-ms-logging-context: com.microsoft.azure.management.sql.ExtendedServerBlobAuditingPolicies get" }) + @GET("subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Sql/servers/{serverName}/extendedAuditingSettings/{blobAuditingPolicyName}") + Observable> get(@Path("resourceGroupName") String resourceGroupName, @Path("serverName") String serverName, @Path("blobAuditingPolicyName") String blobAuditingPolicyName, @Path("subscriptionId") String subscriptionId, @Query("api-version") String apiVersion, @Header("accept-language") String acceptLanguage, @Header("User-Agent") String userAgent); + + @Headers({ "Content-Type: application/json; charset=utf-8", "x-ms-logging-context: com.microsoft.azure.management.sql.ExtendedServerBlobAuditingPolicies createOrUpdate" }) + @PUT("subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Sql/servers/{serverName}/extendedAuditingSettings/{blobAuditingPolicyName}") + Observable> createOrUpdate(@Path("resourceGroupName") String resourceGroupName, @Path("serverName") String serverName, @Path("blobAuditingPolicyName") String blobAuditingPolicyName, @Path("subscriptionId") String subscriptionId, @Body ExtendedServerBlobAuditingPolicyInner parameters, @Query("api-version") String apiVersion, @Header("accept-language") String acceptLanguage, @Header("User-Agent") String userAgent); + + @Headers({ "Content-Type: application/json; charset=utf-8", "x-ms-logging-context: com.microsoft.azure.management.sql.ExtendedServerBlobAuditingPolicies beginCreateOrUpdate" }) + @PUT("subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Sql/servers/{serverName}/extendedAuditingSettings/{blobAuditingPolicyName}") + Observable> beginCreateOrUpdate(@Path("resourceGroupName") String resourceGroupName, @Path("serverName") String serverName, @Path("blobAuditingPolicyName") String blobAuditingPolicyName, @Path("subscriptionId") String subscriptionId, @Body ExtendedServerBlobAuditingPolicyInner parameters, @Query("api-version") String apiVersion, @Header("accept-language") String acceptLanguage, @Header("User-Agent") String userAgent); + + } + + /** + * Gets an extended server's blob auditing policy. + * + * @param resourceGroupName The name of the resource group that contains the resource. You can obtain this value from the Azure Resource Manager API or the portal. + * @param serverName The name of the server. + * @throws IllegalArgumentException thrown if parameters fail the validation + * @throws CloudException thrown if the request is rejected by server + * @throws RuntimeException all other wrapped checked exceptions if the request fails to be sent + * @return the ExtendedServerBlobAuditingPolicyInner object if successful. + */ + public ExtendedServerBlobAuditingPolicyInner get(String resourceGroupName, String serverName) { + return getWithServiceResponseAsync(resourceGroupName, serverName).toBlocking().single().body(); + } + + /** + * Gets an extended server's blob auditing policy. + * + * @param resourceGroupName The name of the resource group that contains the resource. You can obtain this value from the Azure Resource Manager API or the portal. + * @param serverName The name of the server. + * @param serviceCallback the async ServiceCallback to handle successful and failed responses. + * @throws IllegalArgumentException thrown if parameters fail the validation + * @return the {@link ServiceFuture} object + */ + public ServiceFuture getAsync(String resourceGroupName, String serverName, final ServiceCallback serviceCallback) { + return ServiceFuture.fromResponse(getWithServiceResponseAsync(resourceGroupName, serverName), serviceCallback); + } + + /** + * Gets an extended server's blob auditing policy. + * + * @param resourceGroupName The name of the resource group that contains the resource. You can obtain this value from the Azure Resource Manager API or the portal. + * @param serverName The name of the server. + * @throws IllegalArgumentException thrown if parameters fail the validation + * @return the observable to the ExtendedServerBlobAuditingPolicyInner object + */ + public Observable getAsync(String resourceGroupName, String serverName) { + return getWithServiceResponseAsync(resourceGroupName, serverName).map(new Func1, ExtendedServerBlobAuditingPolicyInner>() { + @Override + public ExtendedServerBlobAuditingPolicyInner call(ServiceResponse response) { + return response.body(); + } + }); + } + + /** + * Gets an extended server's blob auditing policy. + * + * @param resourceGroupName The name of the resource group that contains the resource. You can obtain this value from the Azure Resource Manager API or the portal. + * @param serverName The name of the server. + * @throws IllegalArgumentException thrown if parameters fail the validation + * @return the observable to the ExtendedServerBlobAuditingPolicyInner object + */ + public Observable> getWithServiceResponseAsync(String resourceGroupName, String serverName) { + if (resourceGroupName == null) { + throw new IllegalArgumentException("Parameter resourceGroupName is required and cannot be null."); + } + if (serverName == null) { + throw new IllegalArgumentException("Parameter serverName is required and cannot be null."); + } + if (this.client.subscriptionId() == null) { + throw new IllegalArgumentException("Parameter this.client.subscriptionId() is required and cannot be null."); + } + final String blobAuditingPolicyName = "default"; + final String apiVersion = "2017-03-01-preview"; + return service.get(resourceGroupName, serverName, blobAuditingPolicyName, this.client.subscriptionId(), apiVersion, this.client.acceptLanguage(), this.client.userAgent()) + .flatMap(new Func1, Observable>>() { + @Override + public Observable> call(Response response) { + try { + ServiceResponse clientResponse = getDelegate(response); + return Observable.just(clientResponse); + } catch (Throwable t) { + return Observable.error(t); + } + } + }); + } + + private ServiceResponse getDelegate(Response response) throws CloudException, IOException, IllegalArgumentException { + return this.client.restClient().responseBuilderFactory().newInstance(this.client.serializerAdapter()) + .register(200, new TypeToken() { }.getType()) + .registerError(CloudException.class) + .build(response); + } + + /** + * Creates or updates an extended server's blob auditing policy. + * + * @param resourceGroupName The name of the resource group that contains the resource. You can obtain this value from the Azure Resource Manager API or the portal. + * @param serverName The name of the server. + * @param parameters Properties of extended blob auditing policy + * @throws IllegalArgumentException thrown if parameters fail the validation + * @throws CloudException thrown if the request is rejected by server + * @throws RuntimeException all other wrapped checked exceptions if the request fails to be sent + * @return the ExtendedServerBlobAuditingPolicyInner object if successful. + */ + public ExtendedServerBlobAuditingPolicyInner createOrUpdate(String resourceGroupName, String serverName, ExtendedServerBlobAuditingPolicyInner parameters) { + return createOrUpdateWithServiceResponseAsync(resourceGroupName, serverName, parameters).toBlocking().last().body(); + } + + /** + * Creates or updates an extended server's blob auditing policy. + * + * @param resourceGroupName The name of the resource group that contains the resource. You can obtain this value from the Azure Resource Manager API or the portal. + * @param serverName The name of the server. + * @param parameters Properties of extended blob auditing policy + * @param serviceCallback the async ServiceCallback to handle successful and failed responses. + * @throws IllegalArgumentException thrown if parameters fail the validation + * @return the {@link ServiceFuture} object + */ + public ServiceFuture createOrUpdateAsync(String resourceGroupName, String serverName, ExtendedServerBlobAuditingPolicyInner parameters, final ServiceCallback serviceCallback) { + return ServiceFuture.fromResponse(createOrUpdateWithServiceResponseAsync(resourceGroupName, serverName, parameters), serviceCallback); + } + + /** + * Creates or updates an extended server's blob auditing policy. + * + * @param resourceGroupName The name of the resource group that contains the resource. You can obtain this value from the Azure Resource Manager API or the portal. + * @param serverName The name of the server. + * @param parameters Properties of extended blob auditing policy + * @throws IllegalArgumentException thrown if parameters fail the validation + * @return the observable for the request + */ + public Observable createOrUpdateAsync(String resourceGroupName, String serverName, ExtendedServerBlobAuditingPolicyInner parameters) { + return createOrUpdateWithServiceResponseAsync(resourceGroupName, serverName, parameters).map(new Func1, ExtendedServerBlobAuditingPolicyInner>() { + @Override + public ExtendedServerBlobAuditingPolicyInner call(ServiceResponse response) { + return response.body(); + } + }); + } + + /** + * Creates or updates an extended server's blob auditing policy. + * + * @param resourceGroupName The name of the resource group that contains the resource. You can obtain this value from the Azure Resource Manager API or the portal. + * @param serverName The name of the server. + * @param parameters Properties of extended blob auditing policy + * @throws IllegalArgumentException thrown if parameters fail the validation + * @return the observable for the request + */ + public Observable> createOrUpdateWithServiceResponseAsync(String resourceGroupName, String serverName, ExtendedServerBlobAuditingPolicyInner parameters) { + if (resourceGroupName == null) { + throw new IllegalArgumentException("Parameter resourceGroupName is required and cannot be null."); + } + if (serverName == null) { + throw new IllegalArgumentException("Parameter serverName is required and cannot be null."); + } + if (this.client.subscriptionId() == null) { + throw new IllegalArgumentException("Parameter this.client.subscriptionId() is required and cannot be null."); + } + if (parameters == null) { + throw new IllegalArgumentException("Parameter parameters is required and cannot be null."); + } + Validator.validate(parameters); + final String blobAuditingPolicyName = "default"; + final String apiVersion = "2017-03-01-preview"; + Observable> observable = service.createOrUpdate(resourceGroupName, serverName, blobAuditingPolicyName, this.client.subscriptionId(), parameters, apiVersion, this.client.acceptLanguage(), this.client.userAgent()); + return client.getAzureClient().getPutOrPatchResultAsync(observable, new TypeToken() { }.getType()); + } + + /** + * Creates or updates an extended server's blob auditing policy. + * + * @param resourceGroupName The name of the resource group that contains the resource. You can obtain this value from the Azure Resource Manager API or the portal. + * @param serverName The name of the server. + * @param parameters Properties of extended blob auditing policy + * @throws IllegalArgumentException thrown if parameters fail the validation + * @throws CloudException thrown if the request is rejected by server + * @throws RuntimeException all other wrapped checked exceptions if the request fails to be sent + * @return the ExtendedServerBlobAuditingPolicyInner object if successful. + */ + public ExtendedServerBlobAuditingPolicyInner beginCreateOrUpdate(String