Skip to content

Commit eafb006

Browse files
bashaheebashahee
authored
Updating value of StorageKeyKind when storage account is under VNet. (#11609)
* Add new value to StorageKeyType
1 parent a08beff commit eafb006

File tree

4 files changed

+16
-14
lines changed

4 files changed

+16
-14
lines changed

src/Sql/Sql.Test/ScenarioTests/AuditTests.ps1

Lines changed: 12 additions & 12 deletions
Original file line numberDiff line numberDiff line change
@@ -869,7 +869,7 @@ function Test-AuditOnDatabase
869869
Assert-AreEqual 0 $policy.AuditAction.Length
870870
Assert-Null $policy.PredicateExpression
871871
Assert-Null $policy.StorageAccountResourceId
872-
Assert-AreEqual "Primary" $policy.StorageKeyType
872+
Assert-AreEqual "None" $policy.StorageKeyType
873873
Assert-Null $policy.RetentionInDays
874874

875875
# Verify event hub auditing policy is disabled.
@@ -966,7 +966,7 @@ function Test-AuditOnDatabase
966966
Assert-AreEqual 0 $policy.AuditAction.Length
967967
Assert-AreEqual "" $policy.PredicateExpression
968968
Assert-Null $policy.StorageAccountResourceId
969-
Assert-AreEqual "Primary" $policy.StorageKeyType
969+
Assert-AreEqual "None" $policy.StorageKeyType
970970
Assert-Null $policy.RetentionInDays
971971

972972
# Verify event hub auditing policy is enabled.
@@ -995,7 +995,7 @@ function Test-AuditOnDatabase
995995
# Verify storage auditing policy is disabled.
996996
Assert-AreEqual "Disabled" $policy.BlobStorageTargetState
997997
Assert-Null $policy.StorageAccountResourceId
998-
Assert-AreEqual "Primary" $policy.StorageKeyType
998+
Assert-AreEqual "None" $policy.StorageKeyType
999999
Assert-Null $policy.RetentionInDays
10001000

10011001
# Verify event hub auditing policy is enabled.
@@ -1021,7 +1021,7 @@ function Test-AuditOnDatabase
10211021
# Verify storage auditing policy is disabled.
10221022
Assert-AreEqual "Disabled" $policy.BlobStorageTargetState
10231023
Assert-Null $policy.StorageAccountResourceId
1024-
Assert-AreEqual "Primary" $policy.StorageKeyType
1024+
Assert-AreEqual "None" $policy.StorageKeyType
10251025
Assert-Null $policy.RetentionInDays
10261026

10271027
# Verify log analytics auditing policy is disabled.
@@ -1065,7 +1065,7 @@ function Test-RemoveAuditOnDatabase
10651065
Assert-AreEqual 0 $policy.AuditAction.Length
10661066
Assert-Null $policy.PredicateExpression
10671067
Assert-Null $policy.StorageAccountResourceId
1068-
Assert-AreEqual "Primary" $policy.StorageKeyType
1068+
Assert-AreEqual "None" $policy.StorageKeyType
10691069
Assert-Null $policy.RetentionInDays
10701070

10711071
# Verify event hub auditing policy is disabled.
@@ -1162,7 +1162,7 @@ function Test-RemoveAuditOnDatabase
11621162
Assert-AreEqual 0 $policy.AuditAction.Length
11631163
Assert-AreEqual "" $policy.PredicateExpression
11641164
Assert-Null $policy.StorageAccountResourceId
1165-
Assert-AreEqual "Primary" $policy.StorageKeyType
1165+
Assert-AreEqual "None" $policy.StorageKeyType
11661166
Assert-Null $policy.RetentionInDays
11671167

11681168
# Verify event hub auditing policy is disabled.
@@ -1309,7 +1309,7 @@ function Test-AuditOnServer
13091309
Assert-AreEqual 0 $policy.AuditActionGroup.Length
13101310
Assert-Null $policy.StorageAccountResourceId
13111311
Assert-AreEqual "" $policy.PredicateExpression
1312-
Assert-AreEqual "Primary" $policy.StorageKeyType
1312+
Assert-AreEqual "None" $policy.StorageKeyType
13131313
Assert-Null $policy.RetentionInDays
13141314

13151315
# Verify event hub auditing policy is disabled.
@@ -1402,7 +1402,7 @@ function Test-AuditOnServer
14021402
Assert-True {$policy.AuditActionGroup.Contains([Microsoft.Azure.Commands.Sql.Auditing.Model.AuditActionGroups]::FAILED_DATABASE_AUTHENTICATION_GROUP)}
14031403
Assert-AreEqual "" $policy.PredicateExpression
14041404
Assert-Null $policy.StorageAccountResourceId
1405-
Assert-AreEqual "Primary" $policy.StorageKeyType
1405+
Assert-AreEqual "None" $policy.StorageKeyType
14061406
Assert-Null $policy.RetentionInDays
14071407

