Add audit_policy detail in table azure_sql_database and azure_sql_ser…

…ver Closes #709
turbot · Dec 29, 2023 · 84fb66b · 84fb66b
1 parent a1287da
commit 84fb66b
Show file tree

Hide file tree

Showing 2 changed files with 255 additions and 0 deletions.
diff --git a/azure/table_azure_sql_database.go b/azure/table_azure_sql_database.go
@@ -259,6 +259,13 @@ func tableAzureSqlDatabase(_ context.Context) *plugin.Table {
 				Hydrate:     listSqlDatabaseVulnerabilityAssessmentScans,
 				Transform:   transform.FromValue(),
 			},
+			{
+				Name:        "audit_policy",
+				Description: "The database blob auditing policy..",
+				Type:        proto.ColumnType_JSON,
+				Hydrate:     getSqlDatabaseBlobPolicies,
+				Transform:   transform.FromValue(),
+			},
 
 			// Steampipe standard columns
 			{
@@ -429,6 +436,130 @@ func getSqlDatabaseLongTermRetentionPolicies(ctx context.Context, d *plugin.Quer
 	return res[0], nil
 }
 
+func getSqlDatabaseBlobPolicies(ctx context.Context, d *plugin.QueryData, h *plugin.HydrateData) (interface{}, error) {
+	database := h.Item.(sql.Database)
+	serverName := strings.Split(*database.ID, "/")[8]
+	databaseName := *database.Name
+	resourceGroupName := strings.Split(string(*database.ID), "/")[4]
+
+	session, err := GetNewSession(ctx, d, "MANAGEMENT")
+	if err != nil {
+		return nil, err
+	}
+	subscriptionID := session.SubscriptionID
+
+	client := sqlV5.NewDatabaseBlobAuditingPoliciesClientWithBaseURI(session.ResourceManagerEndpoint, subscriptionID)
+	client.Authorizer = session.Authorizer
+
+	op, err := client.ListByDatabase(ctx, resourceGroupName, serverName, databaseName)
+	if err != nil {
+		return nil, err
+	}
+
+	var blobPolicies []map[string]interface{}
+	for _, i := range op.Values() {
+		objectMap := make(map[string]interface{})
+		if i.ID != nil {
+			objectMap["id"] = i.ID
+		}
+		if i.Name != nil {
+			objectMap["name"] = i.Name
+		}
+		if i.Kind != nil {
+			objectMap["kind"] = i.Kind
+		}
+		if i.Type != nil {
+			objectMap["type"] = i.Type
+		}
+		if i.DatabaseBlobAuditingPolicyProperties != nil {
+			obMap := make(map[string]interface{})
+			if i.DatabaseBlobAuditingPolicyProperties.RetentionDays != nil {
+				obMap["retentionDays"] = i.DatabaseBlobAuditingPolicyProperties.RetentionDays
+			}
+			if i.DatabaseBlobAuditingPolicyProperties.AuditActionsAndGroups != nil {
+				obMap["AuditActionsAndGroups"] = i.DatabaseBlobAuditingPolicyProperties.AuditActionsAndGroups
+			}
+			if i.DatabaseBlobAuditingPolicyProperties.IsAzureMonitorTargetEnabled != nil {
+				obMap["isAzureMonitorTargetEnabled"] = i.DatabaseBlobAuditingPolicyProperties.IsAzureMonitorTargetEnabled
+			}
+			if i.DatabaseBlobAuditingPolicyProperties.IsStorageSecondaryKeyInUse != nil {
+				obMap["isStorageSecondaryKeyInUse"] = i.DatabaseBlobAuditingPolicyProperties.IsStorageSecondaryKeyInUse
+			}
+			if i.DatabaseBlobAuditingPolicyProperties.QueueDelayMs != nil {
+				obMap["queueDelayMs"] = i.DatabaseBlobAuditingPolicyProperties.QueueDelayMs
+			}
+			if i.DatabaseBlobAuditingPolicyProperties.State != "" {
+				obMap["state"] = i.DatabaseBlobAuditingPolicyProperties.State