resourceGroupName, String serverName, ExtendedServerBlobAuditingPolicyInner parameters) { + return beginCreateOrUpdateWithServiceResponseAsync(resourceGroupName, serverName, parameters).toBlocking().single().body(); + } + + /** + * Creates or updates an extended server's blob auditing policy. + * + * @param resourceGroupName The name of the resource group that contains the resource. You can obtain this value from the Azure Resource Manager API or the portal. + * @param serverName The name of the server. + * @param parameters Properties of extended blob auditing policy + * @param serviceCallback the async ServiceCallback to handle successful and failed responses. + * @throws IllegalArgumentException thrown if parameters fail the validation + * @return the {@link ServiceFuture} object + */ + public ServiceFuture beginCreateOrUpdateAsync(String resourceGroupName, String serverName, ExtendedServerBlobAuditingPolicyInner parameters, final ServiceCallback serviceCallback) { + return ServiceFuture.fromResponse(beginCreateOrUpdateWithServiceResponseAsync(resourceGroupName, serverName, parameters), serviceCallback); + } + + /** + * Creates or updates an extended server's blob auditing policy. + * + * @param resourceGroupName The name of the resource group that contains the resource. You can obtain this value from the Azure Resource Manager API or the portal. + * @param serverName The name of the server. + * @param parameters Properties of extended blob auditing policy + * @throws IllegalArgumentException thrown if parameters fail the validation + * @return the observable to the ExtendedServerBlobAuditingPolicyInner object + */ + public Observable beginCreateOrUpdateAsync(String resourceGroupName, String serverName, ExtendedServerBlobAuditingPolicyInner parameters) { + return beginCreateOrUpdateWithServiceResponseAsync(resourceGroupName, serverName, parameters).map(new Func1, ExtendedServerBlobAuditingPolicyInner>() { + @Override + public ExtendedServerBlobAuditingPolicyInner call(ServiceResponse response) { + return response.body(); + } + }); + } + + /** + * Creates or updates an extended server's blob auditing policy. + * + * @param resourceGroupName The name of the resource group that contains the resource. You can obtain this value from the Azure Resource Manager API or the portal. + * @param serverName The name of the server. + * @param parameters Properties of extended blob auditing policy + * @throws IllegalArgumentException thrown if parameters fail the validation + * @return the observable to the ExtendedServerBlobAuditingPolicyInner object + */ + public Observable> beginCreateOrUpdateWithServiceResponseAsync(String resourceGroupName, String serverName, ExtendedServerBlobAuditingPolicyInner parameters) { + if (resourceGroupName == null) { + throw new IllegalArgumentException("Parameter resourceGroupName is required and cannot be null."); + } + if (serverName == null) { + throw new IllegalArgumentException("Parameter serverName is required and cannot be null."); + } + if (this.client.subscriptionId() == null) { + throw new IllegalArgumentException("Parameter this.client.subscriptionId() is required and cannot be null."); + } + if (parameters == null) { + throw new IllegalArgumentException("Parameter parameters is required and cannot be null."); + } + Validator.validate(parameters); + final String blobAuditingPolicyName = "default"; + final String apiVersion = "2017-03-01-preview"; + return service.beginCreateOrUpdate(resourceGroupName, serverName, blobAuditingPolicyName, this.client.subscriptionId(), parameters, apiVersion, this.client.acceptLanguage(), this.client.userAgent()) + .flatMap(new Func1, Observable>>() { + @Override + public Observable> call(Response response) { + try { + ServiceResponse clientResponse = beginCreateOrUpdateDelegate(response); + return Observable.just(clientResponse); + } catch (Throwable t) { + return Observable.error(t); + } + } + }); + } + + private ServiceResponse beginCreateOrUpdateDelegate(Response response) throws CloudException, IOException, IllegalArgumentException { + return this.client.restClient().responseBuilderFactory().newInstance(this.client.serializerAdapter()) + .register(200, new TypeToken() { }.getType()) + .register(202, new TypeToken() { }.getType()) + .registerError(CloudException.class) + .build(response); + } + +} diff --git a/azure-mgmt-sql/src/main/java/com/microsoft/azure/management/sql/implementation/ExtendedServerBlobAuditingPolicyInner.java b/azure-mgmt-sql/src/main/java/com/microsoft/azure/management/sql/implementation/ExtendedServerBlobAuditingPolicyInner.java new file mode 100644 index 00000000000..baf93089981 --- /dev/null +++ b/azure-mgmt-sql/src/main/java/com/microsoft/azure/management/sql/implementation/ExtendedServerBlobAuditingPolicyInner.java @@ -0,0 +1,394 @@ +/** + * Copyright (c) Microsoft Corporation. All rights reserved. + * Licensed under the MIT License. See License.txt in the project root for + * license information. + * + * Code generated by Microsoft (R) AutoRest Code Generator. + */ + +package com.microsoft.azure.management.sql.implementation; + +import com.microsoft.azure.management.sql.BlobAuditingPolicyState; +import java.util.List; +import java.util.UUID; +import com.fasterxml.jackson.annotation.JsonProperty; +import com.microsoft.rest.serializer.JsonFlatten; + +/** + * An extended server blob auditing policy. + */ +@JsonFlatten +public class ExtendedServerBlobAuditingPolicyInner extends ProxyResourceInner { + /** + * Specifies condition of where clause when creating an audit. + */ + @JsonProperty(value = "properties.predicateExpression") + private String predicateExpression; + + /** + * Specifies the state of the policy. If state is Enabled, storageEndpoint + * and storageAccountAccessKey are required. Possible values include: + * 'Enabled', 'Disabled'. + */ + @JsonProperty(value = "properties.state", required = true) + private BlobAuditingPolicyState state; + + /** + * Specifies the blob storage endpoint (e.g. + * https://MyAccount.blob.core.windows.net). If state is Enabled, + * storageEndpoint is required. + */ + @JsonProperty(value = "properties.storageEndpoint") + private String storageEndpoint; + + /** + * Specifies the identifier key of the auditing storage account. If state + * is Enabled, storageAccountAccessKey is required. + */ + @JsonProperty(value = "properties.storageAccountAccessKey") + private String storageAccountAccessKey; + + /** + * Specifies the number of days to keep in the audit logs. + */ + @JsonProperty(value = "properties.retentionDays") + private Integer retentionDays; + + /** + * Specifies the Actions-Groups and Actions to audit. + * + * The recommended set of action groups to use is the following combination + * - this will audit all the queries and stored procedures executed against + * the database, as well as successful and failed logins: + * + * BATCH_COMPLETED_GROUP, + * SUCCESSFUL_DATABASE_AUTHENTICATION_GROUP, + * FAILED_DATABASE_AUTHENTICATION_GROUP. + * + * This above combination is also the set that is configured by default + * when enabling auditing from the Azure portal. + * + * The supported action groups to audit are (note: choose only specific + * groups that cover your auditing needs. Using unnecessary groups could + * lead to very large quantities of audit records): + * + * APPLICATION_ROLE_CHANGE_PASSWORD_GROUP + * BACKUP_RESTORE_GROUP + * DATABASE_LOGOUT_GROUP + * DATABASE_OBJECT_CHANGE_GROUP + * DATABASE_OBJECT_OWNERSHIP_CHANGE_GROUP + * DATABASE_OBJECT_PERMISSION_CHANGE_GROUP + * DATABASE_OPERATION_GROUP + * DATABASE_PERMISSION_CHANGE_GROUP + * DATABASE_PRINCIPAL_CHANGE_GROUP + * DATABASE_PRINCIPAL_IMPERSONATION_GROUP + * DATABASE_ROLE_MEMBER_CHANGE_GROUP + * FAILED_DATABASE_AUTHENTICATION_GROUP + * SCHEMA_OBJECT_ACCESS_GROUP + * SCHEMA_OBJECT_CHANGE_GROUP + * SCHEMA_OBJECT_OWNERSHIP_CHANGE_GROUP + * SCHEMA_OBJECT_PERMISSION_CHANGE_GROUP + * SUCCESSFUL_DATABASE_AUTHENTICATION_GROUP + * USER_CHANGE_PASSWORD_GROUP + * BATCH_STARTED_GROUP + * BATCH_COMPLETED_GROUP + * + * These are groups that cover all sql statements and stored procedures + * executed against the database, and should not be used in combination + * with other groups as this will result in duplicate audit logs. + * + * For more information, see [Database-Level Audit Action + * Groups](https://docs.microsoft.com/en-us/sql/relational-databases/security/auditing/sql-server-audit-action-groups-and-actions#database-level-audit-action-groups). + * + * For Database auditing policy, specific Actions can also be specified + * (note that Actions cannot be specified for Server auditing policy). The + * supported actions to audit are: + * SELECT + * UPDATE + * INSERT + * DELETE + * EXECUTE + * RECEIVE + * REFERENCES + * + * The general form for defining an action to be audited is: + * <action> ON <object> BY <principal> + * + * Note that <object> in the above format can refer to an object like + * a table, view, or stored procedure, or an entire database or schema. For + * the latter cases, the forms DATABASE::<db_name> and + * SCHEMA::<schema_name> are used, respectively. + * + * For example: + * SELECT on dbo.myTable by public + * SELECT on DATABASE::myDatabase by public + * SELECT on SCHEMA::mySchema by public + * + * For more information, see [Database-Level Audit + * Actions](https://docs.microsoft.com/en-us/sql/relational-databases/security/auditing/sql-server-audit-action-groups-and-actions#database-level-audit-actions). + */ + @JsonProperty(value = "properties.auditActionsAndGroups") + private List auditActionsAndGroups; + + /** + * Specifies the blob storage subscription Id. + */ + @JsonProperty(value = "properties.storageAccountSubscriptionId") + private UUID storageAccountSubscriptionId; + + /** + * Specifies whether storageAccountAccessKey value is the storage's + * secondary key. + */ + @JsonProperty(value = "properties.isStorageSecondaryKeyInUse") + private Boolean isStorageSecondaryKeyInUse; + + /** + * Get specifies condition of where clause when creating an audit. + * + * @return the predicateExpression value + */ + public String predicateExpression() { + return this.predicateExpression; + } + + /** + * Set specifies condition of where clause when creating an audit. + * + * @param predicateExpression the predicateExpression value to set + * @return the ExtendedServerBlobAuditingPolicyInner object itself. + */ + public ExtendedServerBlobAuditingPolicyInner withPredicateExpression(String predicateExpression) { + this.predicateExpression = predicateExpression; + return this; + } + + /** + * Get specifies the state of the policy. If state is Enabled, storageEndpoint and storageAccountAccessKey are required. Possible values include: 'Enabled', 'Disabled'. + * + * @return the state value + */ + public BlobAuditingPolicyState state() { + return this.state; + } + + /** + * Set specifies the state of the policy. If state is Enabled, storageEndpoint and storageAccountAccessKey are required. Possible values include: 'Enabled', 'Disabled'. + * + * @param state the state value to set + * @return the ExtendedServerBlobAuditingPolicyInner object itself. + */ + public ExtendedServerBlobAuditingPolicyInner withState(BlobAuditingPolicyState state) { + this.state = state; + return this; + } + + /** + * Get specifies the blob storage endpoint (e.g. https://MyAccount.blob.core.windows.net). If state is Enabled, storageEndpoint