Merge pull request #6895 from chlahav/preview

Introducing Azure Security Center module

Author: cormacpayne

src/ResourceManager/Security/Commands.Security.Test/Commands.Security.Test.csproj

@@ -0,0 +1,50 @@
+// ----------------------------------------------------------------------------------
+//
+// Copyright Microsoft Corporation
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+// http://www.apache.org/licenses/LICENSE-2.0
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+// ----------------------------------------------------------------------------------
+
+using System.Reflection;
+using System.Runtime.CompilerServices;
+using System.Runtime.InteropServices;
+
+// General Information about an assembly is controlled through the following
+// set of attributes. Change these attribute values to modify the information
+// associated with an assembly.
+[assembly: AssemblyTitle("Commands.Security.Test")]
+[assembly: AssemblyDescription("")]
+[assembly: AssemblyConfiguration("")]
+[assembly: AssemblyCompany("")]
+[assembly: AssemblyProduct("Commands.Security.Test")]
+[assembly: AssemblyCopyright("Copyright ©  2018")]
+[assembly: AssemblyTrademark("")]
+[assembly: AssemblyCulture("")]
+
+// Setting ComVisible to false makes the types in this assembly not visible
+// to COM components.  If you need to access a type in this assembly from
+// COM, set the ComVisible attribute to true on that type.
+[assembly: ComVisible(false)]
+
+// The following GUID is for the ID of the typelib if this project is exposed to COM
+[assembly: Guid("9f866d20-059a-4dab-af42-18e37f503e30")]
+
+// Version information for an assembly consists of the following four values:
+//
+//      Major Version
+//      Minor Version
+//      Build Number
+//      Revision
+//
+// You can specify all the values or you can default the Build and Revision Numbers
+// by using the '*' as shown below:
+// [assembly: AssemblyVersion("1.0.*")]
+[assembly: AssemblyVersion("1.0.0.0")]
+[assembly: AssemblyFileVersion("1.0.0.0")]

src/ResourceManager/Security/Commands.Security.Test/Properties/AssemblyInfo.cs

@@ -0,0 +1,48 @@
+# ----------------------------------------------------------------------------------
+#
+# Copyright Microsoft Corporation
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+# http://www.apache.org/licenses/LICENSE-2.0
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ----------------------------------------------------------------------------------
+
+<#
+.SYNOPSIS
+Gets test resource group name
+#>
+function Get-TestResourceGroupName
+{
+	"myService1"
+}
+
+<#
+.SYNOPSIS
+Gets test resource group name
+#>
+function Extract-ResourceLocation{
+param(
+	[string]$ResourceId
+)
+	$match = [Regex]::Match($ResourceId, "locations/(.*?)/")
+
+	return $match.Captures.Groups[1].Value
+}
+
+<#
+.SYNOPSIS
+Gets test resource group name
+#>
+function Extract-ResourceGroup{
+param(
+	[string]$ResourceId
+)
+	$match = [Regex]::Match($ResourceId, "resourceGroups/(.*?)/")
+
+	return $match.Captures.Groups[1].Value
+}