+			}
+			if i.DatabaseBlobAuditingPolicyProperties.StorageEndpoint != nil {
+				obMap["storageEndpoint"] = i.DatabaseBlobAuditingPolicyProperties.StorageEndpoint
+			}
+			if i.DatabaseBlobAuditingPolicyProperties.StorageAccountAccessKey != nil {
+				obMap["storageAccountAccessKey"] = i.DatabaseBlobAuditingPolicyProperties.StorageAccountAccessKey
+			}
+			if i.DatabaseBlobAuditingPolicyProperties.StorageAccountSubscriptionID != nil {
+				obMap["storageAccountSubscriptionID"] = i.DatabaseBlobAuditingPolicyProperties.StorageAccountSubscriptionID
+			}
+			objectMap["databaseBlobAuditingPolicyProperties"] = obMap
+		}
+
+		blobPolicies = append(blobPolicies, objectMap)
+	}
+
+	if op.NotDone() {
+		for _, i := range op.Values() {
+			objectMap := make(map[string]interface{})
+			if i.ID != nil {
+				objectMap["id"] = i.ID
+			}
+			if i.Name != nil {
+				objectMap["name"] = i.Name
+			}
+			if i.Kind != nil {
+				objectMap["kind"] = i.Kind
+			}
+			if i.Type != nil {
+				objectMap["type"] = i.Type
+			}
+			if i.DatabaseBlobAuditingPolicyProperties != nil {
+				obMap := make(map[string]interface{})
+				if i.DatabaseBlobAuditingPolicyProperties.RetentionDays != nil {
+					obMap["retentionDays"] = i.DatabaseBlobAuditingPolicyProperties.RetentionDays
+				}
+				if i.DatabaseBlobAuditingPolicyProperties.AuditActionsAndGroups != nil {
+					obMap["AuditActionsAndGroups"] = i.DatabaseBlobAuditingPolicyProperties.AuditActionsAndGroups
+				}
+				if i.DatabaseBlobAuditingPolicyProperties.IsAzureMonitorTargetEnabled != nil {
+					obMap["isAzureMonitorTargetEnabled"] = i.DatabaseBlobAuditingPolicyProperties.IsAzureMonitorTargetEnabled
+				}
+				if i.DatabaseBlobAuditingPolicyProperties.IsStorageSecondaryKeyInUse != nil {
+					obMap["isStorageSecondaryKeyInUse"] = i.DatabaseBlobAuditingPolicyProperties.IsStorageSecondaryKeyInUse
+				}
+				if i.DatabaseBlobAuditingPolicyProperties.QueueDelayMs != nil {
+					obMap["queueDelayMs"] = i.DatabaseBlobAuditingPolicyProperties.QueueDelayMs
+				}
+				if i.DatabaseBlobAuditingPolicyProperties.State != "" {
+					obMap["state"] = i.DatabaseBlobAuditingPolicyProperties.State
+				}
+				if i.DatabaseBlobAuditingPolicyProperties.StorageEndpoint != nil {
+					obMap["storageEndpoint"] = i.DatabaseBlobAuditingPolicyProperties.StorageEndpoint
+				}
+				if i.DatabaseBlobAuditingPolicyProperties.StorageAccountAccessKey != nil {
+					obMap["storageAccountAccessKey"] = i.DatabaseBlobAuditingPolicyProperties.StorageAccountAccessKey
+				}
+				if i.DatabaseBlobAuditingPolicyProperties.StorageAccountSubscriptionID != nil {
+					obMap["storageAccountSubscriptionID"] = i.DatabaseBlobAuditingPolicyProperties.StorageAccountSubscriptionID
+				}
+				objectMap["databaseBlobAuditingPolicyProperties"] = obMap
+			}
+
+			blobPolicies = append(blobPolicies, objectMap)
+		}
+	}
+
+	return blobPolicies, nil
+}
+
 func listSqlDatabaseVulnerabilityAssessments(ctx context.Context, d *plugin.QueryData, h *plugin.HydrateData) (interface{}, error) {
 	database := h.Item.(sql.Database)
 	serverName := strings.Split(*database.ID, "/")[8]

