.

ChangeLog.md

@@ -1,3 +1,8 @@
+* Azure SQL Database: new cmdlets for managing database threat detection policies:
+  * Get-AzureRmSqlDatabaseThreatDetectionPolicy
+  * Set-AzureRmSqlDatabaseThreatDetectionPolicy
+  * Remove-AzureRmSqlDatabaseThreatDetectionPolicy
+
 ## 2015.11.09 version 1.0.1
 * Azure Compute
   * Added cmdlets for managing VM DiskEncryption extension

src/ResourceManager/KeyVault/Commands.KeyVault.Test/Scripts/PSHCommon/Common.ps1

@@ -250,15 +250,6 @@ function Test-BinaryFile
 }
 
 
-<#
-.SYNOPSIS
-Removes all current subscriptions.
-#>
-function Remove-AllSubscriptions
-{
-    Get-AzureRmSubscription | Remove-AzureRmSubscription -Force
-}
-
 <#
 .SYNOPSIS
 Waits on the specified job with the given timeout.

src/ResourceManager/KeyVault/Commands.KeyVault.Test/Scripts/VaultManagementTests.ps1

@@ -97,7 +97,7 @@ function Test_DeleteUnknownVaultFails
 #------------------------------Set-AzureRmKeyVaultAccessPolicy--------------------------
 function Test_SetRemoveAccessPolicyByUPN
 {
-    $user = (Get-AzureRmSubscription -Current).DefaultAccount 
+    $user = (Get-AzureRmContext).Account.Id 
     Reset-PreCreatedVault
     Test-SetRemoveAccessPolicyByUPN $global:precreatedVaultName $global:resourceGroupName $user
 }
@@ -125,23 +125,23 @@ function Test_SetRemoveAccessPolicyBySPN
 
 function Test_SetRemoveAccessPolicyByObjectId
 {
-    $user = (Get-AzureRmSubscription -Current).DefaultAccount 
+    $user = (Get-AzureRmContext).Account.Id 
     Reset-PreCreatedVault
     Test-SetRemoveAccessPolicyByObjectId $global:precreatedVaultName $global:resourceGroupName $user
 }
 
 
 function Test_SetRemoveAccessPolicyByCompoundId
 {
-    $user = (Get-AzureRmSubscription -Current).DefaultAccount 
+    $user = (Get-AzureRmContext).Account.Id 
     $appId = [System.Guid]::NewGuid()
     Reset-PreCreatedVault
     Test-SetRemoveAccessPolicyByCompoundId $global:precreatedVaultName $global:resourceGroupName $user $appId
 }
 
 function Test_RemoveAccessPolicyWithCompoundIdPolicies
 {
-    $user = (Get-AzureRmSubscription -Current).DefaultAccount 
+    $user = (Get-AzureRmContext).Account.Id 
     $appId1 = [System.Guid]::NewGuid()
     $appId2 = [System.Guid]::NewGuid()
     Reset-PreCreatedVault
@@ -150,51 +150,51 @@ function Test_RemoveAccessPolicyWithCompoundIdPolicies
 
 function Test_SetCompoundIdAccessPolicy
 {
-    $user = (Get-AzureRmSubscription -Current).DefaultAccount 
+    $user = (Get-AzureRmContext).Account.Id 
     $appId = [System.Guid]::NewGuid()
     Reset-PreCreatedVault
     Test-SetCompoundIdAccessPolicy $global:precreatedVaultName $global:resourceGroupName $user $appId
 }
 
 function Test_ModifyAccessPolicy
 {
-    $user = (Get-AzureRmSubscription -Current).DefaultAccount 
+    $user = (Get-AzureRmContext).Account.Id 
     Reset-PreCreatedVault
     Test-ModifyAccessPolicy $global:precreatedVaultName $global:resourceGroupName $user
 }
 
 function Test_ModifyAccessPolicyEnabledForDeployment
 {
-    $user = (Get-AzureRmSubscription -Current).DefaultAccount 
+    $user = (Get-AzureRmContext).Account.Id 
     Reset-PreCreatedVault
     Test-ModifyAccessPolicyEnabledForDeployment $global:precreatedVaultName $global:resourceGroupName $user
 }
 
 function Test_ModifyAccessPolicyEnabledForTemplateDeployment
 {
-    $user = (Get-AzureRmSubscription -Current).DefaultAccount 
+    $user = (Get-AzureRmContext).Account.Id 
     Reset-PreCreatedVault
     Test-ModifyAccessPolicyEnabledForTemplateDeployment $global:precreatedVaultName $global:resourceGroupName $user
 }
 
 function Test_ModifyAccessPolicyEnabledForDiskEncryption
 {
-    $user = (Get-AzureRmSubscription -Current).DefaultAccount 
+    $user = (Get-AzureRmContext).Account.Id 
     Reset-PreCreatedVault
     Test-ModifyAccessPolicyEnabledForDiskEncryption $global:precreatedVaultName $global:resourceGroupName $user
 }
 
