Skip to content

Commit e293a8d

Browse files
ayeletshpigelmanayeletshpigelman
committed
Remove Usage_Anomaly option for DisabledAlerts in Security Alerts Policy
1 parent 4299b86 commit e293a8d

File tree

4 files changed

+3399
-2225
lines changed

4 files changed

+3399
-2225
lines changed

src/ResourceManager/Sql/Commands.Sql.Test/ScenarioTests/ThreatDetectionTests.ps1

Lines changed: 6 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -120,19 +120,18 @@ function Test-ThreatDetectionDatabaseUpdatePolicy
120120
Assert-True {$policy.ExcludedDetectionTypes.Contains([Microsoft.Azure.Commands.Sql.ThreatDetection.Model.DetectionType]::Sql_Injection_Vulnerability)}
121121

122122
# Test
123-
Set-AzureRmSqlDatabaseThreatDetectionPolicy -ResourceGroupName $params.rgname -ServerName $params.serverName -DatabaseName $params.databaseName -ExcludedDetectionType "Sql_Injection", "Sql_Injection_Vulnerability", "Access_Anomaly", "Usage_Anomaly"
123+
Set-AzureRmSqlDatabaseThreatDetectionPolicy -ResourceGroupName $params.rgname -ServerName $params.serverName -DatabaseName $params.databaseName -ExcludedDetectionType "Sql_Injection", "Sql_Injection_Vulnerability", "Access_Anomaly"
124124
$policy = Get-AzureRmSqlDatabaseThreatDetectionPolicy -ResourceGroupName $params.rgname -ServerName $params.serverName -DatabaseName $params.databaseName
125125

126126
# Assert
127127
Assert-AreEqual $policy.ThreatDetectionState "Enabled"
128128
Assert-AreEqual $policy.NotificationRecipientsEmails "[email protected];[email protected]"
129129
Assert-False {$policy.EmailAdmins}
130-
Assert-AreEqual $policy.ExcludedDetectionTypes.Length 4
130+
Assert-AreEqual $policy.ExcludedDetectionTypes.Length 3
131131
Assert-AreEqual $policy.StorageAccountName $params.storageAccount
132132
Assert-True {$policy.ExcludedDetectionTypes.Contains([Microsoft.Azure.Commands.Sql.ThreatDetection.Model.DetectionType]::Sql_Injection)}
133133
Assert-True {$policy.ExcludedDetectionTypes.Contains([Microsoft.Azure.Commands.Sql.ThreatDetection.Model.DetectionType]::Sql_Injection_Vulnerability)}
134134
Assert-True {$policy.ExcludedDetectionTypes.Contains([Microsoft.Azure.Commands.Sql.ThreatDetection.Model.DetectionType]::Access_Anomaly)}
135-
Assert-True {$policy.ExcludedDetectionTypes.Contains([Microsoft.Azure.Commands.Sql.ThreatDetection.Model.DetectionType]::Usage_Anomaly)}
136135

137136
# Test
138137
Remove-AzureRmSqlDatabaseThreatDetectionPolicy -ResourceGroupName $params.rgname -ServerName $params.serverName -DatabaseName $params.databaseName
@@ -142,11 +141,10 @@ function Test-ThreatDetectionDatabaseUpdatePolicy
142141
Assert-AreEqual $policy.ThreatDetectionState "Disabled"
143142
Assert-AreEqual $policy.NotificationRecipientsEmails "[email protected];[email protected]"
144143
Assert-False {$policy.EmailAdmins}
145-
Assert-AreEqual $policy.ExcludedDetectionTypes.Length 4
144+
Assert-AreEqual $policy.ExcludedDetectionTypes.Length 3
146145
Assert-True {$policy.ExcludedDetectionTypes.Contains([Microsoft.Azure.Commands.Sql.ThreatDetection.Model.DetectionType]::Sql_Injection)}
147146
Assert-True {$policy.ExcludedDetectionTypes.Contains([Microsoft.Azure.Commands.Sql.ThreatDetection.Model.DetectionType]::Sql_Injection_Vulnerability)}
148147
Assert-True {$policy.ExcludedDetectionTypes.Contains([Microsoft.Azure.Commands.Sql.ThreatDetection.Model.DetectionType]::Access_Anomaly)}
149-
Assert-True {$policy.ExcludedDetectionTypes.Contains([Microsoft.Azure.Commands.Sql.ThreatDetection.Model.DetectionType]::Usage_Anomaly)}
150148