is required. + * + * @return the storageEndpoint value + */ + public String storageEndpoint() { + return this.storageEndpoint; + } + + /** + * Set specifies the blob storage endpoint (e.g. https://MyAccount.blob.core.windows.net). If state is Enabled, storageEndpoint is required. + * + * @param storageEndpoint the storageEndpoint value to set + * @return the ExtendedServerBlobAuditingPolicyInner object itself. + */ + public ExtendedServerBlobAuditingPolicyInner withStorageEndpoint(String storageEndpoint) { + this.storageEndpoint = storageEndpoint; + return this; + } + + /** + * Get specifies the identifier key of the auditing storage account. If state is Enabled, storageAccountAccessKey is required. + * + * @return the storageAccountAccessKey value + */ + public String storageAccountAccessKey() { + return this.storageAccountAccessKey; + } + + /** + * Set specifies the identifier key of the auditing storage account. If state is Enabled, storageAccountAccessKey is required. + * + * @param storageAccountAccessKey the storageAccountAccessKey value to set + * @return the ExtendedServerBlobAuditingPolicyInner object itself. + */ + public ExtendedServerBlobAuditingPolicyInner withStorageAccountAccessKey(String storageAccountAccessKey) { + this.storageAccountAccessKey = storageAccountAccessKey; + return this; + } + + /** + * Get specifies the number of days to keep in the audit logs. + * + * @return the retentionDays value + */ + public Integer retentionDays() { + return this.retentionDays; + } + + /** + * Set specifies the number of days to keep in the audit logs. + * + * @param retentionDays the retentionDays value to set + * @return the ExtendedServerBlobAuditingPolicyInner object itself. + */ + public ExtendedServerBlobAuditingPolicyInner withRetentionDays(Integer retentionDays) { + this.retentionDays = retentionDays; + return this; + } + + /** + * Get specifies the Actions-Groups and Actions to audit. + The recommended set of action groups to use is the following combination - this will audit all the queries and stored procedures executed against the database, as well as successful and failed logins: + BATCH_COMPLETED_GROUP, + SUCCESSFUL_DATABASE_AUTHENTICATION_GROUP, + FAILED_DATABASE_AUTHENTICATION_GROUP. + This above combination is also the set that is configured by default when enabling auditing from the Azure portal. + The supported action groups to audit are (note: choose only specific groups that cover your auditing needs. Using unnecessary groups could lead to very large quantities of audit records): + APPLICATION_ROLE_CHANGE_PASSWORD_GROUP + BACKUP_RESTORE_GROUP + DATABASE_LOGOUT_GROUP + DATABASE_OBJECT_CHANGE_GROUP + DATABASE_OBJECT_OWNERSHIP_CHANGE_GROUP + DATABASE_OBJECT_PERMISSION_CHANGE_GROUP + DATABASE_OPERATION_GROUP + DATABASE_PERMISSION_CHANGE_GROUP + DATABASE_PRINCIPAL_CHANGE_GROUP + DATABASE_PRINCIPAL_IMPERSONATION_GROUP + DATABASE_ROLE_MEMBER_CHANGE_GROUP + FAILED_DATABASE_AUTHENTICATION_GROUP + SCHEMA_OBJECT_ACCESS_GROUP + SCHEMA_OBJECT_CHANGE_GROUP + SCHEMA_OBJECT_OWNERSHIP_CHANGE_GROUP + SCHEMA_OBJECT_PERMISSION_CHANGE_GROUP + SUCCESSFUL_DATABASE_AUTHENTICATION_GROUP + USER_CHANGE_PASSWORD_GROUP + BATCH_STARTED_GROUP + BATCH_COMPLETED_GROUP + These are groups that cover all sql statements and stored procedures executed against the database, and should not be used in combination with other groups as this will result in duplicate audit logs. + For more information, see [Database-Level Audit Action Groups](https://docs.microsoft.com/en-us/sql/relational-databases/security/auditing/sql-server-audit-action-groups-and-actions#database-level-audit-action-groups). + For Database auditing policy, specific Actions can also be specified (note that Actions cannot be specified for Server auditing policy). The supported actions to audit are: + SELECT + UPDATE + INSERT + DELETE + EXECUTE + RECEIVE + REFERENCES + The general form for defining an action to be audited is: + <action> ON <object> BY <principal> + Note that <object> in the above format can refer to an object like a table, view, or stored procedure, or an entire database or schema. For the latter cases, the forms DATABASE::<db_name> and SCHEMA::<schema_name> are used, respectively. + For example: + SELECT on dbo.myTable by public + SELECT on DATABASE::myDatabase by public + SELECT on SCHEMA::mySchema by public + For more information, see [Database-Level Audit Actions](https://docs.microsoft.com/en-us/sql/relational-databases/security/auditing/sql-server-audit-action-groups-and-actions#database-level-audit-actions). + * + * @return the auditActionsAndGroups value + */ + public List auditActionsAndGroups() { + return this.auditActionsAndGroups; + } + + /** + * Set specifies the Actions-Groups and Actions to audit. + The recommended set of action groups to use is the following combination - this will audit all the queries and stored procedures executed against the database, as well as successful and failed logins: + BATCH_COMPLETED_GROUP, + SUCCESSFUL_DATABASE_AUTHENTICATION_GROUP, + FAILED_DATABASE_AUTHENTICATION_GROUP. + This above combination is also the set that is configured by default when enabling auditing from the Azure portal. + The supported action groups to audit are (note: choose only specific groups that cover your auditing needs. Using unnecessary groups could lead to very large quantities of audit records): + APPLICATION_ROLE_CHANGE_PASSWORD_GROUP + BACKUP_RESTORE_GROUP + DATABASE_LOGOUT_GROUP + DATABASE_OBJECT_CHANGE_GROUP + DATABASE_OBJECT_OWNERSHIP_CHANGE_GROUP + DATABASE_OBJECT_PERMISSION_CHANGE_GROUP + DATABASE_OPERATION_GROUP + DATABASE_PERMISSION_CHANGE_GROUP + DATABASE_PRINCIPAL_CHANGE_GROUP + DATABASE_PRINCIPAL_IMPERSONATION_GROUP + DATABASE_ROLE_MEMBER_CHANGE_GROUP + FAILED_DATABASE_AUTHENTICATION_GROUP + SCHEMA_OBJECT_ACCESS_GROUP + SCHEMA_OBJECT_CHANGE_GROUP + SCHEMA_OBJECT_OWNERSHIP_CHANGE_GROUP + SCHEMA_OBJECT_PERMISSION_CHANGE_GROUP + SUCCESSFUL_DATABASE_AUTHENTICATION_GROUP + USER_CHANGE_PASSWORD_GROUP + BATCH_STARTED_GROUP + BATCH_COMPLETED_GROUP + These are groups that cover all sql statements and stored procedures executed against the database, and should not be used in combination with other groups as this will result in duplicate audit logs. + For more information, see [Database-Level Audit Action Groups](https://docs.microsoft.com/en-us/sql/relational-databases/security/auditing/sql-server-audit-action-groups-and-actions#database-level-audit-action-groups). + For Database auditing policy, specific Actions can also be specified (note that Actions cannot be specified for Server auditing policy). The supported actions to audit are: + SELECT + UPDATE + INSERT + DELETE + EXECUTE + RECEIVE + REFERENCES + The general form for defining an action to be audited is: + <action> ON <object> BY <principal> + Note that <object> in the above format can refer to an object like a table, view, or stored procedure, or an entire database or schema. For the latter cases, the forms DATABASE::<db_name> and SCHEMA::<schema_name> are used, respectively. + For example: + SELECT on dbo.myTable by public + SELECT on DATABASE::myDatabase by public + SELECT on SCHEMA::mySchema by public + For more information, see [Database-Level Audit Actions](https://docs.microsoft.com/en-us/sql/relational-databases/security/auditing/sql-server-audit-action-groups-and-actions#database-level-audit-actions). + * + * @param auditActionsAndGroups the auditActionsAndGroups value to set + * @return the ExtendedServerBlobAuditingPolicyInner object itself. + */ + public ExtendedServerBlobAuditingPolicyInner withAuditActionsAndGroups(List auditActionsAndGroups) { + this.auditActionsAndGroups = auditActionsAndGroups; + return this; + } + + /** + * Get specifies the blob storage subscription Id. + * + * @return the storageAccountSubscriptionId value + */ + public UUID storageAccountSubscriptionId() { + return this.storageAccountSubscriptionId; + } + + /** + * Set specifies the blob storage subscription Id. + * + * @param storageAccountSubscriptionId the storageAccountSubscriptionId value to set + * @return the ExtendedServerBlobAuditingPolicyInner object itself. + */ + public ExtendedServerBlobAuditingPolicyInner withStorageAccountSubscriptionId(UUID storageAccountSubscriptionId) { + this.storageAccountSubscriptionId = storageAccountSubscriptionId; + return this; + } + + /** + * Get specifies whether storageAccountAccessKey value is the storage's secondary key. + * + * @return the isStorageSecondaryKeyInUse value + */ + public Boolean isStorageSecondaryKeyInUse() { + return this.isStorageSecondaryKeyInUse; + } + + /** + * Set specifies whether storageAccountAccessKey value is the storage's secondary key. + * + * @param isStorageSecondaryKeyInUse the isStorageSecondaryKeyInUse value to set + * @return the ExtendedServerBlobAuditingPolicyInner object itself. + */ + public ExtendedServerBlobAuditingPolicyInner withIsStorageSecondaryKeyInUse(Boolean isStorageSecondaryKeyInUse) { + this.isStorageSecondaryKeyInUse = isStorageSecondaryKeyInUse; + return this; + } + +} diff --git a/azure-mgmt-sql/src/main/java/com/microsoft/azure/management/sql/implementation/ServerBlobAuditingPoliciesInner.java b/azure-mgmt-sql/src/main/java/com/microsoft/azure/management/sql/implementation/ServerBlobAuditingPoliciesInner.java new file mode 100644 index 00000000000..3019092c076 --- /dev/null +++ b/azure-mgmt-sql/src/main/java/com/microsoft/azure/management/sql/implementation/ServerBlobAuditingPoliciesInner.java @@ -0,0 +1,326 @@ +/** + * Copyright (c) Microsoft Corporation. All rights reserved. + * Licensed under the MIT License. See License.txt in the project root for + * license information. + * + * Code generated by Microsoft (R) AutoRest Code Generator. + */ + +package com.microsoft.azure.management.sql.implementation; + +import retrofit2.Retrofit; +import com.google.common.reflect.TypeToken; +import com.microsoft.azure.CloudException; +import com.microsoft.rest.ServiceCallback; +import com.microsoft.rest.ServiceFuture; +import com.microsoft.rest.ServiceResponse; +import com.microsoft.rest.Validator; +import java.io.IOException; +import okhttp3.ResponseBody; +import retrofit2.http.Body; +import retrofit2.http.GET; +import retrofit2.http.Header; +import retrofit2.http.Headers; +import retrofit2.http.Path; +import retrofit2.http.PUT; +import retrofit2.http.Query; +import retrofit2.Response; +import rx.functions.Func1; +import rx.Observable; + +/** + * An instance of this class provides access to all the operations defined + * in ServerBlobAuditingPolicies. + */ +public class ServerBlobAuditingPoliciesInner { + /** The Retrofit service to perform REST calls. */ + private ServerBlobAuditingPoliciesService service; + /** The service client containing this operation class. */ + private SqlManagementClientImpl client; + + /** + * Initializes an instance of ServerBlobAuditingPoliciesInner. + * + * @param retrofit the Retrofit instance built from a Retrofit Builder. + * @param client the instance of the service client containing this operation class. + */ + public ServerBlobAuditingPoliciesInner(Retrofit retrofit, SqlManagementClientImpl client) { + this.service = retrofit.create(ServerBlobAuditingPoliciesService.class); + this.client = client; + } + + /** + * The interface defining all the services for ServerBlobAuditingPolicies to be + * used by Retrofit to perform actually