diff --git a/azure/table_azure_sql_server.go b/azure/table_azure_sql_server.go
@@ -159,6 +159,13 @@ func tableAzureSQLServer(_ context.Context) *plugin.Table {
 				Hydrate:     listSQLServerVirtualNetworkRules,
 				Transform:   transform.FromValue(),
 			},
+			{
+				Name:        "audit_policy",
+				Description: "The SQL server blob auditing policy..",
+				Type:        proto.ColumnType_JSON,
+				Hydrate:     getSQLServerBlobPolicies,
+				Transform:   transform.FromValue(),
+			},
 
 			// Steampipe standard columns
 			{
@@ -403,6 +410,123 @@ func getSQLServerSecurityAlertPolicy(ctx context.Context, d *plugin.QueryData, h
 	return securityAlertPolicies, nil
 }
 
+func getSQLServerBlobPolicies(ctx context.Context, d *plugin.QueryData, h *plugin.HydrateData) (interface{}, error) {
+
+	server := h.Item.(sqlv3.Server)
+
+	session, err := GetNewSession(ctx, d, "MANAGEMENT")
+	if err != nil {
+		return nil, err
+	}
+	subscriptionID := session.SubscriptionID
+	resourceGroupName := strings.Split(string(*server.ID), "/")[4]
+
+	client := sql.NewServerBlobAuditingPoliciesClientWithBaseURI(session.ResourceManagerEndpoint, subscriptionID)
+	client.Authorizer = session.Authorizer
+
+	op, err := client.ListByServer(ctx, resourceGroupName, *server.Name)
+	if err != nil {
+		return nil, err
+	}
+
+	var blobPolicies []map[string]interface{}
+	for _, i := range op.Values() {
+		objectMap := make(map[string]interface{})
+		if i.ID != nil {
+			objectMap["id"] = i.ID
+		}
+		if i.Name != nil {
+			objectMap["name"] = i.Name
+		}
+		if i.Type != nil {
+			objectMap["type"] = i.Type
+		}
+		if i.ServerBlobAuditingPolicyProperties != nil {
+			obMap := make(map[string]interface{})
+			if i.ServerBlobAuditingPolicyProperties.RetentionDays != nil {
+				obMap["retentionDays"] = i.ServerBlobAuditingPolicyProperties.RetentionDays
+			}
+			if i.ServerBlobAuditingPolicyProperties.AuditActionsAndGroups != nil {
+				obMap["AuditActionsAndGroups"] = i.ServerBlobAuditingPolicyProperties.AuditActionsAndGroups
+			}
+			if i.ServerBlobAuditingPolicyProperties.IsAzureMonitorTargetEnabled != nil {
+				obMap["isAzureMonitorTargetEnabled"] = i.ServerBlobAuditingPolicyProperties.IsAzureMonitorTargetEnabled
+			}
+			if i.ServerBlobAuditingPolicyProperties.IsStorageSecondaryKeyInUse != nil {
+				obMap["isStorageSecondaryKeyInUse"] = i.ServerBlobAuditingPolicyProperties.IsStorageSecondaryKeyInUse
+			}
+			if i.ServerBlobAuditingPolicyProperties.QueueDelayMs != nil {
+				obMap["queueDelayMs"] = i.ServerBlobAuditingPolicyProperties.QueueDelayMs
+			}
+			if i.ServerBlobAuditingPolicyProperties.State != "" {
+				obMap["state"] = i.ServerBlobAuditingPolicyProperties.State
+			}
+			if i.ServerBlobAuditingPolicyProperties.StorageEndpoint != nil {
+				obMap["storageEndpoint"] = i.ServerBlobAuditingPolicyProperties.StorageEndpoint