src/ResourceManager/Security/Commands.Security.Test/ScenarioTests/Common.ps1

@@ -0,0 +1,89 @@
+// ----------------------------------------------------------------------------------
+//
+// Copyright Microsoft Corporation
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+// http://www.apache.org/licenses/LICENSE-2.0
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+// ----------------------------------------------------------------------------------
+
+using Microsoft.Azure.Commands.ScenarioTest;
+using Microsoft.Azure.ServiceManagemenet.Common.Models;
+using Microsoft.WindowsAzure.Commands.ScenarioTest;
+using Xunit;
+
+namespace Microsoft.Azure.Commands.Security.Test.ScenarioTests
+{
+    public class SecurityAlertTests
+    {
+        private readonly XunitTracingInterceptor _logger;
+
+        public SecurityAlertTests(Xunit.Abstractions.ITestOutputHelper output)
+        {
+            _logger = new XunitTracingInterceptor(output);
+            XunitTracingInterceptor.AddToContext(_logger);
+            TestExecutionHelpers.SetUpSessionAndProfile();
+        }
+
+        [Fact]
+        [Trait(Category.AcceptanceType, Category.CheckIn)]
+        public void GetSubscriptionScope()
+        {
+            TestController.NewInstance.RunPowerShellTest(_logger, "Get-AzureRmSecurityAlert-SubscriptionScope");
+        }
+
+        [Fact]
+        [Trait(Category.AcceptanceType, Category.CheckIn)]
+        public void GetResourceGroupScope()
+        {
+            TestController.NewInstance.RunPowerShellTest(_logger, "Get-AzureRmSecurityAlert-ResourceGroupScope");
+        }
+
+        [Fact]
+        [Trait(Category.AcceptanceType, Category.CheckIn)]
+        public void GetResourceGroupLevelResource()
+        {
+            TestController.NewInstance.RunPowerShellTest(_logger, "Get-AzureRmSecurityAlert-ResourceGroupLevelResource");
+        }
+
+        [Fact]
+        [Trait(Category.AcceptanceType, Category.CheckIn)]
+        public void GetSubscriptionLevelResource()
+        {
+            TestController.NewInstance.RunPowerShellTest(_logger, "Get-AzureRmSecurityAlert-SubscriptionLevelResource");
+        }
+
+        [Fact]
+        [Trait(Category.AcceptanceType, Category.CheckIn)]
+        public void GetResourceId()
+        {
+            TestController.NewInstance.RunPowerShellTest(_logger, "Get-AzureRmSecurityAlert-ResourceId");
+        }
+
+        [Fact]
+        [Trait(Category.AcceptanceType, Category.CheckIn)]
+        public void SetResourceGroupLevelResource()
+        {
+            TestController.NewInstance.RunPowerShellTest(_logger, "Set-AzureRmSecurityAlert-ResourceGroupLevelResource");
+        }
+
+        [Fact]
+        [Trait(Category.AcceptanceType, Category.CheckIn)]
+        public void SetSubscriptionLevelResource()
+        {
+            TestController.NewInstance.RunPowerShellTest(_logger, "Set-AzureRmSecurityAlert-SubscriptionLevelResource");
+        }
+
+        [Fact]
+        [Trait(Category.AcceptanceType, Category.CheckIn)]
+        public void SetResourceId()
+        {
+            TestController.NewInstance.RunPowerShellTest(_logger, "Set-AzureRmSecurityAlert-ResourceId");
+        }
+    }
+}

src/ResourceManager/Security/Commands.Security.Test/ScenarioTests/SecurityAlertTests.cs

