[AutoPR sql/resource-manager] Adding serverSecurityAlertPolicies.json from pr

lib/services/sqlManagement2/lib/models/extendedDatabaseBlobAuditingPolicy.js

@@ -0,0 +1,225 @@
+/*
+ * Copyright (c) Microsoft Corporation. All rights reserved.
+ * Licensed under the MIT License. See License.txt in the project root for
+ * license information.
+ *
+ * Code generated by Microsoft (R) AutoRest Code Generator.
+ * Changes may cause incorrect behavior and will be lost if the code is
+ * regenerated.
+ */
+
+'use strict';
+
+const models = require('./index');
+
+/**
+ * An extended database blob auditing policy.
+ *
+ * @extends models['ProxyResource']
+ */
+class ExtendedDatabaseBlobAuditingPolicy extends models['ProxyResource'] {
+  /**
+   * Create a ExtendedDatabaseBlobAuditingPolicy.
+   * @member {string} [predicateExpression] Specifies condition of where clause
+   * when creating an audit.
+   * @member {string} state Specifies the state of the policy. If state is
+   * Enabled, storageEndpoint and storageAccountAccessKey are required.
+   * Possible values include: 'Enabled', 'Disabled'
+   * @member {string} [storageEndpoint] Specifies the blob storage endpoint
+   * (e.g. https://MyAccount.blob.core.windows.net). If state is Enabled,
+   * storageEndpoint is required.
+   * @member {string} [storageAccountAccessKey] Specifies the identifier key of
+   * the auditing storage account. If state is Enabled, storageAccountAccessKey
+   * is required.
+   * @member {number} [retentionDays] Specifies the number of days to keep in
+   * the audit logs.
+   * @member {array} [auditActionsAndGroups] Specifies the Actions-Groups and
+   * Actions to audit.
+   *
+   * The recommended set of action groups to use is the following combination -
+   * this will audit all the queries and stored procedures executed against the
+   * database, as well as successful and failed logins:
+   *
+   * BATCH_COMPLETED_GROUP,
+   * SUCCESSFUL_DATABASE_AUTHENTICATION_GROUP,
+   * FAILED_DATABASE_AUTHENTICATION_GROUP.
+   *
+   * This above combination is also the set that is configured by default when
+   * enabling auditing from the Azure portal.
+   *
+   * The supported action groups to audit are (note: choose only specific
+   * groups that cover your auditing needs. Using unnecessary groups could lead
+   * to very large quantities of audit records):
+   *
+   * APPLICATION_ROLE_CHANGE_PASSWORD_GROUP
+   * BACKUP_RESTORE_GROUP
+   * DATABASE_LOGOUT_GROUP
+   * DATABASE_OBJECT_CHANGE_GROUP
+   * DATABASE_OBJECT_OWNERSHIP_CHANGE_GROUP
+   * DATABASE_OBJECT_PERMISSION_CHANGE_GROUP
+   * DATABASE_OPERATION_GROUP
+   * DATABASE_PERMISSION_CHANGE_GROUP
+   * DATABASE_PRINCIPAL_CHANGE_GROUP
+   * DATABASE_PRINCIPAL_IMPERSONATION_GROUP
+   * DATABASE_ROLE_MEMBER_CHANGE_GROUP
+   * FAILED_DATABASE_AUTHENTICATION_GROUP
+   * SCHEMA_OBJECT_ACCESS_GROUP
+   * SCHEMA_OBJECT_CHANGE_GROUP
+   * SCHEMA_OBJECT_OWNERSHIP_CHANGE_GROUP
+   * SCHEMA_OBJECT_PERMISSION_CHANGE_GROUP
+   * SUCCESSFUL_DATABASE_AUTHENTICATION_GROUP
+   * USER_CHANGE_PASSWORD_GROUP
+   * BATCH_STARTED_GROUP
+   * BATCH_COMPLETED_GROUP
+   *
+   * These are groups that cover all sql statements and stored procedures
+   * executed against the database, and should not be used in combination with
+   * other groups as this will result in duplicate audit logs.