REST calls. + */ + interface ServerBlobAuditingPoliciesService { + @Headers({ "Content-Type: application/json; charset=utf-8", "x-ms-logging-context: com.microsoft.azure.management.sql.ServerBlobAuditingPolicies get" }) + @GET("subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Sql/servers/{serverName}/auditingSettings/{blobAuditingPolicyName}") + Observable> get(@Path("resourceGroupName") String resourceGroupName, @Path("serverName") String serverName, @Path("blobAuditingPolicyName") String blobAuditingPolicyName, @Path("subscriptionId") String subscriptionId, @Query("api-version") String apiVersion, @Header("accept-language") String acceptLanguage, @Header("User-Agent") String userAgent); + + @Headers({ "Content-Type: application/json; charset=utf-8", "x-ms-logging-context: com.microsoft.azure.management.sql.ServerBlobAuditingPolicies createOrUpdate" }) + @PUT("subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Sql/servers/{serverName}/auditingSettings/{blobAuditingPolicyName}") + Observable> createOrUpdate(@Path("resourceGroupName") String resourceGroupName, @Path("serverName") String serverName, @Path("blobAuditingPolicyName") String blobAuditingPolicyName, @Path("subscriptionId") String subscriptionId, @Body ServerBlobAuditingPolicyInner parameters, @Query("api-version") String apiVersion, @Header("accept-language") String acceptLanguage, @Header("User-Agent") String userAgent); + + @Headers({ "Content-Type: application/json; charset=utf-8", "x-ms-logging-context: com.microsoft.azure.management.sql.ServerBlobAuditingPolicies beginCreateOrUpdate" }) + @PUT("subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Sql/servers/{serverName}/auditingSettings/{blobAuditingPolicyName}") + Observable> beginCreateOrUpdate(@Path("resourceGroupName") String resourceGroupName, @Path("serverName") String serverName, @Path("blobAuditingPolicyName") String blobAuditingPolicyName, @Path("subscriptionId") String subscriptionId, @Body ServerBlobAuditingPolicyInner parameters, @Query("api-version") String apiVersion, @Header("accept-language") String acceptLanguage, @Header("User-Agent") String userAgent); + + } + + /** + * Gets a server's blob auditing policy. + * + * @param resourceGroupName The name of the resource group that contains the resource. You can obtain this value from the Azure Resource Manager API or the portal. + * @param serverName The name of the server. + * @throws IllegalArgumentException thrown if parameters fail the validation + * @throws CloudException thrown if the request is rejected by server + * @throws RuntimeException all other wrapped checked exceptions if the request fails to be sent + * @return the ServerBlobAuditingPolicyInner object if successful. + */ + public ServerBlobAuditingPolicyInner get(String resourceGroupName, String serverName) { + return getWithServiceResponseAsync(resourceGroupName, serverName).toBlocking().single().body(); + } + + /** + * Gets a server's blob auditing policy. + * + * @param resourceGroupName The name of the resource group that contains the resource. You can obtain this value from the Azure Resource Manager API or the portal. + * @param serverName The name of the server. + * @param serviceCallback the async ServiceCallback to handle successful and failed responses. + * @throws IllegalArgumentException thrown if parameters fail the validation + * @return the {@link ServiceFuture} object + */ + public ServiceFuture getAsync(String resourceGroupName, String serverName, final ServiceCallback serviceCallback) { + return ServiceFuture.fromResponse(getWithServiceResponseAsync(resourceGroupName, serverName), serviceCallback); + } + + /** + * Gets a server's blob auditing policy. + * + * @param resourceGroupName The name of the resource group that contains the resource. You can obtain this value from the Azure Resource Manager API or the portal. + * @param serverName The name of the server. + * @throws IllegalArgumentException thrown if parameters fail the validation + * @return the observable to the ServerBlobAuditingPolicyInner object + */ + public Observable getAsync(String resourceGroupName, String serverName) { + return getWithServiceResponseAsync(resourceGroupName, serverName).map(new Func1, ServerBlobAuditingPolicyInner>() { + @Override + public ServerBlobAuditingPolicyInner call(ServiceResponse response) { + return response.body(); + } + }); + } + + /** + * Gets a server's blob auditing policy. + * + * @param resourceGroupName The name of the resource group that contains the resource. You can obtain this value from the Azure Resource Manager API or the portal. + * @param serverName The name of the server. + * @throws IllegalArgumentException thrown if parameters fail the validation + * @return the observable to the ServerBlobAuditingPolicyInner object + */ + public Observable> getWithServiceResponseAsync(String resourceGroupName, String serverName) { + if (resourceGroupName == null) { + throw new IllegalArgumentException("Parameter resourceGroupName is required and cannot be null."); + } + if (serverName == null) { + throw new IllegalArgumentException("Parameter serverName is required and cannot be null."); + } + if (this.client.subscriptionId() == null) { + throw new IllegalArgumentException("Parameter this.client.subscriptionId() is required and cannot be null."); + } + final String blobAuditingPolicyName = "default"; + final String apiVersion = "2017-03-01-preview"; + return service.get(resourceGroupName, serverName, blobAuditingPolicyName, this.client.subscriptionId(), apiVersion, this.client.acceptLanguage(), this.client.userAgent()) + .flatMap(new Func1, Observable>>() { + @Override + public Observable> call(Response response) { + try { + ServiceResponse clientResponse = getDelegate(response); + return Observable.just(clientResponse); + } catch (Throwable t) { + return Observable.error(t); + } + } + }); + } + + private ServiceResponse getDelegate(Response response) throws CloudException, IOException, IllegalArgumentException { + return this.client.restClient().responseBuilderFactory().newInstance(this.client.serializerAdapter()) + .register(200, new TypeToken() { }.getType()) + .registerError(CloudException.class) + .build(response); + } + + /** + * Creates or updates a server's blob auditing policy. + * + * @param resourceGroupName The name of the resource group that contains the resource. You can obtain this value from the Azure Resource Manager API or the portal. + * @param serverName The name of the server. + * @param parameters Properties of blob auditing policy + * @throws IllegalArgumentException thrown if parameters fail the validation + * @throws CloudException thrown if the request is rejected by server + * @throws RuntimeException all other wrapped checked exceptions if the request fails to be sent + * @return the ServerBlobAuditingPolicyInner object if successful. + */ + public ServerBlobAuditingPolicyInner createOrUpdate(String resourceGroupName, String serverName, ServerBlobAuditingPolicyInner parameters) { + return createOrUpdateWithServiceResponseAsync(resourceGroupName, serverName, parameters).toBlocking().last().body(); + } + + /** + * Creates or updates a server's blob auditing policy. + * + * @param resourceGroupName The name of the resource group that contains the resource. You can obtain this value from the Azure Resource Manager API or the portal. + * @param serverName The name of the server. + * @param parameters Properties of blob auditing policy + * @param serviceCallback the async ServiceCallback to handle successful and failed responses. + * @throws IllegalArgumentException thrown if parameters fail the validation + * @return the {@link ServiceFuture} object + */ + public ServiceFuture createOrUpdateAsync(String resourceGroupName, String serverName, ServerBlobAuditingPolicyInner parameters, final ServiceCallback serviceCallback) { + return ServiceFuture.fromResponse(createOrUpdateWithServiceResponseAsync(resourceGroupName, serverName, parameters), serviceCallback); + } + + /** + * Creates or updates a server's blob auditing policy. + * + * @param resourceGroupName The name of the resource group that contains the resource. You can obtain this value from the Azure Resource Manager API or the portal. + * @param serverName The name of the server. + * @param parameters Properties of blob auditing policy + * @throws IllegalArgumentException thrown if parameters fail the validation + * @return the observable for the request + */ + public Observable createOrUpdateAsync(String resourceGroupName, String serverName, ServerBlobAuditingPolicyInner parameters) { + return createOrUpdateWithServiceResponseAsync(resourceGroupName, serverName, parameters).map(new Func1, ServerBlobAuditingPolicyInner>() { + @Override + public ServerBlobAuditingPolicyInner call(ServiceResponse response) { + return response.body(); + } + }); + } + + /** + * Creates or updates a server's blob auditing policy. + * + * @param resourceGroupName The name of the resource group that contains the resource. You can obtain this value from the Azure Resource Manager API or the portal. + * @param serverName The name of the server. + * @param parameters Properties of blob auditing policy + * @throws IllegalArgumentException thrown if parameters fail the validation + * @return the observable for the request + */ + public Observable> createOrUpdateWithServiceResponseAsync(String resourceGroupName, String serverName, ServerBlobAuditingPolicyInner parameters) { + if (resourceGroupName == null) { + throw new IllegalArgumentException("Parameter resourceGroupName is required and cannot be null."); + } + if (serverName == null) { + throw new IllegalArgumentException("Parameter serverName is required and cannot be null."); + } + if (this.client.subscriptionId() == null) { + throw new IllegalArgumentException("Parameter this.client.subscriptionId() is required and cannot be null."); + } + if (parameters == null) { + throw new IllegalArgumentException("Parameter parameters is required and cannot be null."); + } + Validator.validate(parameters); + final String blobAuditingPolicyName = "default"; + final String apiVersion = "2017-03-01-preview"; + Observable> observable = service.createOrUpdate(resourceGroupName, serverName, blobAuditingPolicyName, this.client.subscriptionId(), parameters, apiVersion, this.client.acceptLanguage(), this.client.userAgent()); + return client.getAzureClient().getPutOrPatchResultAsync(observable, new TypeToken() { }.getType()); + } + + /** + * Creates or updates a server's blob auditing policy. + * + * @param resourceGroupName The name of the resource group that contains the resource. You can obtain this value from the Azure Resource Manager API or the portal. + * @param serverName The name of the server. + * @param parameters Properties of blob auditing policy + * @throws IllegalArgumentException thrown if parameters fail the validation + * @throws CloudException thrown if the request is rejected by server + * @throws RuntimeException all other wrapped checked exceptions if the request fails to be sent + * @return the ServerBlobAuditingPolicyInner object if successful. + */ + public ServerBlobAuditingPolicyInner beginCreateOrUpdate(String resourceGroupName, String serverName, ServerBlobAuditingPolicyInner parameters) { + return beginCreateOrUpdateWithServiceResponseAsync(resourceGroupName, serverName, parameters).toBlocking().single().body(); + } + + /** + * Creates