Framework/Core/SVT/Services/DataLakeAnalytics.ps1

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
Set-StrictMode -Version Latest 
class DataLakeAnalytics: SVTBase
{       
    hidden [PSObject] $ResourceObject;

    DataLakeAnalytics([string] $subscriptionId, [string] $resourceGroupName, [string] $resourceName): 
        Base($subscriptionId, $resourceGroupName, $resourceName) 
    { 
        $this.GetResourceObject();
    }

    DataLakeAnalytics([string] $subscriptionId, [SVTResource] $svtResource): 
        Base($subscriptionId, $svtResource) 
    { 
        $this.GetResourceObject();
    }

    hidden [PSObject] GetResourceObject()
    {
        if (-not $this.ResourceObject) {
            $this.ResourceObject = Get-AzDataLakeAnalyticsAccount -Name $this.ResourceContext.ResourceName `
                                            -ResourceGroupName $this.ResourceContext.ResourceGroupName
            if(-not $this.ResourceObject)
            {
                throw ([SuppressedException]::new(("Resource '{0}' not found under Resource Group '{1}'" -f ($this.ResourceContext.ResourceName), ($this.ResourceContext.ResourceGroupName)), [SuppressedExceptionType]::InvalidOperation))
            }
        }
        return $this.ResourceObject;
    }
   
    hidden [ControlResult] CheckEncryptionAtRest([ControlResult] $controlResult)
    {   
        $defaultADLSAccount = Get-AzDataLakeStoreAccount -Name $this.ResourceObject.DefaultDataLakeStoreAccount -ResourceGroupName $this.ResourceContext.ResourceGroupName

        if($defaultADLSAccount)
        {
            $encryptionSettings = $defaultADLSAccount | Select-Object -Property EncryptionConfig, EncryptionState, EncryptionProvisioningState
            if($defaultADLSAccount.EncryptionState -eq [Microsoft.Azure.Management.DataLake.Store.Models.EncryptionState]::Enabled)
            {
                $controlResult.VerificationResult = [VerificationResult]::Passed;
            }
            else
            {
                $controlResult.VerificationResult = [VerificationResult]::Failed;
            }

            $controlResult.AddMessage("Encryption settings of default Data Lake Store account [$($this.ResourceObject.DefaultDataLakeStoreAccount)]", $encryptionSettings);    
        }
        else
        {
            $controlResult.AddMessage([MessageData]::new("We are not able to fetch the details of default Data Lake Store account [$($this.ResourceObject.DefaultDataLakeStoreAccount)]", [MessageType]::Error)); 
        
        }
        return $controlResult;
    }
}