def get_mysql_management_client(cli_ctx, **_):
from os import getenv
from azure.mgmt.rdbms.mysql import MySQLManagementClient
# Allow overriding resource manager URI using environment variable
# for testing purposes. Subscription id is also determined by environment
# variable.
rm_uri_override = getenv(RM_URI_OVERRIDE)
if rm_uri_override:
client_id = getenv(CLIENT_ID)
if client_id:
from azure.common.credentials import ServicePrincipalCredentials
credentials = ServicePrincipalCredentials(
client_id=client_id,
secret=getenv(CLIENT_SECRET),
tenant=getenv(TENANT_ID))
else:
from msrest.authentication import Authentication # pylint: disable=import-error
credentials = Authentication()
return MySQLManagementClient(
subscription_id=getenv(SUB_ID_OVERRIDE),
base_url=rm_uri_override,
credentials=credentials)
else:
# Normal production scenario.
return get_mgmt_service_client(cli_ctx, MySQLManagementClient)
def run(self,list_subscription_name,list_dbserver_type,subscription_id,client_id,client_tenant):
list_result = list()
for subscription_name in list_subscription_name:
print subscription_name
for dbserver_type in list_dbserver_type:
print dbserver_type
subscriptionid = subscription_id[subscription_name]
client = Client(base_url='http://localhost')
client_secret = client.keys.get_by_name(name='azure_stackstorm_secret', decrypt=True)
credentials = ServicePrincipalCredentials(client_id, client_secret.value, tenant=client_tenant, china=True)
if dbserver_type == "mysql":
dbserverclient = MySQLManagementClient(credentials, subscriptionid, base_url="https://management.chinacloudapi.cn")
if dbserver_type == "postgresql":
dbserverclient = PostgreSQLManagementClient(credentials, subscriptionid, base_url="https://management.chinacloudapi.cn")
if dbserver_type == "sqlserver":
dbserverclient = SqlManagementClient(credentials, subscriptionid, base_url="https://management.chinacloudapi.cn")
list_dict_resgroup_dbserver = self._list_all_dbserverserver(dbserverclient)
num = len(list_dict_resgroup_dbserver)
for n in range(0, num):
dict_resgroup_rules = dict()
list_rule =self._list_firewall_rule(dbserverclient,list_dict_resgroup_dbserver[n]["resource_group"],list_dict_resgroup_dbserver[n]["dbserver_name"])
dict_resgroup_rules["resource_group"] = list_dict_resgroup_dbserver[n]["resource_group"]
dict_resgroup_rules["dbserver_name"] = list_dict_resgroup_dbserver[n]["dbserver_name"]
dict_resgroup_rules["rule_name"] = list_rule
now_time = datetime.datetime.now().strftime("%y-%m-%d")
rule_num = len(dict_resgroup_rules["rule_name"])
for i in range(0, rule_num):
if dict_resgroup_rules["rule_name"][i].split('_')[0] == now_time:
result = self._delete_rule(dbserverclient,dict_resgroup_rules["resource_group"],dict_resgroup_rules["dbserver_name"],dict_resgroup_rules["rule_name"][i])
list_result.append(result)
return (True,list_result)
def run(self, args):
"""Run the remediation job.
:param args: List of arguments provided to the job.
:type args: list.
:returns: int
"""
params = self.parse(args[1])
credential = ClientSecretCredential(
client_id=os.environ.get("AZURE_CLIENT_ID"),
client_secret=os.environ.get("AZURE_CLIENT_SECRET"),
tenant_id=os.environ.get("AZURE_TENANT_ID"),
)
client = MySQLManagementClient(credential, params["subscription_id"])
return self.remediate(
client,
params["resource_group_name"],
params["mysql_server_name"],
)
def get_mysql_flexible_management_client(cli_ctx, **_):
from os import getenv
from azure.mgmt.rdbms.mysql_flexibleservers import MySQLManagementClient
# Allow overriding resource manager URI using environment variable
# for testing purposes. Subscription id is also determined by environment
# variable.
rm_uri_override = getenv(RM_URI_OVERRIDE)
if rm_uri_override:
client_id = getenv(AZURE_CLIENT_ID)
if client_id:
credentials = get_environment_credential()
else:
from msrest.authentication import Authentication # pylint: disable=import-error
credentials = Authentication()
return MySQLManagementClient(subscription_id=getenv(SUB_ID_OVERRIDE),
base_url=rm_uri_override,
credential=credentials)
# Normal production scenario.
return get_mgmt_service_client(cli_ctx, MySQLManagementClient)
def _get_resource_iterator(record_type, credentials,
sub_index, sub, tenant):
"""Return an appropriate iterator for ``record_type``.
Arguments:
record_type (str): Record type.
credentials (ServicePrincipalCredentials): Credentials.
sub_index (int): Subscription index (for logging only).
sub (Subscription): Subscription object.
tenant (str): Tenant ID (for logging only).
Returns:
msrest.paging.Paged: An Azure paging container for iterating
over a list of Azure resource objects.
"""
sub_id = sub.get('subscription_id')
if record_type == 'virtual_machine':
client = ComputeManagementClient(credentials, sub_id)
return client.virtual_machines.list_all()
if record_type == 'app_gateway':
client = NetworkManagementClient(credentials, sub_id)
return client.application_gateways.list_all()
if record_type == 'lb':
client = NetworkManagementClient(credentials, sub_id)
return client.load_balancers.list_all()
if record_type == 'nic':
client = NetworkManagementClient(credentials, sub_id)
return client.network_interfaces.list_all()
if record_type == 'nsg':
client = NetworkManagementClient(credentials, sub_id)
return client.network_security_groups.list_all()
if record_type == 'public_ip':
client = NetworkManagementClient(credentials, sub_id)
return client.public_ip_addresses.list_all()
if record_type == 'storage_account':
client = StorageManagementClient(credentials, sub_id)
return client.storage_accounts.list()
if record_type == 'resource_group':
client = ResourceManagementClient(credentials, sub_id)
return client.resource_groups.list()
if record_type == 'mysql_server':
client = MySQLManagementClient(credentials, sub_id)
return client.servers.list()
if record_type == 'web_apps':
client = WebSiteManagementClient(credentials, sub_id)
return client.web_apps.list()
# If control reaches here, there is a bug in this plugin. It means
# there is a value in record_types variable in _get_subscriptions
# that is not handled in the above if-statements.
_log.warning('Unrecognized record_type: %s; %s', record_type,
util.outline_az_sub(sub_index, sub, tenant))
return None