or updates a server's blob auditing policy. + * + * @param resourceGroupName The name of the resource group that contains the resource. You can obtain this value from the Azure Resource Manager API or the portal. + * @param serverName The name of the server. + * @param parameters Properties of blob auditing policy + * @param serviceCallback the async ServiceCallback to handle successful and failed responses. + * @throws IllegalArgumentException thrown if parameters fail the validation + * @return the {@link ServiceFuture} object + */ + public ServiceFuture beginCreateOrUpdateAsync(String resourceGroupName, String serverName, ServerBlobAuditingPolicyInner parameters, final ServiceCallback serviceCallback) { + return ServiceFuture.fromResponse(beginCreateOrUpdateWithServiceResponseAsync(resourceGroupName, serverName, parameters), serviceCallback); + } + + /** + * Creates or updates a server's blob auditing policy. + * + * @param resourceGroupName The name of the resource group that contains the resource. You can obtain this value from the Azure Resource Manager API or the portal. + * @param serverName The name of the server. + * @param parameters Properties of blob auditing policy + * @throws IllegalArgumentException thrown if parameters fail the validation + * @return the observable to the ServerBlobAuditingPolicyInner object + */ + public Observable beginCreateOrUpdateAsync(String resourceGroupName, String serverName, ServerBlobAuditingPolicyInner parameters) { + return beginCreateOrUpdateWithServiceResponseAsync(resourceGroupName, serverName, parameters).map(new Func1, ServerBlobAuditingPolicyInner>() { + @Override + public ServerBlobAuditingPolicyInner call(ServiceResponse response) { + return response.body(); + } + }); + } + + /** + * Creates or updates a server's blob auditing policy. + * + * @param resourceGroupName The name of the resource group that contains the resource. You can obtain this value from the Azure Resource Manager API or the portal. + * @param serverName The name of the server. + * @param parameters Properties of blob auditing policy + * @throws IllegalArgumentException thrown if parameters fail the validation + * @return the observable to the ServerBlobAuditingPolicyInner object + */ + public Observable> beginCreateOrUpdateWithServiceResponseAsync(String resourceGroupName, String serverName, ServerBlobAuditingPolicyInner parameters) { + if (resourceGroupName == null) { + throw new IllegalArgumentException("Parameter resourceGroupName is required and cannot be null."); + } + if (serverName == null) { + throw new IllegalArgumentException("Parameter serverName is required and cannot be null."); + } + if (this.client.subscriptionId() == null) { + throw new IllegalArgumentException("Parameter this.client.subscriptionId() is required and cannot be null."); + } + if (parameters == null) { + throw new IllegalArgumentException("Parameter parameters is required and cannot be null."); + } + Validator.validate(parameters); + final String blobAuditingPolicyName = "default"; + final String apiVersion = "2017-03-01-preview"; + return service.beginCreateOrUpdate(resourceGroupName, serverName, blobAuditingPolicyName, this.client.subscriptionId(), parameters, apiVersion, this.client.acceptLanguage(), this.client.userAgent()) + .flatMap(new Func1, Observable>>() { + @Override + public Observable> call(Response response) { + try { + ServiceResponse clientResponse = beginCreateOrUpdateDelegate(response); + return Observable.just(clientResponse); + } catch (Throwable t) { + return Observable.error(t); + } + } + }); + } + + private ServiceResponse beginCreateOrUpdateDelegate(Response response) throws CloudException, IOException, IllegalArgumentException { + return this.client.restClient().responseBuilderFactory().newInstance(this.client.serializerAdapter()) + .register(200, new TypeToken() { }.getType()) + .register(202, new TypeToken() { }.getType()) + .registerError(CloudException.class) + .build(response); + } + +} diff --git a/azure-mgmt-sql/src/main/java/com/microsoft/azure/management/sql/implementation/ServerBlobAuditingPolicyInner.java b/azure-mgmt-sql/src/main/java/com/microsoft/azure/management/sql/implementation/ServerBlobAuditingPolicyInner.java new file mode 100644 index 00000000000..056a99e0b38 --- /dev/null +++ b/azure-mgmt-sql/src/main/java/com/microsoft/azure/management/sql/implementation/ServerBlobAuditingPolicyInner.java @@ -0,0 +1,368 @@ +/** + * Copyright (c) Microsoft Corporation. All rights reserved. + * Licensed under the MIT License. See License.txt in the project root for + * license information. + * + * Code generated by Microsoft (R) AutoRest Code Generator. + */ + +package com.microsoft.azure.management.sql.implementation; + +import com.microsoft.azure.management.sql.BlobAuditingPolicyState; +import java.util.List; +import java.util.UUID; +import com.fasterxml.jackson.annotation.JsonProperty; +import com.microsoft.rest.serializer.JsonFlatten; + +/** + * A server blob auditing policy. + */ +@JsonFlatten +public class ServerBlobAuditingPolicyInner extends ProxyResourceInner { + /** + * Specifies the state of the policy. If state is Enabled, storageEndpoint + * and storageAccountAccessKey are required. Possible values include: + * 'Enabled', 'Disabled'. + */ + @JsonProperty(value = "properties.state", required = true) + private BlobAuditingPolicyState state; + + /** + * Specifies the blob storage endpoint (e.g. + * https://MyAccount.blob.core.windows.net). If state is Enabled, + * storageEndpoint is required. + */ + @JsonProperty(value = "properties.storageEndpoint") + private String storageEndpoint; + + /** + * Specifies the identifier key of the auditing storage account. If state + * is Enabled, storageAccountAccessKey is required. + */ + @JsonProperty(value = "properties.storageAccountAccessKey") + private String storageAccountAccessKey; + + /** + * Specifies the number of days to keep in the audit logs. + */ + @JsonProperty(value = "properties.retentionDays") + private Integer retentionDays; + + /** + * Specifies the Actions-Groups and Actions to audit. + * + * The recommended set of action groups to use is the following combination + * - this will audit all the queries and stored procedures executed against + * the database, as well as successful and failed logins: + * + * BATCH_COMPLETED_GROUP, + * SUCCESSFUL_DATABASE_AUTHENTICATION_GROUP, + * FAILED_DATABASE_AUTHENTICATION_GROUP. + * + * This above combination is also the set that is configured by default + * when enabling auditing from the Azure portal. + * + * The supported action groups to audit are (note: choose only specific + * groups that cover your auditing needs. Using unnecessary groups could + * lead to very large quantities of audit records): + * + * APPLICATION_ROLE_CHANGE_PASSWORD_GROUP + * BACKUP_RESTORE_GROUP + * DATABASE_LOGOUT_GROUP + * DATABASE_OBJECT_CHANGE_GROUP + * DATABASE_OBJECT_OWNERSHIP_CHANGE_GROUP + * DATABASE_OBJECT_PERMISSION_CHANGE_GROUP + * DATABASE_OPERATION_GROUP + * DATABASE_PERMISSION_CHANGE_GROUP + * DATABASE_PRINCIPAL_CHANGE_GROUP + * DATABASE_PRINCIPAL_IMPERSONATION_GROUP + * DATABASE_ROLE_MEMBER_CHANGE_GROUP + * FAILED_DATABASE_AUTHENTICATION_GROUP + * SCHEMA_OBJECT_ACCESS_GROUP + * SCHEMA_OBJECT_CHANGE_GROUP + * SCHEMA_OBJECT_OWNERSHIP_CHANGE_GROUP + * SCHEMA_OBJECT_PERMISSION_CHANGE_GROUP + * SUCCESSFUL_DATABASE_AUTHENTICATION_GROUP + * USER_CHANGE_PASSWORD_GROUP + * BATCH_STARTED_GROUP + * BATCH_COMPLETED_GROUP + * + * These are groups that cover all sql statements and stored procedures + * executed against the database, and should not be used in combination + * with other groups as this will result in duplicate audit logs. + * + * For more information, see [Database-Level Audit Action + * Groups](https://docs.microsoft.com/en-us/sql/relational-databases/security/auditing/sql-server-audit-action-groups-and-actions#database-level-audit-action-groups). + * + * For Database auditing policy, specific Actions can also be specified + * (note that Actions cannot be specified for Server auditing policy). The + * supported actions to audit are: + * SELECT + * UPDATE + * INSERT + * DELETE + * EXECUTE + * RECEIVE + * REFERENCES + * + * The general form for defining an action to be audited is: + * <action> ON <object> BY <principal> + * + * Note that <object> in the above format can refer to an object like + * a table, view, or stored procedure, or an entire database or schema. For + * the latter cases, the forms DATABASE::<db_name> and + * SCHEMA::<schema_name> are used, respectively. + * + * For example: + * SELECT on dbo.myTable by public + * SELECT on DATABASE::myDatabase by public + * SELECT on SCHEMA::mySchema by public + * + * For more information, see [Database-Level Audit + * Actions](https://docs.microsoft.com/en-us/sql/relational-databases/security/auditing/sql-server-audit-action-groups-and-actions#database-level-audit-actions). + */ + @JsonProperty(value = "properties.auditActionsAndGroups") + private List auditActionsAndGroups; + + /** + * Specifies the blob storage subscription Id. + */ + @JsonProperty(value = "properties.storageAccountSubscriptionId") + private UUID storageAccountSubscriptionId; + + /** + * Specifies whether storageAccountAccessKey value is the storage's + * secondary key. + */ + @JsonProperty(value = "properties.isStorageSecondaryKeyInUse") + private Boolean isStorageSecondaryKeyInUse; + + /** + * Get specifies the state of the policy. If state is Enabled, storageEndpoint and storageAccountAccessKey are required. Possible values include: 'Enabled', 'Disabled'. + * + * @return the state value + */ + public BlobAuditingPolicyState state() { + return this.state; + } + + /** + * Set specifies the state of the policy. If state is Enabled, storageEndpoint and storageAccountAccessKey are required. Possible values include: 'Enabled', 'Disabled'. + * + * @param state the state value to set + * @return the ServerBlobAuditingPolicyInner object itself. + */ + public ServerBlobAuditingPolicyInner withState(BlobAuditingPolicyState state) { + this.state = state; + return this; + } + + /** + * Get specifies the blob storage endpoint (e.g. https://MyAccount.blob.core.windows.net). If state is Enabled, storageEndpoint is required. + * + * @return the storageEndpoint value + */ + public String storageEndpoint() { + return this.storageEndpoint; + } + + /** + * Set specifies the blob storage endpoint (e.g. https://MyAccount.blob.core.windows.net). If state is Enabled, storageEndpoint is required. + * + * @param storageEndpoint the storageEndpoint value to set + * @return the ServerBlobAuditingPolicyInner object itself. + */ + public ServerBlobAuditingPolicyInner withStorageEndpoint(String storageEndpoint) { + this.storageEndpoint = storageEndpoint; + return this; + } + + /** + * Get specifies the identifier key of the auditing storage account. If state is Enabled, storageAccountAccessKey is required. + * + * @return the storageAccountAccessKey value + */ + public String storageAccountAccessKey() { + return this.storageAccountAccessKey; + } + + /** + * Set specifies the identifier key of the auditing storage account. If state is Enabled, storageAccountAccessKey is required. + * + * @param storageAccountAccessKey the storageAccountAccessKey value to set + * @return the ServerBlobAuditingPolicyInner object itself. + */ + public ServerBlobAuditingPolicyInner