151149
# Test
152150
Set-AzureRmSqlDatabaseThreatDetectionPolicy -ResourceGroupName $params.rgname -ServerName $params.serverName -DatabaseName $params.databaseName -ExcludedDetectionType "None"
@@ -191,18 +189,17 @@ function Test-ThreatDetectionServerUpdatePolicy
191189
Assert-True {$policy.ExcludedDetectionTypes.Contains([Microsoft.Azure.Commands.Sql.ThreatDetection.Model.DetectionType]::Sql_Injection_Vulnerability)}
192190

193191
# Test
194-
Set-AzureRmSqlServerThreatDetectionPolicy -ResourceGroupName $params.rgname -ServerName $params.serverName -ExcludedDetectionType Sql_Injection, Sql_Injection_Vulnerability, Access_Anomaly, Usage_Anomaly -StorageAccountName $params.storageAccount
192+
Set-AzureRmSqlServerThreatDetectionPolicy -ResourceGroupName $params.rgname -ServerName $params.serverName -ExcludedDetectionType Sql_Injection, Sql_Injection_Vulnerability, Access_Anomaly -StorageAccountName $params.storageAccount
195193
$policy = Get-AzureRmSqlServerThreatDetectionPolicy -ResourceGroupName $params.rgname -ServerName $params.serverName
196194

197195
# Assert
198196
Assert-AreEqual $policy.ThreatDetectionState "Enabled"
199197
Assert-AreEqual $policy.NotificationRecipientsEmails "[email protected];[email protected]"
200198
Assert-False {$policy.EmailAdmins}
201-
Assert-AreEqual $policy.ExcludedDetectionTypes.Length 4
199+
Assert-AreEqual $policy.ExcludedDetectionTypes.Length 3
202200
Assert-True {$policy.ExcludedDetectionTypes.Contains([Microsoft.Azure.Commands.Sql.ThreatDetection.Model.DetectionType]::Sql_Injection)}
203201
Assert-True {$policy.ExcludedDetectionTypes.Contains([Microsoft.Azure.Commands.Sql.ThreatDetection.Model.DetectionType]::Sql_Injection_Vulnerability)}
204202
Assert-True {$policy.ExcludedDetectionTypes.Contains([Microsoft.Azure.Commands.Sql.ThreatDetection.Model.DetectionType]::Access_Anomaly)}
205-
Assert-True {$policy.ExcludedDetectionTypes.Contains([Microsoft.Azure.Commands.Sql.ThreatDetection.Model.DetectionType]::Usage_Anomaly)}
206203

207204
# Test
208205
Remove-AzureRmSqlServerThreatDetectionPolicy -ResourceGroupName $params.rgname -ServerName $params.serverName
@@ -212,11 +209,10 @@ function Test-ThreatDetectionServerUpdatePolicy
212209
Assert-AreEqual $policy.ThreatDetectionState "Disabled"
213210
Assert-AreEqual $policy.NotificationRecipientsEmails "[email protected];[email protected]"
214211
Assert-False {$policy.EmailAdmins}
215-
Assert-AreEqual $policy.ExcludedDetectionTypes.Length 4
212+
Assert-AreEqual $policy.ExcludedDetectionTypes.Length 3
216213
Assert-True {$policy.ExcludedDetectionTypes.Contains([Microsoft.Azure.Commands.Sql.ThreatDetection.Model.DetectionType]::Sql_Injection)}
217214
Assert-True {$policy.ExcludedDetectionTypes.Contains([Microsoft.Azure.Commands.Sql.ThreatDetection.Model.DetectionType]::Sql_Injection_Vulnerability)}
218215
Assert-True {$policy.ExcludedDetectionTypes.Contains([Microsoft.Azure.Commands.Sql.ThreatDetection.Model.DetectionType]::Access_Anomaly)}
219-
Assert-True {$policy.ExcludedDetectionTypes.Contains([Microsoft.Azure.Commands.Sql.ThreatDetection.Model.DetectionType]::Usage_Anomaly)}
220216

221217
# Test
222218
Set-AzureRmSqlServerThreatDetectionPolicy -ResourceGroupName $params.rgname -ServerName $params.serverName -ExcludedDetectionType None -StorageAccountName $params.storageAccount

0 commit comments

Comments
 (0)