+			}
+			if i.ServerBlobAuditingPolicyProperties.StorageAccountAccessKey != nil {
+				obMap["storageAccountAccessKey"] = i.ServerBlobAuditingPolicyProperties.StorageAccountAccessKey
+			}
+			if i.ServerBlobAuditingPolicyProperties.StorageAccountSubscriptionID != nil {
+				obMap["storageAccountSubscriptionID"] = i.ServerBlobAuditingPolicyProperties.StorageAccountSubscriptionID
+			}
+			objectMap["serverBlobAuditingPolicyProperties"] = obMap
+		}
+
+		blobPolicies = append(blobPolicies, objectMap)
+	}
+
+	if op.NotDone() {
+		for _, i := range op.Values() {
+			objectMap := make(map[string]interface{})
+			if i.ID != nil {
+				objectMap["id"] = i.ID
+			}
+			if i.Name != nil {
+				objectMap["name"] = i.Name
+			}
+			if i.Type != nil {
+				objectMap["type"] = i.Type
+			}
+			if i.ServerBlobAuditingPolicyProperties != nil {
+				obMap := make(map[string]interface{})
+				if i.ServerBlobAuditingPolicyProperties.RetentionDays != nil {
+					obMap["retentionDays"] = i.ServerBlobAuditingPolicyProperties.RetentionDays
+				}
+				if i.ServerBlobAuditingPolicyProperties.AuditActionsAndGroups != nil {
+					obMap["AuditActionsAndGroups"] = i.ServerBlobAuditingPolicyProperties.AuditActionsAndGroups
+				}
+				if i.ServerBlobAuditingPolicyProperties.IsAzureMonitorTargetEnabled != nil {
+					obMap["isAzureMonitorTargetEnabled"] = i.ServerBlobAuditingPolicyProperties.IsAzureMonitorTargetEnabled
+				}
+				if i.ServerBlobAuditingPolicyProperties.IsStorageSecondaryKeyInUse != nil {
+					obMap["isStorageSecondaryKeyInUse"] = i.ServerBlobAuditingPolicyProperties.IsStorageSecondaryKeyInUse
+				}
+				if i.ServerBlobAuditingPolicyProperties.QueueDelayMs != nil {
+					obMap["queueDelayMs"] = i.ServerBlobAuditingPolicyProperties.QueueDelayMs
+				}
+				if i.ServerBlobAuditingPolicyProperties.State != "" {
+					obMap["state"] = i.ServerBlobAuditingPolicyProperties.State
+				}
+				if i.ServerBlobAuditingPolicyProperties.StorageEndpoint != nil {
+					obMap["storageEndpoint"] = i.ServerBlobAuditingPolicyProperties.StorageEndpoint
+				}
+				if i.ServerBlobAuditingPolicyProperties.StorageAccountAccessKey != nil {
+					obMap["storageAccountAccessKey"] = i.ServerBlobAuditingPolicyProperties.StorageAccountAccessKey
+				}
+				if i.ServerBlobAuditingPolicyProperties.StorageAccountSubscriptionID != nil {
+					obMap["storageAccountSubscriptionID"] = i.ServerBlobAuditingPolicyProperties.StorageAccountSubscriptionID
+				}
+				objectMap["serverBlobAuditingPolicyProperties"] = obMap
+			}
+
+			blobPolicies = append(blobPolicies, objectMap)
+		}
+	}
+
+	return blobPolicies, nil
+}
+
 func getSQLServerAzureADAdministrator(ctx context.Context, d *plugin.QueryData, h *plugin.HydrateData) (interface{}, error) {
 	plugin.Logger(ctx).Trace("getSQLServerAzureADAdministrator")
 	server := h.Item.(sqlv3.Server)