AzSDK

2.8.1

Framework/Core/MetadataInfo/ControlsInfo.ps1

                                using namespace System.Management.Automation

Set-StrictMode -Version Latest 

class ControlsInfo: CommandBase

{    

    hidden [string] $ResourceTypeName

    hidden [string] $ResourceType

    hidden [bool] $BaslineControls

    hidden [PSObject] $ControlSettings

    hidden [string[]] $Tags = @();

    hidden [string[]] $ControlIds = @();

    ControlsInfo([string] $subscriptionId, [InvocationInfo] $invocationContext, [string] $resourceTypeName, [string] $resourceType, [string] $controlIds, [bool] $baslineControls, [string] $tags) : 

        Base($subscriptionId, $invocationContext)

    { 

        $this.ResourceTypeName = $resourceTypeName;

        $this.ResourceType = $resourceType;

        $this.BaslineControls = $baslineControls;

        if(-not [string]::IsNullOrEmpty($tags))

        {

            $this.Tags += $this.ConvertToStringArray($tags);

        }

        if(-not [string]::IsNullOrEmpty($controlIds))

        {

            $this.ControlIds += $this.ConvertToStringArray($controlIds);

        }

    }

    GetControlDetails() 

    {

        $resourcetypes = @() 

        $SVTConfig = @{} 

        # Filter Control for Resource Type / Resource Type Name

        #throw if user has set params for ResourceTypeName and ResourceType

        #Default value of ResourceTypeName is All.

        if($this.ResourceTypeName -ne [ResourceTypeName]::All -and -not [string]::IsNullOrWhiteSpace($this.ResourceType)){

            throw [SuppressedException] "Both the parameters 'ResourceTypeName' and 'ResourceType' contains values. You should use only one of these parameters."

        }

        if (-not [string]::IsNullOrEmpty($this.ResourceType)) 

        {

            $resourcetypes += ([SVTMapping]::Mapping |

                    Where-Object { $_.ResourceType -eq $this.ResourceType } | Select-Object JsonFileName)

        }

        elseif($this.ResourceTypeName -ne [ResourceTypeName]::All)

        {

            $resourcetypes += ([SVTMapping]::Mapping |

                    Where-Object { $_.ResourceTypeName -eq $this.ResourceTypeName } | Select-Object JsonFileName)

        }

        else

        {

            $resourcetypes += ([SVTMapping]::Mapping | Select-Object JsonFileName)

            $resourcetypes += ([SVTMapping]::SubscriptionMapping | Select-Object JsonFileName)

        }

        # Fetch control Setting data

        $this.ControlSettings = [ConfigurationManager]::LoadServerConfigFile("ControlSettings.json");

        # Filter control for baseline controls

        if($this.BaslineControls)

        {

            $baselineControls = $this.ControlSettings.BaselineControls

            $this.ControlIds += $baselineControls.ResourceTypeControlIdMappingList | Select ControlIds | ForEach-Object {  $_.ControlIds }

        }

        $resourcetypes | ForEach-Object{

                    $controls = [ConfigurationManager]::GetSVTConfig($_.JsonFileName); 

                    # Filter control for enable only            

                    $controls.Controls = ($controls.Controls | Where-Object { $_.Enabled -eq $true })

                    # Filter control for ControlId

                    if ([Helpers]::CheckMember($controls, "Controls") -and $this.ControlIds.Count -gt 0) 

                    {

                        $controls.Controls = ($controls.Controls | Where-Object { $this.ControlIds -contains $_.ControlId })

                    }

                    # Filter control for Tags

                    if ([Helpers]::CheckMember($controls, "Controls") -and $this.Tags.Count -gt 0) 

                    {

                        $controls.Controls = ($controls.Controls | Where-Object { ((Compare-Object $_.Tags $this.Tags -PassThru -IncludeEqual -ExcludeDifferent) | Measure-Object).Count -gt 0 })

                    }

                    if ([Helpers]::CheckMember($controls, "Controls") -and $controls.Controls.Count -gt 0)

                    {

                        $SVTConfig.Add($controls.FeatureName, $controls.Controls)

                    } 

                }

        if($SVTConfig.Keys.Count -gt 0)

        {

            $SVTConfig.Keys  | Foreach-Object {

                $this.PublishCustomMessage([Constants]::DoubleDashLine, [MessageType]::Info);

                $this.PublishCustomMessage([Constants]::SingleDashLine, [MessageType]::Info);

                $this.PublishCustomMessage("Control details of : " + $_);

                $this.PublishCustomMessage([Constants]::SingleDashLine, [MessageType]::Info);

                $SVTConfig[$_] | Foreach-Object {

                    $_.Description = $global:ExecutionContext.InvokeCommand.ExpandString($_.Description)

                    $_.Recommendation = $global:ExecutionContext.InvokeCommand.ExpandString($_.Recommendation)

                    $this.PublishCustomMessage([Helpers]::ConvertObjectToString(($_ | Select-Object -Property ControlID, Description, ControlSeverity,Rationale,Recommendation,Tags), $false));

                }

                $this.PublishCustomMessage([Constants]::SingleDashLine, [MessageType]::Info);

            }

        }

        else

        {

            $this.PublishCustomMessage([Constants]::SingleDashLine, [MessageType]::Info);

            $this.PublishCustomMessage("No controls have been found.");

            $this.PublishCustomMessage([Constants]::SingleDashLine, [MessageType]::Info);

        }

    }

}