 function Test_ModifyAccessPolicyNegativeCases
 {
-    $user = (Get-AzureRmSubscription -Current).DefaultAccount 
+    $user = (Get-AzureRmContext).Account.Id 
     Reset-PreCreatedVault
     Test-ModifyAccessPolicyNegativeCases $global:precreatedVaultName $global:resourceGroupName $user
 }
 
 
 function Test_RemoveNonExistentAccessPolicyDoesNotThrow
 {
-    $user = (Get-AzureRmSubscription -Current).DefaultAccount 
+    $user = (Get-AzureRmContext).Account.Id 
     Reset-PreCreatedVault
     Test-RemoveNonExistentAccessPolicyDoesNotThrow $global:precreatedVaultName $global:resourceGroupName $user
 }
@@ -261,7 +261,7 @@ function Initialize-VaultTest
     }
     #create a vault using ARM    
     $vaultName = Get-VaultName $suffix
-    $tenantId = (Get-AzureRmSubscription -Current).TenantId
+    $tenantId = (Get-AzureRmContext).Tenant.TenantId
     $tagName = "testtag"
     $tagValue = "testvalue"
     $vaultId = @{
@@ -305,7 +305,7 @@ function Reset-PreCreatedVault
 { 
     $tagName = "testtag"
     $tagValue = "testvalue"
-    $tenantId = (Get-AzureRmSubscription -Current).TenantId
+    $tenantId = (Get-AzureRmContext).Tenant.TenantId
     $vaultProperties = @{
         "enabledForDeployment" = $false;
         "tenantId" = $tenantId;

src/ResourceManager/KeyVault/Commands.KeyVault/Properties/Resources.resx

@@ -118,7 +118,7 @@
     <value>System.Resources.ResXResourceWriter, System.Windows.Forms, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089</value>
   </resheader>
   <data name="ADObjectNotFound" xml:space="preserve">
-    <value>Cannot find the Active Directory object '{0}' in tenant '{1}'. Please make sure that the user or application service principal you are authorizing is registered in the current subscription's Azure Active directory. The TenantID displayed by the cmdlet 'get-AzureRmSubscription -current' is the current subscription's Azure Active directory.</value>
+    <value>Cannot find the Active Directory object '{0}' in tenant '{1}'. Please make sure that the user or application service principal you are authorizing is registered in the current subscription's Azure Active directory. The TenantID displayed by the cmdlet 'Get-AzureRmContext' is the current subscription's Azure Active directory.</value>
   </data>
   <data name="BackupKeyFileAlreadyExists" xml:space="preserve">
     <value>The backup key file '{0}' already exists.</value>
@@ -139,7 +139,7 @@
     <value>Invalid AzureEnvironment.</value>
   </data>
   <data name="InvalidCurrentSubscription" xml:space="preserve">
-    <value>No current subscription has been designated. Use Select-AzureRmSubscription -Current &lt;subscriptionName&gt; to set the current subscription.</value>
+    <value>No current subscription has been designated. Use Set-AzureRmContext -SubscriptionName &lt;subscriptionName&gt; to set the current subscription.</value>
   </data>
   <data name="InvalidKeyAttributes" xml:space="preserve">
     <value>Invalid key attributes</value>
@@ -175,7 +175,7 @@
     <value>Invalid secret uri '{0}'.</value>
   </data>
   <data name="InvalidSelectedSubscription" xml:space="preserve">
-    <value>No subscription is currently selected. Use Select-Subscription to activate a subscription.</value>
+    <value>No subscription is currently selected. Use Set-AzureRmContext to activate a subscription.</value>
   </data>
   <data name="InvalidSubscriptionState" xml:space="preserve">
     <value>Your Azure credentials have not been set up or have expired, please run Add-AzureRmAccount to set up your Azure credentials.</value>