withStorageAccountAccessKey(String storageAccountAccessKey) { + this.storageAccountAccessKey = storageAccountAccessKey; + return this; + } + + /** + * Get specifies the number of days to keep in the audit logs. + * + * @return the retentionDays value + */ + public Integer retentionDays() { + return this.retentionDays; + } + + /** + * Set specifies the number of days to keep in the audit logs. + * + * @param retentionDays the retentionDays value to set + * @return the ServerBlobAuditingPolicyInner object itself. + */ + public ServerBlobAuditingPolicyInner withRetentionDays(Integer retentionDays) { + this.retentionDays = retentionDays; + return this; + } + + /** + * Get specifies the Actions-Groups and Actions to audit. + The recommended set of action groups to use is the following combination - this will audit all the queries and stored procedures executed against the database, as well as successful and failed logins: + BATCH_COMPLETED_GROUP, + SUCCESSFUL_DATABASE_AUTHENTICATION_GROUP, + FAILED_DATABASE_AUTHENTICATION_GROUP. + This above combination is also the set that is configured by default when enabling auditing from the Azure portal. + The supported action groups to audit are (note: choose only specific groups that cover your auditing needs. Using unnecessary groups could lead to very large quantities of audit records): + APPLICATION_ROLE_CHANGE_PASSWORD_GROUP + BACKUP_RESTORE_GROUP + DATABASE_LOGOUT_GROUP + DATABASE_OBJECT_CHANGE_GROUP + DATABASE_OBJECT_OWNERSHIP_CHANGE_GROUP + DATABASE_OBJECT_PERMISSION_CHANGE_GROUP + DATABASE_OPERATION_GROUP + DATABASE_PERMISSION_CHANGE_GROUP + DATABASE_PRINCIPAL_CHANGE_GROUP + DATABASE_PRINCIPAL_IMPERSONATION_GROUP + DATABASE_ROLE_MEMBER_CHANGE_GROUP + FAILED_DATABASE_AUTHENTICATION_GROUP + SCHEMA_OBJECT_ACCESS_GROUP + SCHEMA_OBJECT_CHANGE_GROUP + SCHEMA_OBJECT_OWNERSHIP_CHANGE_GROUP + SCHEMA_OBJECT_PERMISSION_CHANGE_GROUP + SUCCESSFUL_DATABASE_AUTHENTICATION_GROUP + USER_CHANGE_PASSWORD_GROUP + BATCH_STARTED_GROUP + BATCH_COMPLETED_GROUP + These are groups that cover all sql statements and stored procedures executed against the database, and should not be used in combination with other groups as this will result in duplicate audit logs. + For more information, see [Database-Level Audit Action Groups](https://docs.microsoft.com/en-us/sql/relational-databases/security/auditing/sql-server-audit-action-groups-and-actions#database-level-audit-action-groups). + For Database auditing policy, specific Actions can also be specified (note that Actions cannot be specified for Server auditing policy). The supported actions to audit are: + SELECT + UPDATE + INSERT + DELETE + EXECUTE + RECEIVE + REFERENCES + The general form for defining an action to be audited is: + <action> ON <object> BY <principal> + Note that <object> in the above format can refer to an object like a table, view, or stored procedure, or an entire database or schema. For the latter cases, the forms DATABASE::<db_name> and SCHEMA::<schema_name> are used, respectively. + For example: + SELECT on dbo.myTable by public + SELECT on DATABASE::myDatabase by public + SELECT on SCHEMA::mySchema by public + For more information, see [Database-Level Audit Actions](https://docs.microsoft.com/en-us/sql/relational-databases/security/auditing/sql-server-audit-action-groups-and-actions#database-level-audit-actions). + * + * @return the auditActionsAndGroups value + */ + public List auditActionsAndGroups() { + return this.auditActionsAndGroups; + } + + /** + * Set specifies the Actions-Groups and Actions to audit. + The recommended set of action groups to use is the following combination - this will audit all the queries and stored procedures executed against the database, as well as successful and failed logins: + BATCH_COMPLETED_GROUP, + SUCCESSFUL_DATABASE_AUTHENTICATION_GROUP, + FAILED_DATABASE_AUTHENTICATION_GROUP. + This above combination is also the set that is configured by default when enabling auditing from the Azure portal. + The supported action groups to audit are (note: choose only specific groups that cover your auditing needs. Using unnecessary groups could lead to very large quantities of audit records): + APPLICATION_ROLE_CHANGE_PASSWORD_GROUP + BACKUP_RESTORE_GROUP + DATABASE_LOGOUT_GROUP + DATABASE_OBJECT_CHANGE_GROUP + DATABASE_OBJECT_OWNERSHIP_CHANGE_GROUP + DATABASE_OBJECT_PERMISSION_CHANGE_GROUP + DATABASE_OPERATION_GROUP + DATABASE_PERMISSION_CHANGE_GROUP + DATABASE_PRINCIPAL_CHANGE_GROUP + DATABASE_PRINCIPAL_IMPERSONATION_GROUP + DATABASE_ROLE_MEMBER_CHANGE_GROUP + FAILED_DATABASE_AUTHENTICATION_GROUP + SCHEMA_OBJECT_ACCESS_GROUP + SCHEMA_OBJECT_CHANGE_GROUP + SCHEMA_OBJECT_OWNERSHIP_CHANGE_GROUP + SCHEMA_OBJECT_PERMISSION_CHANGE_GROUP + SUCCESSFUL_DATABASE_AUTHENTICATION_GROUP + USER_CHANGE_PASSWORD_GROUP + BATCH_STARTED_GROUP + BATCH_COMPLETED_GROUP + These are groups that cover all sql statements and stored procedures executed against the database, and should not be used in combination with other groups as this will result in duplicate audit logs. + For more information, see [Database-Level Audit Action Groups](https://docs.microsoft.com/en-us/sql/relational-databases/security/auditing/sql-server-audit-action-groups-and-actions#database-level-audit-action-groups). + For Database auditing policy, specific Actions can also be specified (note that Actions cannot be specified for Server auditing policy). The supported actions to audit are: + SELECT + UPDATE + INSERT + DELETE + EXECUTE + RECEIVE + REFERENCES + The general form for defining an action to be audited is: + <action> ON <object> BY <principal> + Note that <object> in the above format can refer to an object like a table, view, or stored procedure, or an entire database or schema. For the latter cases, the forms DATABASE::<db_name> and SCHEMA::<schema_name> are used, respectively. + For example: + SELECT on dbo.myTable by public + SELECT on DATABASE::myDatabase by public + SELECT on SCHEMA::mySchema by public + For more information, see [Database-Level Audit Actions](https://docs.microsoft.com/en-us/sql/relational-databases/security/auditing/sql-server-audit-action-groups-and-actions#database-level-audit-actions). + * + * @param auditActionsAndGroups the auditActionsAndGroups value to set + * @return the ServerBlobAuditingPolicyInner object itself. + */ + public ServerBlobAuditingPolicyInner withAuditActionsAndGroups(List auditActionsAndGroups) { + this.auditActionsAndGroups = auditActionsAndGroups; + return this; + } + + /** + * Get specifies the blob storage subscription Id. + * + * @return the storageAccountSubscriptionId value + */ + public UUID storageAccountSubscriptionId() { + return this.storageAccountSubscriptionId; + } + + /** + * Set specifies the blob storage subscription Id. + * + * @param storageAccountSubscriptionId the storageAccountSubscriptionId value to set + * @return the ServerBlobAuditingPolicyInner object itself. + */ + public ServerBlobAuditingPolicyInner withStorageAccountSubscriptionId(UUID storageAccountSubscriptionId) { + this.storageAccountSubscriptionId = storageAccountSubscriptionId; + return this; + } + + /** + * Get specifies whether storageAccountAccessKey value is the storage's secondary key. + * + * @return the isStorageSecondaryKeyInUse value + */ + public Boolean isStorageSecondaryKeyInUse() { + return this.isStorageSecondaryKeyInUse; + } + + /** + * Set specifies whether storageAccountAccessKey value is the storage's secondary key. + * + * @param isStorageSecondaryKeyInUse the isStorageSecondaryKeyInUse value to set + * @return the ServerBlobAuditingPolicyInner object itself. + */ + public ServerBlobAuditingPolicyInner withIsStorageSecondaryKeyInUse(Boolean isStorageSecondaryKeyInUse) { + this.isStorageSecondaryKeyInUse = isStorageSecondaryKeyInUse; + return this; + } + +} diff --git a/azure-mgmt-sql/src/main/java/com/microsoft/azure/management/sql/implementation/ServerSecurityAlertPoliciesInner.java b/azure-mgmt-sql/src/main/java/com/microsoft/azure/management/sql/implementation/ServerSecurityAlertPoliciesInner.java new file mode 100644 index 00000000000..a7cffc88c1e --- /dev/null +++ b/azure-mgmt-sql/src/main/java/com/microsoft/azure/management/sql/implementation/ServerSecurityAlertPoliciesInner.java @@ -0,0 +1,326 @@ +/** + * Copyright (c) Microsoft Corporation. All rights reserved. + * Licensed under the MIT License. See License.txt in the project root for + * license information. + * + * Code generated by Microsoft (R) AutoRest Code Generator. + */ + +package com.microsoft.azure.management.sql.implementation; + +import retrofit2.Retrofit; +import com.google.common.reflect.TypeToken; +import com.microsoft.azure.CloudException; +import com.microsoft.rest.ServiceCallback; +import com.microsoft.rest.ServiceFuture; +import com.microsoft.rest.ServiceResponse; +import com.microsoft.rest.Validator; +import java.io.IOException; +import okhttp3.ResponseBody; +import retrofit2.http.Body; +import retrofit2.http.GET; +import retrofit2.http.Header; +import retrofit2.http.Headers; +import retrofit2.http.Path; +import retrofit2.http.PUT; +import retrofit2.http.Query; +import retrofit2.Response; +import rx.functions.Func1; +import rx.Observable; + +/** + * An instance of this class provides access to all the operations defined + * in ServerSecurityAlertPolicies. + */ +public class ServerSecurityAlertPoliciesInner { + /** The Retrofit service to perform REST calls. */ + private ServerSecurityAlertPoliciesService service; + /** The service client containing this operation class. */ + private SqlManagementClientImpl client; + + /** + * Initializes an instance of ServerSecurityAlertPoliciesInner. + * + * @param retrofit the Retrofit instance built from a Retrofit Builder. + * @param client the instance of the service client containing this operation class. + */ + public ServerSecurityAlertPoliciesInner(Retrofit retrofit, SqlManagementClientImpl client) { + this.service = retrofit.create(ServerSecurityAlertPoliciesService.class); + this.client = client; + } + + /** + * The interface defining all the services for ServerSecurityAlertPolicies to be + * used by Retrofit to perform actually REST calls. + */ + interface ServerSecurityAlertPoliciesService { + @Headers({ "Content-Type: application/json; charset=utf-8", "x-ms-logging-context: com.microsoft.azure.management.sql.ServerSecurityAlertPolicies get" }) + @GET("subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Sql/servers/{serverName}/securityAlertPolicies/{securityAlertPolicyName}") + Observable> get(@Path("resourceGroupName") String resourceGroupName, @Path("serverName") String serverName, @Path("securityAlertPolicyName") String securityAlertPolicyName, @Path("subscriptionId") String subscriptionId, @Query("api-version") String apiVersion, @Header("accept-language") String acceptLanguage, @Header("User-Agent") String userAgent); + + @Headers({ "Content-Type: application/json; charset=utf-8", "x-ms-logging-context: com.microsoft.azure.management.sql.ServerSecurityAlertPolicies createOrUpdate" }) + @PUT("subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Sql/servers/{serverName}/securityAlertPolicies/{securityAlertPolicyName}") + Observable> createOrUpdate(@Path("resourceGroupName") String resourceGroupName, @Path("serverName") String serverName, @Path("securityAlertPolicyName") String securityAlertPolicyName, @Path("subscriptionId") String