Skip to content

Commit 844be65

Browse files
ayeletshpigelmanayeletshpigelman
committed
Revert "Remove Usage_Anomaly option for DisabledAlerts in Security Alerts Policy"
This reverts commit e293a8d.
1 parent e293a8d commit 844be65

File tree

4 files changed

+2225
-3399
lines changed

4 files changed

+2225
-3399
lines changed

src/ResourceManager/Sql/Commands.Sql.Test/ScenarioTests/ThreatDetectionTests.ps1

Lines changed: 10 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -120,18 +120,19 @@ function Test-ThreatDetectionDatabaseUpdatePolicy
120120
Assert-True {$policy.ExcludedDetectionTypes.Contains([Microsoft.Azure.Commands.Sql.ThreatDetection.Model.DetectionType]::Sql_Injection_Vulnerability)}
121121

122122
# Test
123-
Set-AzureRmSqlDatabaseThreatDetectionPolicy -ResourceGroupName $params.rgname -ServerName $params.serverName -DatabaseName $params.databaseName -ExcludedDetectionType "Sql_Injection", "Sql_Injection_Vulnerability", "Access_Anomaly"
123+
Set-AzureRmSqlDatabaseThreatDetectionPolicy -ResourceGroupName $params.rgname -ServerName $params.serverName -DatabaseName $params.databaseName -ExcludedDetectionType "Sql_Injection", "Sql_Injection_Vulnerability", "Access_Anomaly", "Usage_Anomaly"
124124
$policy = Get-AzureRmSqlDatabaseThreatDetectionPolicy -ResourceGroupName $params.rgname -ServerName $params.serverName -DatabaseName $params.databaseName
125125

126126
# Assert
127127
Assert-AreEqual $policy.ThreatDetectionState "Enabled"
128128
Assert-AreEqual $policy.NotificationRecipientsEmails "[email protected];[email protected]"
129129
Assert-False {$policy.EmailAdmins}
130-
Assert-AreEqual $policy.ExcludedDetectionTypes.Length 3
130+
Assert-AreEqual $policy.ExcludedDetectionTypes.Length 4
131131
Assert-AreEqual $policy.StorageAccountName $params.storageAccount
132132
Assert-True {$policy.ExcludedDetectionTypes.Contains([Microsoft.Azure.Commands.Sql.ThreatDetection.Model.DetectionType]::Sql_Injection)}
133133
Assert-True {$policy.ExcludedDetectionTypes.Contains([Microsoft.Azure.Commands.Sql.ThreatDetection.Model.DetectionType]::Sql_Injection_Vulnerability)}
134134
Assert-True {$policy.ExcludedDetectionTypes.Contains([Microsoft.Azure.Commands.Sql.ThreatDetection.Model.DetectionType]::Access_Anomaly)}
135+
Assert-True {$policy.ExcludedDetectionTypes.Contains([Microsoft.Azure.Commands.Sql.ThreatDetection.Model.DetectionType]::Usage_Anomaly)}
135136

136137
# Test
137138
Remove-AzureRmSqlDatabaseThreatDetectionPolicy -ResourceGroupName $params.rgname -ServerName $params.serverName -DatabaseName $params.databaseName
@@ -141,10 +142,11 @@ function Test-ThreatDetectionDatabaseUpdatePolicy
141142
Assert-AreEqual $policy.ThreatDetectionState "Disabled"
142143
Assert-AreEqual $policy.NotificationRecipientsEmails "[email protected];[email protected]"
143144
Assert-False {$policy.EmailAdmins}
144-
Assert-AreEqual $policy.ExcludedDetectionTypes.Length 3
145+
Assert-AreEqual $policy.ExcludedDetectionTypes.Length 4
145146
Assert-True {$policy.ExcludedDetectionTypes.Contains([Microsoft.Azure.Commands.Sql.ThreatDetection.Model.DetectionType]::Sql_Injection)}
146147
Assert-True {$policy.ExcludedDetectionTypes.Contains([Microsoft.Azure.Commands.Sql.ThreatDetection.Model.DetectionType]::Sql_Injection_Vulnerability)}
147148
Assert-True {$policy.ExcludedDetectionTypes.Contains([Microsoft.Azure.Commands.Sql.ThreatDetection.Model.DetectionType]::Access_Anomaly)}
149+
Assert-True {$policy.ExcludedDetectionTypes.Contains([Microsoft.Azure.Commands.Sql.ThreatDetection.Model.DetectionType]::Usage_Anomaly)}
148150