src/ResourceManager/Sql/Commands.Sql.Test/Commands.Sql.Test.csproj

@@ -73,7 +73,7 @@
       <Private>True</Private>
     </Reference>
     <Reference Include="Microsoft.Azure.Management.Sql">
-      <HintPath>..\..\..\packages\Microsoft.Azure.Management.Sql.0.39.0-prerelease\lib\net40\Microsoft.Azure.Management.Sql.dll</HintPath>
+      <HintPath>..\..\..\packages\Microsoft.Azure.Management.Sql.0.41.0-prerelease\lib\net40\Microsoft.Azure.Management.Sql.dll</HintPath>
     </Reference>
     <Reference Include="Microsoft.Azure.Management.Storage">
       <HintPath>..\..\..\packages\Microsoft.Azure.Management.Storage.2.4.0-preview\lib\net40\Microsoft.Azure.Management.Storage.dll</HintPath>
@@ -189,11 +189,15 @@
       <DesignTime>True</DesignTime>
       <DependentUpon>Resources.resx</DependentUpon>
     </Compile>
+    <Compile Include="ScenarioTests\ThreatDetectionTests.cs" />
     <Compile Include="ScenarioTests\DatabaseActivationTests.cs" />
     <Compile Include="ScenarioTests\DatabaseBackupTests.cs" />
     <Compile Include="ScenarioTests\DatabaseReplicationTests.cs" />
     <Compile Include="ScenarioTests\DatabaseCrudTests.cs" />
     <Compile Include="ScenarioTests\DataMaskingTests.cs" />
+    <None Include="ScenarioTests\ThreatDetectionTests.ps1">
+      <CopyToOutputDirectory>Always</CopyToOutputDirectory>
+    </None>
     <None Include="ScenarioTests\DatabaseReplicationTests.ps1">
       <CopyToOutputDirectory>Always</CopyToOutputDirectory>
     </None>
@@ -445,10 +449,7 @@
     <None Include="SessionRecords\Microsoft.Azure.Commands.Sql.Test.ScenarioTests.DataMaskingTests\TestDatabaseDataMaskingNumberRuleLifecycle.json">
       <CopyToOutputDirectory>PreserveNewest</CopyToOutputDirectory>
     </None>
-    <None Include="SessionRecords\Microsoft.Azure.Commands.Sql.Test.ScenarioTests.DataMaskingTests\TestDatabaseDataMaskingPolicyEnablementToggling.json">
-      <CopyToOutputDirectory>PreserveNewest</CopyToOutputDirectory>
-    </None>
-    <None Include="SessionRecords\Microsoft.Azure.Commands.Sql.Test.ScenarioTests.DataMaskingTests\TestDatabaseDataMaskingPrivilegedLoginsChanges.json">
+    <None Include="SessionRecords\Microsoft.Azure.Commands.Sql.Test.ScenarioTests.DataMaskingTests\TestDatabaseDataMaskingPrivilegedUsersChanges.json">
       <CopyToOutputDirectory>PreserveNewest</CopyToOutputDirectory>
     </None>
     <None Include="SessionRecords\Microsoft.Azure.Commands.Sql.Test.ScenarioTests.DataMaskingTests\TestDatabaseDataMaskingRuleCreationFailures.json">
@@ -514,6 +515,11 @@
     <None Include="SessionRecords\Microsoft.Azure.Commands.Sql.Test.ScenarioTests.ServerCrudTests\TestServerUpdate.json">
       <CopyToOutputDirectory>Always</CopyToOutputDirectory>
     </None>
+    <None Include="SessionRecords\Microsoft.Azure.Commands.Sql.Test.ScenarioTests.ThreatDetectionTests\DisablingThreatDetection.json" />
+    <None Include="SessionRecords\Microsoft.Azure.Commands.Sql.Test.ScenarioTests.ThreatDetectionTests\InvalidArgumentsThreatDetection.json" />
+    <None Include="SessionRecords\Microsoft.Azure.Commands.Sql.Test.ScenarioTests.ThreatDetectionTests\ThreatDetectionDatabaseGetDefualtPolicy.json" />
+    <None Include="SessionRecords\Microsoft.Azure.Commands.Sql.Test.ScenarioTests.ThreatDetectionTests\ThreatDetectionDatabaseUpdatePolicy.json" />
+    <None Include="SessionRecords\Microsoft.Azure.Commands.Sql.Test.ScenarioTests.ThreatDetectionTests\ThreatDetectionOnV2Server.json" />
     <None Include="SessionRecords\Microsoft.Azure.Commands.Sql.Test.ScenarioTests.TransparentDataEncryptionCrudTests\TestDatabaseTransparentDataEncryptionGet.json">
       <CopyToOutputDirectory>Always</CopyToOutputDirectory>
     </None>

src/ResourceManager/Sql/Commands.Sql.Test/ScenarioTests/AuditingTests.cs

@@ -22,17 +22,6 @@ namespace Microsoft.Azure.Commands.Sql.Test.ScenarioTests
 {
     public class AuditingTests : SqlTestsBase
     {
-        protected Microsoft.Azure.Management.Storage.StorageManagementClient GetStorageV2Client()
-        {
-            var client = TestBase.GetServiceClient<Microsoft.Azure.Management.Storage.StorageManagementClient>(new CSMTestEnvironmentFactory());
-            if (HttpMockServer.Mode == HttpRecorderMode.Playback)
-            {
-                client.LongRunningOperationInitialTimeout = 0;
-                client.LongRunningOperationRetryTimeout = 0;
-            }
-            return client;
-        }
-
         protected override void SetupManagementClients()
         {
             var sqlCSMClient = GetSqlClient();

src/ResourceManager/Sql/Commands.Sql.Test/ScenarioTests/Common.ps1

@@ -25,6 +25,19 @@ function Get-SqlAuditingTestEnvironmentParameters ($testSuffix)
 			  }
 }
 