subscriptionId, @Body ServerSecurityAlertPolicyInner parameters, @Query("api-version") String apiVersion, @Header("accept-language") String acceptLanguage, @Header("User-Agent") String userAgent); + + @Headers({ "Content-Type: application/json; charset=utf-8", "x-ms-logging-context: com.microsoft.azure.management.sql.ServerSecurityAlertPolicies beginCreateOrUpdate" }) + @PUT("subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Sql/servers/{serverName}/securityAlertPolicies/{securityAlertPolicyName}") + Observable> beginCreateOrUpdate(@Path("resourceGroupName") String resourceGroupName, @Path("serverName") String serverName, @Path("securityAlertPolicyName") String securityAlertPolicyName, @Path("subscriptionId") String subscriptionId, @Body ServerSecurityAlertPolicyInner parameters, @Query("api-version") String apiVersion, @Header("accept-language") String acceptLanguage, @Header("User-Agent") String userAgent); + + } + + /** + * Get a server's security alert policy. + * + * @param resourceGroupName The name of the resource group that contains the resource. You can obtain this value from the Azure Resource Manager API or the portal. + * @param serverName The name of the server. + * @throws IllegalArgumentException thrown if parameters fail the validation + * @throws CloudException thrown if the request is rejected by server + * @throws RuntimeException all other wrapped checked exceptions if the request fails to be sent + * @return the ServerSecurityAlertPolicyInner object if successful. + */ + public ServerSecurityAlertPolicyInner get(String resourceGroupName, String serverName) { + return getWithServiceResponseAsync(resourceGroupName, serverName).toBlocking().single().body(); + } + + /** + * Get a server's security alert policy. + * + * @param resourceGroupName The name of the resource group that contains the resource. You can obtain this value from the Azure Resource Manager API or the portal. + * @param serverName The name of the server. + * @param serviceCallback the async ServiceCallback to handle successful and failed responses. + * @throws IllegalArgumentException thrown if parameters fail the validation + * @return the {@link ServiceFuture} object + */ + public ServiceFuture getAsync(String resourceGroupName, String serverName, final ServiceCallback serviceCallback) { + return ServiceFuture.fromResponse(getWithServiceResponseAsync(resourceGroupName, serverName), serviceCallback); + } + + /** + * Get a server's security alert policy. + * + * @param resourceGroupName The name of the resource group that contains the resource. You can obtain this value from the Azure Resource Manager API or the portal. + * @param serverName The name of the server. + * @throws IllegalArgumentException thrown if parameters fail the validation + * @return the observable to the ServerSecurityAlertPolicyInner object + */ + public Observable getAsync(String resourceGroupName, String serverName) { + return getWithServiceResponseAsync(resourceGroupName, serverName).map(new Func1, ServerSecurityAlertPolicyInner>() { + @Override + public ServerSecurityAlertPolicyInner call(ServiceResponse response) { + return response.body(); + } + }); + } + + /** + * Get a server's security alert policy. + * + * @param resourceGroupName The name of the resource group that contains the resource. You can obtain this value from the Azure Resource Manager API or the portal. + * @param serverName The name of the server. + * @throws IllegalArgumentException thrown if parameters fail the validation + * @return the observable to the ServerSecurityAlertPolicyInner object + */ + public Observable> getWithServiceResponseAsync(String resourceGroupName, String serverName) { + if (resourceGroupName == null) { + throw new IllegalArgumentException("Parameter resourceGroupName is required and cannot be null."); + } + if (serverName == null) { + throw new IllegalArgumentException("Parameter serverName is required and cannot be null."); + } + if (this.client.subscriptionId() == null) { + throw new IllegalArgumentException("Parameter this.client.subscriptionId() is required and cannot be null."); + } + final String securityAlertPolicyName = "Default"; + final String apiVersion = "2017-03-01-preview"; + return service.get(resourceGroupName, serverName, securityAlertPolicyName, this.client.subscriptionId(), apiVersion, this.client.acceptLanguage(), this.client.userAgent()) + .flatMap(new Func1, Observable>>() { + @Override + public Observable> call(Response response) { + try { + ServiceResponse clientResponse = getDelegate(response); + return Observable.just(clientResponse); + } catch (Throwable t) { + return Observable.error(t); + } + } + }); + } + + private ServiceResponse getDelegate(Response response) throws CloudException, IOException, IllegalArgumentException { + return this.client.restClient().responseBuilderFactory().newInstance(this.client.serializerAdapter()) + .register(200, new TypeToken() { }.getType()) + .registerError(CloudException.class) + .build(response); + } + + /** + * Creates or updates a threat detection policy. + * + * @param resourceGroupName The name of the resource group that contains the resource. You can obtain this value from the Azure Resource Manager API or the portal. + * @param serverName The name of the server. + * @param parameters The server security alert policy. + * @throws IllegalArgumentException thrown if parameters fail the validation + * @throws CloudException thrown if the request is rejected by server + * @throws RuntimeException all other wrapped checked exceptions if the request fails to be sent + * @return the ServerSecurityAlertPolicyInner object if successful. + */ + public ServerSecurityAlertPolicyInner createOrUpdate(String resourceGroupName, String serverName, ServerSecurityAlertPolicyInner parameters) { + return createOrUpdateWithServiceResponseAsync(resourceGroupName, serverName, parameters).toBlocking().last().body(); + } + + /** + * Creates or updates a threat detection policy. + * + * @param resourceGroupName The name of the resource group that contains the resource. You can obtain this value from the Azure Resource Manager API or the portal. + * @param serverName The name of the server. + * @param parameters The server security alert policy. + * @param serviceCallback the async ServiceCallback to handle successful and failed responses. + * @throws IllegalArgumentException thrown if parameters fail the validation + * @return the {@link ServiceFuture} object + */ + public ServiceFuture createOrUpdateAsync(String resourceGroupName, String serverName, ServerSecurityAlertPolicyInner parameters, final ServiceCallback serviceCallback) { + return ServiceFuture.fromResponse(createOrUpdateWithServiceResponseAsync(resourceGroupName, serverName, parameters), serviceCallback); + } + + /** + * Creates or updates a threat detection policy. + * + * @param resourceGroupName The name of the resource group that contains the resource. You can obtain this value from the Azure Resource Manager API or the portal. + * @param serverName The name of the server. + * @param parameters The server security alert policy. + * @throws IllegalArgumentException thrown if parameters fail the validation + * @return the observable for the request + */ + public Observable createOrUpdateAsync(String resourceGroupName, String serverName, ServerSecurityAlertPolicyInner parameters) { + return createOrUpdateWithServiceResponseAsync(resourceGroupName, serverName, parameters).map(new Func1, ServerSecurityAlertPolicyInner>() { + @Override + public ServerSecurityAlertPolicyInner call(ServiceResponse response) { + return response.body(); + } + }); + } + + /** + * Creates or updates a threat detection policy. + * + * @param resourceGroupName The name of the resource group that contains the resource. You can obtain this value from the Azure Resource Manager API or the portal. + * @param serverName The name of the server. + * @param parameters The server security alert policy. + * @throws IllegalArgumentException thrown if parameters fail the validation + * @return the observable for the request + */ + public Observable> createOrUpdateWithServiceResponseAsync(String resourceGroupName, String serverName, ServerSecurityAlertPolicyInner parameters) { + if (resourceGroupName == null) { + throw new IllegalArgumentException("Parameter resourceGroupName is required and cannot be null."); + } + if (serverName == null) { + throw new IllegalArgumentException("Parameter serverName is required and cannot be null."); + } + if (this.client.subscriptionId() == null) { + throw new IllegalArgumentException("Parameter this.client.subscriptionId() is required and cannot be null."); + } + if (parameters == null) { + throw new IllegalArgumentException("Parameter parameters is required and cannot be null."); + } + Validator.validate(parameters); + final String securityAlertPolicyName = "Default"; + final String apiVersion = "2017-03-01-preview"; + Observable> observable = service.createOrUpdate(resourceGroupName, serverName, securityAlertPolicyName, this.client.subscriptionId(), parameters, apiVersion, this.client.acceptLanguage(), this.client.userAgent()); + return client.getAzureClient().getPutOrPatchResultAsync(observable, new TypeToken() { }.getType()); + } + + /** + * Creates or updates a threat detection policy. + * + * @param resourceGroupName The name of the resource group that contains the resource. You can obtain this value from the Azure Resource Manager API or the portal. + * @param serverName The name of the server. + * @param parameters The server security alert policy. + * @throws IllegalArgumentException thrown if parameters fail the validation + * @throws CloudException thrown if the request is rejected by server + * @throws RuntimeException all other wrapped checked exceptions if the request fails to be sent + * @return the ServerSecurityAlertPolicyInner object if successful. + */ + public ServerSecurityAlertPolicyInner beginCreateOrUpdate(String resourceGroupName, String serverName, ServerSecurityAlertPolicyInner parameters) { + return beginCreateOrUpdateWithServiceResponseAsync(resourceGroupName, serverName, parameters).toBlocking().single().body(); + } + + /** + * Creates or updates a threat detection policy. + * + * @param resourceGroupName The name of the resource group that contains the resource. You can obtain this value from the Azure Resource Manager API or the portal. + * @param serverName The name of the server. + * @param parameters The server security alert policy. + * @param serviceCallback the async ServiceCallback to handle successful and failed responses. + * @throws IllegalArgumentException thrown if parameters fail the validation + * @return the {@link ServiceFuture} object + */ + public ServiceFuture beginCreateOrUpdateAsync(String resourceGroupName, String serverName, ServerSecurityAlertPolicyInner parameters, final ServiceCallback serviceCallback) { + return ServiceFuture.fromResponse(beginCreateOrUpdateWithServiceResponseAsync(resourceGroupName, serverName, parameters), serviceCallback); + } + + /** + * Creates or updates a threat detection policy. + * + * @param resourceGroupName The name of the resource group that contains the resource. You can obtain this value from the Azure Resource Manager API or the portal. + * @param serverName The name of the server. + * @param parameters The server security alert policy. + * @throws