14081408
# Verify event hub auditing policy is enabled.
@@ -1430,7 +1430,7 @@ function Test-AuditOnServer
14301430
# Verify storage auditing policy is disabled.
14311431
Assert-AreEqual "Disabled" $policy.BlobStorageTargetState
14321432
Assert-Null $policy.StorageAccountResourceId
1433-
Assert-AreEqual "Primary" $policy.StorageKeyType
1433+
Assert-AreEqual "None" $policy.StorageKeyType
14341434
Assert-Null $policy.RetentionInDays
14351435

14361436
# Verify event hub auditing policy is enabled.
@@ -1455,7 +1455,7 @@ function Test-AuditOnServer
14551455
# Verify storage auditing policy is disabled.
14561456
Assert-AreEqual "Disabled" $policy.BlobStorageTargetState
14571457
Assert-Null $policy.StorageAccountResourceId
1458-
Assert-AreEqual "Primary" $policy.StorageKeyType
1458+
Assert-AreEqual "None" $policy.StorageKeyType
14591459
Assert-Null $policy.RetentionInDays
14601460

14611461
# Verify log analytics auditing policy is disabled.
@@ -1499,7 +1499,7 @@ function Test-RemoveAuditOnServer
14991499
Assert-AreEqual 0 $policy.AuditActionGroup.Length
15001500
Assert-Null $policy.StorageAccountResourceId
15011501
Assert-AreEqual "" $policy.PredicateExpression
1502-
Assert-AreEqual "Primary" $policy.StorageKeyType
1502+
Assert-AreEqual "None" $policy.StorageKeyType
15031503
Assert-Null $policy.RetentionInDays
15041504

15051505
# Verify event hub auditing policy is disabled.
@@ -1592,7 +1592,7 @@ function Test-RemoveAuditOnServer
15921592
Assert-True {$policy.AuditActionGroup.Contains([Microsoft.Azure.Commands.Sql.Auditing.Model.AuditActionGroups]::FAILED_DATABASE_AUTHENTICATION_GROUP)}
15931593
Assert-AreEqual "" $policy.PredicateExpression
15941594
Assert-Null $policy.StorageAccountResourceId
1595-
Assert-AreEqual "Primary" $policy.StorageKeyType
1595+
Assert-AreEqual "None" $policy.StorageKeyType
15961596
Assert-Null $policy.RetentionInDays
15971597

15981598
# Verify event hub auditing policy is disabled.

src/Sql/Sql/Auditing/Model/ServerAuditModel.cs

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -45,7 +45,7 @@ public enum AuditActionGroups
4545
USER_CHANGE_PASSWORD_GROUP
4646
}
4747

48-
public enum StorageKeyKind { Primary, Secondary };
48+
public enum StorageKeyKind { None, Primary, Secondary };
4949

5050
public class ServerAuditModel
5151
{

src/Sql/Sql/Auditing/Services/SqlAuditAdapter.cs

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -440,7 +440,8 @@ private void PolicizeStorageInfo(ServerAuditModel model, dynamic policy)
440440
else
441441
{
442442
policy.IsStorageSecondaryKeyInUse = model.StorageKeyType == StorageKeyKind.Secondary;
443-
policy.StorageAccountAccessKey = AzureCommunicator.RetrieveStorageKeysAsync(model.StorageAccountResourceId).GetAwaiter().GetResult()[model.StorageKeyType];
443+
policy.StorageAccountAccessKey = AzureCommunicator.RetrieveStorageKeysAsync(
444+
model.StorageAccountResourceId).GetAwaiter().GetResult()[model.StorageKeyType == StorageKeyKind.Secondary ? StorageKeyKind.Secondary : StorageKeyKind.Primary];
444445
}
445446

446447
if (model.RetentionInDays != null)

src/Sql/Sql/ChangeLog.md

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -20,6 +20,7 @@
2020
## Upcoming Release
2121
* Added cmdlets `Get-AzSqlInstanceOperation` and `Stop-AzSqlInstanceOperation`
2222
* Supported auditing to a storage account in VNet.
23+
* Assign 'None' value as StorageKeyKind when a storage account under VNet is a target for the audit records.
2324

2425
## Version 2.5.0
2526
* Added readable secondary parameter to `Invoke-AzSqlDatabaseFailover`

0 commit comments

Comments
 (0)