+   *
+   * For more information, see [Database-Level Audit Action
+   * Groups](https://docs.microsoft.com/en-us/sql/relational-databases/security/auditing/sql-server-audit-action-groups-and-actions#database-level-audit-action-groups).
+   *
+   * For Database auditing policy, specific Actions can also be specified (note
+   * that Actions cannot be specified for Server auditing policy). The
+   * supported actions to audit are:
+   * SELECT
+   * UPDATE
+   * INSERT
+   * DELETE
+   * EXECUTE
+   * RECEIVE
+   * REFERENCES
+   *
+   * The general form for defining an action to be audited is:
+   * <action> ON <object> BY <principal>
+   *
+   * Note that <object> in the above format can refer to an object like a
+   * table, view, or stored procedure, or an entire database or schema. For the
+   * latter cases, the forms DATABASE::<db_name> and SCHEMA::<schema_name> are
+   * used, respectively.
+   *
+   * For example:
+   * SELECT on dbo.myTable by public
+   * SELECT on DATABASE::myDatabase by public
+   * SELECT on SCHEMA::mySchema by public
+   *
+   * For more information, see [Database-Level Audit
+   * Actions](https://docs.microsoft.com/en-us/sql/relational-databases/security/auditing/sql-server-audit-action-groups-and-actions#database-level-audit-actions)
+   * @member {uuid} [storageAccountSubscriptionId] Specifies the blob storage
+   * subscription Id.
+   * @member {boolean} [isStorageSecondaryKeyInUse] Specifies whether
+   * storageAccountAccessKey value is the storage's secondary key.
+   */
+  constructor() {
+    super();
+  }
+
+  /**
+   * Defines the metadata of ExtendedDatabaseBlobAuditingPolicy
+   *
+   * @returns {object} metadata of ExtendedDatabaseBlobAuditingPolicy
+   *
+   */
+  mapper() {
+    return {
+      required: false,
+      serializedName: 'ExtendedDatabaseBlobAuditingPolicy',
+      type: {
+        name: 'Composite',
+        className: 'ExtendedDatabaseBlobAuditingPolicy',
+        modelProperties: {
+          id: {
+            required: false,
+            readOnly: true,
+            serializedName: 'id',
+            type: {
+              name: 'String'
+            }
+          },
+          name: {
+            required: false,
+            readOnly: true,
+            serializedName: 'name',
+            type: {
+              name: 'String'
+            }
+          },
+          type: {
+            required: false,
+            readOnly: true,
+            serializedName: 'type',
+            type: {
+              name: 'String'
+            }
+          },
+          predicateExpression: {
+            required: false,
+            serializedName: 'properties.predicateExpression',
+            type: {
+              name: 'String'
+            }
+          },
+          state: {
+            required: true,
+            serializedName: 'properties.state',
+            type: {
+              name: 'Enum',
+              allowedValues: [ 'Enabled', 'Disabled' ]
+            }
+          },
+          storageEndpoint: {
+            required: false,
+            serializedName: 'properties.storageEndpoint',
+            type: {
+              name: 'String'
+            }
+          },
+          storageAccountAccessKey: {
+            required: false,
+            serializedName: 'properties.storageAccountAccessKey',
+            type: {
+              name: 'String'
+            }
+          },
+          retentionDays: {
+            required: false,
+            serializedName: 'properties.retentionDays',
+            type: {
+              name: 'Number'
+            }
+          },
+          auditActionsAndGroups: {
+            required: false,
+            serializedName: 'properties.auditActionsAndGroups',
+            type: {
+              name: 'Sequence',
+              element: {
+                  required: false,
+                  serializedName: 'StringElementType',
+                  type: {
+                    name: 'String'
+                  }
+              }
+            }
+          },
+          storageAccountSubscriptionId: {
+            required: false,
+            serializedName: 'properties.storageAccountSubscriptionId',
+            type: {
+              name: 'String'
+            }
+          },
+          isStorageSecondaryKeyInUse: {
+            required: false,
+            serializedName: 'properties.isStorageSecondaryKeyInUse',
+            type: {
+              name: 'Boolean'
+            }
+          }
+        }
+      }
+    };
+  }
+}
+
+module.exports = ExtendedDatabaseBlobAuditingPolicy;