AzSDK

2.8.1

Framework/Helpers/Constants.ps1

                                Set-StrictMode -Version Latest 

class Constants

{

    #All constant used across all modules Defined Here.

    static [string] $DoubleDashLine    = "================================================================================"

    static [string] $HashLine          = "################################################################################"

    static [string] $SingleDashLine    = "--------------------------------------------------------------------------------"

    static [string] $UnderScoreLineLine= "________________________________________________________________________________"

    static [string] $RemediationMsg = "** Next steps **`r`n" + 

"Look at the individual control evaluation status in the CSV file.`r`n" +

"        a) If the control has passed, no action is necessary.`r`n" +

"        b) If the control has failed, look at the control evaluation detail in the LOG file to understand why.`r`n" +

"        c) If the control status says 'Verify', it means that human judgement is required to determine the final control status. Look at the control evaluation output in the LOG file to make a determination.`r`n" +

"        d) If the control status says 'Manual', it means that AzSDK (currently) does not cover the control via automation OR AzSDK is not able to fetch the data. You need to manually implement/verify it.`r`n" +

"`r`nNote: The 'Recommendation' column in the CSV file provides basic (generic) guidance that can help you fix a failed control. You can also use standard Azure product documentation. You should carefully consider the implications of making the required change in the context of your application. `r`n"

    static [string] $OfflineModeWarning = "Running in offline policy mode. Commands will run against local JSON files!"

    #Constants for SVTs

    static [string] $ModuleStartHeading = [Constants]::DoubleDashLine +

    "`r`nStarting analysis: [FeatureName: {0}] [ResourceGroupName: {1}] [ResourceName: {2}] `r`n" + [Constants]::SingleDashLine

     static [string] $ModuleStartHeadingSub = [Constants]::DoubleDashLine +

    "`r`nStarting analysis: [FeatureName: {0}] [SubscriptionName: {1}] [SubscriptionId: {2}] `r`n" + [Constants]::SingleDashLine

    static [string] $AnalysingControlHeading =  "Checking: [{0}]-[{1}]"

    static [string] $AnalysingControlHeadingSub =  "Checking: [{0}]-[{1}]"

    static [string] $CompletedAnalysis = [Constants]::SingleDashLine + "`r`nCompleted analysis: [FeatureName: {0}] [ResourceGroupName: {1}] [ResourceName: {2}] `r`n" + [Constants]::DoubleDashLine

    static [string] $CompletedAnalysisSub = [Constants]::SingleDashLine + "`r`nCompleted analysis: [FeatureName: {0}] [SubscriptionName: {1}] [SubscriptionId: {2}] `r`n" + [Constants]::DoubleDashLine

    #Constants for Attestation

    static [string] $ModuleAttestStartHeading = [Constants]::DoubleDashLine +

    "`r`nInfo: Starting attestation [{3}/{4}]- [FeatureName: {0}] [ResourceGroupName: {1}] [ResourceName: {2}] `r`n" + [Constants]::SingleDashLine

     static [string] $ModuleAttestStartHeadingSub = [Constants]::DoubleDashLine +

    "`r`nInfo: Starting attestation - [FeatureName: {0}] [SubscriptionName: {1}] [SubscriptionId: {2}] `r`n" + [Constants]::SingleDashLine

    static [string] $CompletedAttestAnalysis = [Constants]::SingleDashLine + "`r`nCompleted attestation: [FeatureName: {0}] [ResourceGroupName: {1}] [ResourceName: {2}] `r`n" + [Constants]::DoubleDashLine

    static [string] $CompletedAttestAnalysisSub = [Constants]::SingleDashLine + "`r`nCompleted attestation: [FeatureName: {0}] [SubscriptionName: {1}] [SubscriptionId: {2}] `r`n" + [Constants]::DoubleDashLine

    static [string] $AzSdkModuleName = "AzSDK";

    static [string] $StateContainerName = "azsdk-controls-state"

    static [string] $CentralScanContainerName = "azsdk-scan-objects"

    static [string] $BaselineContainerName = "azsdk-controls-baseline"

    static [string] $CALogsContainerName= "azsdkexecutionlogs"

    static [string] $AzSdkAppFolderPath = $Env:LOCALAPPDATA + "\Microsoft\" + [Constants]::AzSdkModuleName

    static [string] $AzSdkLogFolderPath = $Env:LOCALAPPDATA + "\Microsoft\"

    static [string] $AzSdkTempFolderPath = $env:TEMP + "\" + [Constants]::AzSdkModuleName + "\"

    static [string] $ARMManagementUri = "https://management.azure.com/";    

    static [string] $VersionCheckMessage = "A newer version of AzSDK is available: Version {0} `r`nTo update, run the command below in a fresh PS window:`r`n" ;

    static [string] $VersionWarningMessage = ("Using the latest version ensures that AzSDK security commands you run use the latest, most up-to-date controls. `r`nResults from the current version should not be considered towards compliance requirements.`r`n" + [Constants]::DoubleDashLine);

    static [string] $UsageTelemetryKey = "cf4c5e1a-d68d-4ea1-9901-37b67f58a192";

    static [string] $AzSDKRGLocation = "eastus2";

    static [string] $OMSRequestURI = "https://management.azure.com/{0}?api-version=2015-03-20";

    static [string] $NewStorageSku = "Standard_GRS";

    #V1 alert RG name constant is temporary and added for backward compatibility

    static [string] $V1AlertRGName = "AzSDKAlertsRG";

    static [string] $AlertActionGroupName = "AzSDKAlertActionGroup"

    # Append recommendation when control require elevated permission

    static [string] $RequireOwnerPermMessage = "(The status for this control has been marked as 'Manual' because elevated (Co-Admin/Owner/Contributor) permission is required to check security configuration for this resource. You can re-run the control with the appropriate privilege.) "

    static [string] $OwnerAccessTagName = "OwnerAccess"

    static [string] $BlankSubscriptionId = "00000000-0000-0000-0000-000000000000"

    static [string] $BlankSubscriptionName = "AzSDK Empty Subscription"

    static [string] $BlankScope = "/subscriptions/00000000-0000-0000-0000-000000000000";

    static [string] $CentralRBACVersionTagName = "CentralRBACVersion"

    static [string] $DeprecatedRBACVersionTagName = "DeprecatedRBACVersion"

    static [string] $ARMPolicyConfigVersionTagName = "ARMPolicyConfigVersion"

    static [string] $AzSDKAlertsVersionTagName = "AzSDKAlertsVersion"

    static [string] $SecurityCenterConfigVersionTagName = "SecurityCenterConfigVersion"

    static [int] $DefaultControlExpiryInDays = 90

    static [void] SetAzSDKModuleName($moduleName)

    {

        if(-not [string]::IsNullOrWhiteSpace($moduleName))

        {

            [Constants]::AzSdkModuleName = $moduleName;

            [Constants]::AzSdkAppFolderPath = $Env:LOCALAPPDATA + "\Microsoft\" + [Constants]::AzSdkModuleName

            [Constants]::AzSdkTempFolderPath = $env:TEMP + "\" + [Constants]::AzSdkModuleName + "\"

        }

    }

}