149151
# Test
150152
Set-AzureRmSqlDatabaseThreatDetectionPolicy -ResourceGroupName $params.rgname -ServerName $params.serverName -DatabaseName $params.databaseName -ExcludedDetectionType "None"
@@ -189,17 +191,18 @@ function Test-ThreatDetectionServerUpdatePolicy
189191
Assert-True {$policy.ExcludedDetectionTypes.Contains([Microsoft.Azure.Commands.Sql.ThreatDetection.Model.DetectionType]::Sql_Injection_Vulnerability)}
190192

191193
# Test
192-
Set-AzureRmSqlServerThreatDetectionPolicy -ResourceGroupName $params.rgname -ServerName $params.serverName -ExcludedDetectionType Sql_Injection, Sql_Injection_Vulnerability, Access_Anomaly -StorageAccountName $params.storageAccount
194+
Set-AzureRmSqlServerThreatDetectionPolicy -ResourceGroupName $params.rgname -ServerName $params.serverName -ExcludedDetectionType Sql_Injection, Sql_Injection_Vulnerability, Access_Anomaly, Usage_Anomaly -StorageAccountName $params.storageAccount
193195
$policy = Get-AzureRmSqlServerThreatDetectionPolicy -ResourceGroupName $params.rgname -ServerName $params.serverName
194196

195197
# Assert
196198
Assert-AreEqual $policy.ThreatDetectionState "Enabled"
197199
Assert-AreEqual $policy.NotificationRecipientsEmails "[email protected];[email protected]"
198200
Assert-False {$policy.EmailAdmins}
199-
Assert-AreEqual $policy.ExcludedDetectionTypes.Length 3
201+
Assert-AreEqual $policy.ExcludedDetectionTypes.Length 4
200202
Assert-True {$policy.ExcludedDetectionTypes.Contains([Microsoft.Azure.Commands.Sql.ThreatDetection.Model.DetectionType]::Sql_Injection)}
201203
Assert-True {$policy.ExcludedDetectionTypes.Contains([Microsoft.Azure.Commands.Sql.ThreatDetection.Model.DetectionType]::Sql_Injection_Vulnerability)}
202204
Assert-True {$policy.ExcludedDetectionTypes.Contains([Microsoft.Azure.Commands.Sql.ThreatDetection.Model.DetectionType]::Access_Anomaly)}
205+
Assert-True {$policy.ExcludedDetectionTypes.Contains([Microsoft.Azure.Commands.Sql.ThreatDetection.Model.DetectionType]::Usage_Anomaly)}
203206

204207
# Test
205208
Remove-AzureRmSqlServerThreatDetectionPolicy -ResourceGroupName $params.rgname -ServerName $params.serverName
@@ -209,10 +212,11 @@ function Test-ThreatDetectionServerUpdatePolicy
209212
Assert-AreEqual $policy.ThreatDetectionState "Disabled"
210213
Assert-AreEqual $policy.NotificationRecipientsEmails "[email protected];[email protected]"
211214
Assert-False {$policy.EmailAdmins}
212-
Assert-AreEqual $policy.ExcludedDetectionTypes.Length 3
215+
Assert-AreEqual $policy.ExcludedDetectionTypes.Length 4
213216
Assert-True {$policy.ExcludedDetectionTypes.Contains([Microsoft.Azure.Commands.Sql.ThreatDetection.Model.DetectionType]::Sql_Injection)}
214217
Assert-True {$policy.ExcludedDetectionTypes.Contains([Microsoft.Azure.Commands.Sql.ThreatDetection.Model.DetectionType]::Sql_Injection_Vulnerability)}
215218
Assert-True {$policy.ExcludedDetectionTypes.Contains([Microsoft.Azure.Commands.Sql.ThreatDetection.Model.DetectionType]::Access_Anomaly)}
219+
Assert-True {$policy.ExcludedDetectionTypes.Contains([Microsoft.Azure.Commands.Sql.ThreatDetection.Model.DetectionType]::Usage_Anomaly)}
216220

217221
# Test
218222
Set-AzureRmSqlServerThreatDetectionPolicy -ResourceGroupName $params.rgname -ServerName $params.serverName -ExcludedDetectionType None -StorageAccountName $params.storageAccount

0 commit comments

Comments
 (0)