@@ -0,0 +1,170 @@
+# ----------------------------------------------------------------------------------
+#
+# Copyright Microsoft Corporation
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+# http://www.apache.org/licenses/LICENSE-2.0
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ----------------------------------------------------------------------------------
+
+<#
+.SYNOPSIS
+Get security alerts on a subscription and its resources
+#>
+function Get-AzureRmSecurityAlert-SubscriptionScope
+{
+    $alerts = Get-AzureRmSecurityAlert
+	Validate-Alerts $alerts
+}
+
+<#
+.SYNOPSIS
+Get security alerts on a resource group and its resources
+#>
+function Get-AzureRmSecurityAlert-ResourceGroupScope
+{
+	$rgName = Get-TestResourceGroupName
+
+    $alerts = Get-AzureRmSecurityAlert -ResourceGroupName $rgName
+	Validate-Alerts $alerts
+}
+
+<#
+.SYNOPSIS
+Get a security alert on a resource group level
+#>
+function Get-AzureRmSecurityAlert-ResourceGroupLevelResource
+{
+	$alerts = Get-AzureRmSecurityAlert
+
+	$alert = $alerts | where { $_.Id -like "*resourceGroups*" } | Select -First 1
+	$location = Extract-ResourceLocation -ResourceId $alert.Id
+	$rgName = Extract-ResourceGroup -ResourceId $alert.Id
+
+    $fetchedAlert = Get-AzureRmSecurityAlert -ResourceGroupName $rgName -Location $location -Name $alert.Name
+	Validate-Alert $fetchedAlert
+}
+
+<#
+.SYNOPSIS
+Get a security alert on a subscription level
+#>
+function Get-AzureRmSecurityAlert-SubscriptionLevelResource
+{
+	$alerts = Get-AzureRmSecurityAlert
+	$alert = $alerts | where { $_.Id -notlike "*resourceGroups*" } | Select -First 1
+	$location = Extract-ResourceLocation -ResourceId $alert.Id
+
+    $fetchedAlert = Get-AzureRmSecurityAlert -Location $location -Name $alert.Name
+	Validate-Alert $fetchedAlert
+}
+
+<#
+.SYNOPSIS
+Get a security alert by a resource ID
+#>
+function Get-AzureRmSecurityAlert-ResourceId
+{
+	$alerts = Get-AzureRmSecurityAlert
+	$alert = $alerts | Select -First 1
+
+    $alerts = Get-AzureRmSecurityAlert -ResourceId $alert.Id
+	Validate-Alerts $alerts
+}
+
+<#
+.SYNOPSIS
+Change resource group security alert state
+#>
+function Set-AzureRmSecurityAlert-ResourceGroupLevelResource
+{
+	$alerts = Get-AzureRmSecurityAlert
+
+	$alert = $alerts | where { $_.Id -like "*resourceGroups*" } | Select -First 1
+	$location = Extract-ResourceLocation -ResourceId $alert.Id
+	$rgName = Extract-ResourceGroup -ResourceId $alert.Id
+
+    Set-AzureRmSecurityAlert -ResourceGroupName $rgName -Location $location -Name $alert.Name -ActionType "Activate"
+
+	$fetchedAlert = Get-AzureRmSecurityAlert -ResourceGroupName $rgName -Location $location -Name $alert.Name
+
+	Validate-AlertActivity -alert $fetchedAlert
+}
+
+<#
+.SYNOPSIS
+Change subscription security alert state
+#>
+function Set-AzureRmSecurityAlert-SubscriptionLevelResource
+{
+	$alerts = Get-AzureRmSecurityAlert
+	$alert = $alerts | where { $_.Id -notlike "*resourceGroups*" } | Select -First 1
+	$location = Extract-ResourceLocation -ResourceId $alert.Id
+
+    Set-AzureRmSecurityAlert -Location $location -Name $alert.Name -ActionType "Activate"
+
+	$fetchedAlert = Get-AzureRmSecurityAlert -Location $location -Name $alert.Name
+
+	Validate-AlertActivity -alert $fetchedAlert
+}
+
+<#
+.SYNOPSIS
+Change resource group security alert state by a resource ID
+#>
+function Set-AzureRmSecurityAlert-ResourceId
+{
+	$alerts = Get-AzureRmSecurityAlert
+	$alert = $alerts | Select -First 1
+
+    Set-AzureRmSecurityAlert -ResourceId $alert.Id -ActionType "Activate"
+
+	$fetchedAlert = Get-AzureRmSecurityAlert -ResourceId $alert.Id
+
+	Validate-AlertActivity -alert $fetchedAlert
+}
+
+<#
+.SYNOPSIS
+Validates a list of security alerts
+#>
+function Validate-Alerts
+{
+	param($alerts)
+
+    Assert-True { $alerts.Count -gt 0 }
+
+	Foreach($alert in $alerts)
+	{
+		Validate-Alert $alert
+	}
+}
+
+<#
+.SYNOPSIS
+Validates a single alert
+#>
+function Validate-Alert
+{
+	param($alert)
+
+	Assert-NotNull $alert
+}
+
+
+<#
+.SYNOPSIS
+Validates a single alert
+#>
+function Validate-AlertActivity
+{
+	param($alert)
+
+	Assert-NotNull $alert
+	Assert-True { $alert.State -eq "Active" }
+}