AzSDK

2.2.0

Framework/Core/SVT/ServicesSecurityStatus.ps1

Set-StrictMode -Version Latest 
class ServicesSecurityStatus: SVTCommandBase
{
    [SVTResourceResolver] $Resolver = $null;

    ServicesSecurityStatus([string] $subscriptionId, [InvocationInfo] $invocationContext, [SVTResourceResolver] $resolver): 
        Base($subscriptionId, $invocationContext)
    { 
        if(-not $resolver)
        {
            throw [System.ArgumentException] ("The argument 'resolver' is null");
        }

        $this.Resolver = $resolver;
        $this.Resolver.LoadAzureResources();
    }

    hidden [SVTEventContext[]] RunAllControls()
    {
        [SVTEventContext[]] $result = @();
        $this.PublishCustomMessage("Number of resources found: $($this.Resolver.SVTResources.Count)");
        $nonAutomatedResources = [array] ($this.Resolver.SVTResources | Where-Object { $null -eq $_.ResourceTypeMapping });
        $automatedResources = [array] ($this.Resolver.SVTResources | Where-Object { $_.ResourceTypeMapping });
        
        $this.PublishCustomMessage("Number of resources for which security controls will be evaluated: $(($automatedResources | Measure-Object).Count)");

        if(($nonAutomatedResources | Measure-Object).Count -gt 0)
        {
            $this.PublishCustomMessage("Number of resources for which security controls will NOT be evaluated: $($nonAutomatedResources.Count)", [MessageType]::Warning);
        
            $nonAutomatedResTypes = [array] ($nonAutomatedResources | Select-Object -Property ResourceType -Unique);
            $this.PublishCustomMessage([MessageData]::new("Security controls are yet to be automated for the following service types: ", $nonAutomatedResTypes));

            $this.PublishAzSdkRootEvent([AzSdkRootEvent]::UnsupportedResources, $nonAutomatedResources); 
        }
        
        $totalResources = ($automatedResources | Measure-Object).Count;
        [int] $currentCount = 0;
        $automatedResources | ForEach-Object {
            try 
            {
                $currentCount += 1;
                if($totalResources -gt 1)
                {
                    $this.PublishCustomMessage("Checking resource [$currentCount/$totalResources]");
                }
                $svtClassName = $_.ResourceTypeMapping.ClassName;
                $svtObject = New-Object -TypeName $svtClassName -ArgumentList $this.SubscriptionContext.SubscriptionId, $_
                
                $this.SetSVTBaseProperties($svtObject);

                $result += $svtObject.EvaluateAllControls();

                # Register/Deregister all listeners to cleanup the memory
                [ListenerHelper]::RegisterListeners();
            }
            catch 
            {
                $this.CommandError($_);
            }   
        }

        return $result;
    }
}