def _create_diagnostic_settings(cli_ctx, acr, workspace): from azure.mgmt.monitor import MonitorManagementClient from azure.mgmt.monitor.models import (DiagnosticSettingsResource, RetentionPolicy, LogSettings, MetricSettings) from azure.cli.core.commands.client_factory import get_mgmt_service_client client = get_mgmt_service_client(cli_ctx, MonitorManagementClient) def_retention_policy = RetentionPolicy(enabled=True, days=0) logs = [ LogSettings(enabled=True, category="ContainerRegistryRepositoryEvents", retention_policy=def_retention_policy), LogSettings(enabled=True, category="ContainerRegistryLoginEvents", retention_policy=def_retention_policy) ] metrics = [ MetricSettings(enabled=True, category="AllMetrics", retention_policy=def_retention_policy) ] parameters = DiagnosticSettingsResource(workspace_id=workspace, metrics=metrics, logs=logs) client.diagnostic_settings.create_or_update( resource_uri=acr.id, parameters=parameters, name=DEF_DIAG_SETTINGS_NAME_TEMPLATE.format(acr.name))
def create_diagnostic_setting(self, monitor_client, key_vault_id, key_vault_name, stg_account_id, log): """Creates a diagnostic setting :param monitor_client: Instance of the Azure StorageManagementClient. :param key_vault_id: The resource Id of the Key Vault. :param key_vault_name: Name of the Key Vault. :param stg_account_id: The Storage Account resource Id. :param log: Instance of Azure Monitor LogSettings :type monitor_client: object :type log: object :type key_vault_id: str :type key_vault_name: str :type stg_account_id: str :returns: None :rtype: None """ logging.info(" Creating a Diagnostic setting for key vault logs") logging.info( " executing monitor_client.diagnostic_settings.create_or_update" ) logging.info(f" resource_uri={key_vault_id}") logging.info(f" name={key_vault_name}") monitor_client.diagnostic_settings.create_or_update( resource_uri=key_vault_id, name=key_vault_name, parameters=DiagnosticSettingsResource( storage_account_id=stg_account_id, logs=[log], ), )
def test_remediate_success_with_stg(self): client_id = Mock() tenant_id = Mock() storage_client = Mock() keyvault_client = Mock() monitor_client = Mock() graph_client = Mock() credentials = Mock() log = LogSettings( category="AuditEvent", enabled=True, retention_policy=RetentionPolicy(enabled=True, days=180), ) action = EnableKeyVaultLogging() action.check_stg_account = Mock() action.create_diagnostic_setting = Mock() """ StorageAccountListResult = Mock() storage_accounts_list = [] storage_accounts_list.append(StorageAccountListResult) action.check_stg_account.return_value = storage_accounts_list """ action.check_stg_account.return_value = StorageAccount( id= "/subscriptions/d687b1a3-9b78-43b1-a17b-7de297fd1fce/resourceGroups/kshrutika-1/providers/Microsoft.Storage/storageAccounts/chss538f633keyvaultlogs", name="chss538f633keyvaultlogs", location="eastus", ) action.create_diagnostic_setting.return_value = DiagnosticSettingsResource( storage_account_id= "/subscriptions/d687b1a3-9b78-43b1-a17b-7de297fd1fce/resourceGroups/kshrutika-1/providers/Microsoft.Storage/storageAccounts/chss538f633keyvaultlogs", logs=[log], ) assert (action.remediate( client_id, tenant_id, keyvault_client, monitor_client, storage_client, graph_client, credentials, "resource_group", "key_vault_name", "region", "subscription_id", ) == 0) assert action.create_diagnostic_setting.call_count == 1
def create_diagnostics_settings(client, name, resource_uri, logs=None, metrics=None, event_hub=None, event_hub_rule=None, storage_account=None, workspace=None): from azure.mgmt.monitor.models import DiagnosticSettingsResource parameters = DiagnosticSettingsResource( storage_account_id=storage_account, workspace_id=workspace, event_hub_name=event_hub, event_hub_authorization_rule_id=event_hub_rule, metrics=metrics, logs=logs) return client.create_or_update(resource_uri=resource_uri, parameters=parameters, name=name)
def create_diagnostics_settings(client, name, resource_uri, logs=None, metrics=None, event_hub=None, event_hub_rule=None, storage_account=None, workspace=None, export_to_resource_specific=None): from azure.mgmt.monitor.models import DiagnosticSettingsResource from knack.util import CLIError if export_to_resource_specific and workspace is None: raise CLIError('usage error: --workspace and --export-to-specific-resource') parameters = DiagnosticSettingsResource(storage_account_id=storage_account, workspace_id=workspace, event_hub_name=event_hub, event_hub_authorization_rule_id=event_hub_rule, metrics=metrics, logs=logs, log_analytics_destination_type='Dedicated' if export_to_resource_specific else None) return client.create_or_update(resource_uri=resource_uri, parameters=parameters, name=name)