IllegalArgumentException thrown if parameters fail the validation + * @return the observable to the ServerSecurityAlertPolicyInner object + */ + public Observable beginCreateOrUpdateAsync(String resourceGroupName, String serverName, ServerSecurityAlertPolicyInner parameters) { + return beginCreateOrUpdateWithServiceResponseAsync(resourceGroupName, serverName, parameters).map(new Func1, ServerSecurityAlertPolicyInner>() { + @Override + public ServerSecurityAlertPolicyInner call(ServiceResponse response) { + return response.body(); + } + }); + } + + /** + * Creates or updates a threat detection policy. + * + * @param resourceGroupName The name of the resource group that contains the resource. You can obtain this value from the Azure Resource Manager API or the portal. + * @param serverName The name of the server. + * @param parameters The server security alert policy. + * @throws IllegalArgumentException thrown if parameters fail the validation + * @return the observable to the ServerSecurityAlertPolicyInner object + */ + public Observable> beginCreateOrUpdateWithServiceResponseAsync(String resourceGroupName, String serverName, ServerSecurityAlertPolicyInner parameters) { + if (resourceGroupName == null) { + throw new IllegalArgumentException("Parameter resourceGroupName is required and cannot be null."); + } + if (serverName == null) { + throw new IllegalArgumentException("Parameter serverName is required and cannot be null."); + } + if (this.client.subscriptionId() == null) { + throw new IllegalArgumentException("Parameter this.client.subscriptionId() is required and cannot be null."); + } + if (parameters == null) { + throw new IllegalArgumentException("Parameter parameters is required and cannot be null."); + } + Validator.validate(parameters); + final String securityAlertPolicyName = "Default"; + final String apiVersion = "2017-03-01-preview"; + return service.beginCreateOrUpdate(resourceGroupName, serverName, securityAlertPolicyName, this.client.subscriptionId(), parameters, apiVersion, this.client.acceptLanguage(), this.client.userAgent()) + .flatMap(new Func1, Observable>>() { + @Override + public Observable> call(Response response) { + try { + ServiceResponse clientResponse = beginCreateOrUpdateDelegate(response); + return Observable.just(clientResponse); + } catch (Throwable t) { + return Observable.error(t); + } + } + }); + } + + private ServiceResponse beginCreateOrUpdateDelegate(Response response) throws CloudException, IOException, IllegalArgumentException { + return this.client.restClient().responseBuilderFactory().newInstance(this.client.serializerAdapter()) + .register(200, new TypeToken() { }.getType()) + .register(202, new TypeToken() { }.getType()) + .registerError(CloudException.class) + .build(response); + } + +} diff --git a/azure-mgmt-sql/src/main/java/com/microsoft/azure/management/sql/implementation/ServerSecurityAlertPolicyInner.java b/azure-mgmt-sql/src/main/java/com/microsoft/azure/management/sql/implementation/ServerSecurityAlertPolicyInner.java new file mode 100644 index 00000000000..8f798e0c300 --- /dev/null +++ b/azure-mgmt-sql/src/main/java/com/microsoft/azure/management/sql/implementation/ServerSecurityAlertPolicyInner.java @@ -0,0 +1,208 @@ +/** + * Copyright (c) Microsoft Corporation. All rights reserved. + * Licensed under the MIT License. See License.txt in the project root for + * license information. + * + * Code generated by Microsoft (R) AutoRest Code Generator. + */ + +package com.microsoft.azure.management.sql.implementation; + +import com.microsoft.azure.management.sql.SecurityAlertState; +import java.util.List; +import com.fasterxml.jackson.annotation.JsonProperty; +import com.microsoft.rest.serializer.JsonFlatten; + +/** + * A server security alert policy. + */ +@JsonFlatten +public class ServerSecurityAlertPolicyInner extends ProxyResourceInner { + /** + * Specifies the state of the policy, whether it is enabled or disabled. + * Possible values include: 'Enabled', 'Disabled'. + */ + @JsonProperty(value = "properties.state", required = true) + private SecurityAlertState state; + + /** + * Specifies an array of alerts that are disabled. Allowed values are: + * Sql_Injection, Sql_Injection_Vulnerability, Access_Anomaly. + */ + @JsonProperty(value = "properties.disabledAlerts") + private List disabledAlerts; + + /** + * Specifies an array of e-mail addresses to which the alert is sent. + */ + @JsonProperty(value = "properties.emailAddresses") + private List emailAddresses; + + /** + * Specifies that the alert is sent to the account administrators. + */ + @JsonProperty(value = "properties.emailAccountAdmins") + private Boolean emailAccountAdmins; + + /** + * Specifies the blob storage endpoint (e.g. + * https://MyAccount.blob.core.windows.net). This blob storage will hold + * all Threat Detection audit logs. + */ + @JsonProperty(value = "properties.storageEndpoint") + private String storageEndpoint; + + /** + * Specifies the identifier key of the Threat Detection audit storage + * account. + */ + @JsonProperty(value = "properties.storageAccountAccessKey") + private String storageAccountAccessKey; + + /** + * Specifies the number of days to keep in the Threat Detection audit logs. + */ + @JsonProperty(value = "properties.retentionDays") + private Integer retentionDays; + + /** + * Get specifies the state of the policy, whether it is enabled or disabled. Possible values include: 'Enabled', 'Disabled'. + * + * @return the state value + */ + public SecurityAlertState state() { + return this.state; + } + + /** + * Set specifies the state of the policy, whether it is enabled or disabled. Possible values include: 'Enabled', 'Disabled'. + * + * @param state the state value to set + * @return the ServerSecurityAlertPolicyInner object itself. + */ + public ServerSecurityAlertPolicyInner withState(SecurityAlertState state) { + this.state = state; + return this; + } + + /** + * Get specifies an array of alerts that are disabled. Allowed values are: Sql_Injection, Sql_Injection_Vulnerability, Access_Anomaly. + * + * @return the disabledAlerts value + */ + public List disabledAlerts() { + return this.disabledAlerts; + } + + /** + * Set specifies an array of alerts that are disabled. Allowed values are: Sql_Injection, Sql_Injection_Vulnerability, Access_Anomaly. + * + * @param disabledAlerts the disabledAlerts value to set + * @return the ServerSecurityAlertPolicyInner object itself. + */ + public ServerSecurityAlertPolicyInner withDisabledAlerts(List disabledAlerts) { + this.disabledAlerts = disabledAlerts; + return this; + } + + /** + * Get specifies an array of e-mail addresses to which the alert is sent. + * + * @return the emailAddresses value + */ + public List emailAddresses() { + return this.emailAddresses; + } + + /** + * Set specifies an array of e-mail addresses to which the alert is sent. + * + * @param emailAddresses the emailAddresses value to set + * @return the ServerSecurityAlertPolicyInner object itself. + */ + public ServerSecurityAlertPolicyInner withEmailAddresses(List emailAddresses) { + this.emailAddresses = emailAddresses; + return this; + } + + /** + * Get specifies that the alert is sent to the account administrators. + * + * @return the emailAccountAdmins value + */ + public Boolean emailAccountAdmins() { + return this.emailAccountAdmins; + } + + /** + * Set specifies that the alert is sent to the account administrators. + * + * @param emailAccountAdmins the emailAccountAdmins value to set + * @return the ServerSecurityAlertPolicyInner object itself. + */ + public ServerSecurityAlertPolicyInner withEmailAccountAdmins(Boolean emailAccountAdmins) { + this.emailAccountAdmins = emailAccountAdmins; + return this; + } + + /** + * Get specifies the blob storage endpoint (e.g. https://MyAccount.blob.core.windows.net). This blob storage will hold all Threat Detection audit logs. + * + * @return the storageEndpoint value + */ + public String storageEndpoint() { + return this.storageEndpoint; + } + + /** + * Set specifies the blob storage endpoint (e.g. https://MyAccount.blob.core.windows.net). This blob storage will hold all Threat Detection audit logs. + * + * @param storageEndpoint the storageEndpoint value to set + * @return the ServerSecurityAlertPolicyInner object itself. + */ + public ServerSecurityAlertPolicyInner withStorageEndpoint(String storageEndpoint) { + this.storageEndpoint = storageEndpoint; + return this; + } + + /** + * Get specifies the identifier key of the Threat Detection audit storage account. + * + * @return the storageAccountAccessKey value + */ + public String storageAccountAccessKey() { + return this.storageAccountAccessKey; + } + + /** + * Set specifies the identifier key of the Threat Detection audit storage account. + * + * @param storageAccountAccessKey the storageAccountAccessKey value to set + * @return the ServerSecurityAlertPolicyInner object itself. + */ + public ServerSecurityAlertPolicyInner withStorageAccountAccessKey(String storageAccountAccessKey) { + this.storageAccountAccessKey = storageAccountAccessKey; + return this; + } + + /** + * Get specifies the number of days to keep in the Threat Detection audit logs. + * + * @return the retentionDays value + */ + public Integer retentionDays() { + return this.retentionDays; + } + + /** + * Set specifies the number of days to keep in the Threat Detection audit logs. + * + * @param retentionDays the retentionDays value to set + * @return the ServerSecurityAlertPolicyInner object itself. + */ + public ServerSecurityAlertPolicyInner withRetentionDays(Integer retentionDays) { + this.retentionDays = retentionDays; + return this; + } + +} diff --git a/azure-mgmt-sql/src/main/java/com/microsoft/azure/management/sql/implementation/SqlManagementClientImpl.java b/azure-mgmt-sql/src/main/java/com/microsoft/azure/management/sql/implementation/SqlManagementClientImpl.java index 9871e7789e4..98fd8e24512 100644 --- a/azure-mgmt-sql/src/main/java/com/microsoft/azure/management/sql/implementation/SqlManagementClientImpl.java +++ b/azure-mgmt-sql/src/main/java/com/microsoft/azure/management/sql/implementation/SqlManagementClientImpl.java @@ -783,6 +783,19 @@ public ServerDnsAliasesInner serverDnsAliases() { return this.serverDnsAliases; } + /** + * The ServerSecurityAlertPoliciesInner object to access its operations. + */ + private ServerSecurityAlertPoliciesInner serverSecurityAlertPolicies; + + /** + * Gets the ServerSecurityAlertPoliciesInner object to access its operations. + * @return the ServerSecurityAlertPoliciesInner object. + */ + public ServerSecurityAlertPoliciesInner serverSecurityAlertPolicies() { + return this.serverSecurityAlertPolicies; + } + /** * The RestorePointsInner object to access its operations. */ @@ -959,6 +972,7 @@ protected void initialize() { this.managedDatabases = new ManagedDatabasesInner(restClient().retrofit(), this); this.serverAutomaticTunings = new ServerAutomaticTuningsInner(restClient().retrofit(), this); this.serverDnsAliases = new ServerDnsAliasesInner(restClient().retrofit(), this); + this.serverSecurityAlertPolicies = new ServerSecurityAlertPoliciesInner(restClient().retrofit(), this); this.restorePoints = new RestorePointsInner(restClient().retrofit(), this); this.databaseOperations = new DatabaseOperationsInner(restClient().retrofit(), this); this.elasticPoolOperations = new ElasticPoolOperationsInner(restClient().retrofit(), this);