+<#
+.SYNOPSIS
+Gets the values of the parameters used at the threat detection tests
+#>
+function Get-SqlThreatDetectionTestEnvironmentParameters ($testSuffix)
+{
+	return @{ rgname = "sql-td-cmdlet-test-rg" +$testSuffix;
+			  serverName = "sql-td-cmdlet-server" +$testSuffix;
+			  databaseName = "sql-td-cmdlet-db" + $testSuffix;
+			  storageAccount = "tdcmdlets" +$testSuffix
+			  }
+}
+
 <#
 .SYNOPSIS
 Gets the values of the parameters used by the data masking tests
@@ -78,6 +91,28 @@ function Create-TestEnvironmentWithStorageV2 ($testSuffix)
 	New-AzureRmStorageAccount -Name $params.storageAccount -Location "West US" -ResourceGroupName $params.rgname -Type "Standard_GRS"
 }
 
+<#
+.SYNOPSIS
+Creates the test environment needed to perform the Sql threat detection tests, while using storage  V2 as the used storage account
+#>
+function Create-ThreatDetectionTestEnvironmentWithStorageV2 ($testSuffix, $serverVersion = "12.0")
+{
+	$params = Get-SqlThreatDetectionTestEnvironmentParameters $testSuffix
+	New-AzureRmResourceGroup -Name $params.rgname -Location "Australia East" -Force
+
+    if ($serverVersion -eq "12.0")
+    {
+        New-AzureRmResourceGroupDeployment -ResourceGroupName $params.rgname -TemplateFile ".\Templates\sql-ddm-test-env-setup.json" -serverName $params.serverName -databaseName $params.databaseName -EnvLocation "Australia East" -Force
+     	New-AzureRmStorageAccount -Name $params.storageAccount -Location "Australia East" -ResourceGroupName $params.rgname -Type "Standard_GRS"
+    }
+
+    if ($serverVersion -eq "2.0")
+    {
+        New-AzureRmResourceGroupDeployment -ResourceGroupName $params.rgname -TemplateFile ".\Templates\sql-audit-test-env-setup.json" -serverName $params.serverName -databaseName $params.databaseName -EnvLocation "Australia East" -Force
+    	New-AzureRmStorageAccount -Name $params.storageAccount -Location "West US" -ResourceGroupName $params.rgname -Type "Standard_GRS"
+    }
+}
+
 <#
 .SYNOPSIS
 Creates the test environment needed to perform the Sql data masking tests
@@ -214,8 +249,24 @@ function Remove-TestEnvironment ($testSuffix)
 {
 	try
 	{
-	$params = Get-SqlAuditingTestEnvironmentParameters $testSuffix
-	Azure\Remove-AzureRmStorageAccount -StorageAccountName $params.storageAccount
+	    $params = Get-SqlAuditingTestEnvironmentParameters $testSuffix
+	    Azure\Remove-AzureRmStorageAccount -StorageAccountName $params.storageAccount
+	}
+	catch
+	{
+	}
+}
+
+<#
+.SYNOPSIS
+Removes the test environment that was needed to perform the Sql threat detection tests
+#>
+function Remove-ThreatDetectionTestEnvironment ($testSuffix)
+{
+	try
+	{
+	    $params = Get-SqlThreatDetectionTestEnvironmentParameters $testSuffix
+	    Azure\Remove-AzureRmStorageAccount -StorageAccountName $params.storageAccount
 	}
 	catch
 	{

src/ResourceManager/Sql/Commands.Sql.Test/ScenarioTests/DataMaskingTests.cs

@@ -20,19 +20,11 @@ namespace Microsoft.Azure.Commands.Sql.Test.ScenarioTests
 {
     public class DataMaskingTests : SqlTestsBase
     {
-
-        [Fact]
-        [Trait(Category.AcceptanceType, Category.BVT)]
-        public void TestDatabaseDataMaskingPolicyEnablementToggling()
-        {
-            RunPowerShellTest("Test-DatabaseDataMaskingPolicyEnablementToggling");
-        }
-
         [Fact]
         [Trait(Category.AcceptanceType, Category.BVT)]
-        public void TestDatabaseDataMaskingPrivilegedLoginsChanges()
+        public void TestDatabaseDataMaskingPrivilegedUsersChanges()
         {
-            RunPowerShellTest("Test-DatabaseDataMaskingPrivilegedLoginsChanges");
+            RunPowerShellTest("Test-DatabaseDataMaskingPrivilegedUsersChanges");
         }
 
         [Fact]