Public/functions/New-DssConfig.ps1

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
function New-DssConfig {
    <#
    .SYNOPSIS
        Creates a New configuration for a security scan

    .PARAMETER SqlInstance
        SQL Server instance holding the databse to be used as the base for the configuration

    .PARAMETER SqlCredential
        A PSCredential object to connect to SqlInstance

    .PARAMETER Database
        Database to use as basis for config

    .PARAMETER UserConfig
        Switch to indicate you want a user based config

    .PARAMETER SchemaConfig
        Switch to indicate you want a Schema based config

    .PARAMETER ObjectConfig
        Switch to indicate you an Object based config

    .PARAMETER ConfigPath
        Where to save the generated config, if not specified it will go to STDOUT

    .PARAMETER ExcludeSystemObjects
        By default the object config does not include system objects. This switch overrides that and returns all objects

    .EXAMPLE
        New-DssConfig -SqlInstance local\instance1 -Database db1

        Generates all the config json for db1 on local\instance1

    .EXAMPLE
        New-DssConfig -SqlInstance local\instance1 -Database db1 -UserConfig

        Generates the User config json for db1 on local\instance1

    .EXAMPLE
        New-DssConfig -SqlInstance local\instance1 -Database db1 -UserConfig -SchemaConfig

        Generates the User and Schema config json for db1 on local\instance1
    #>

    [CmdletBinding(DefaultParameterSetName = "Default")]
    param (
        [string]$SqlInstance,
        [PSCredential]$SqlCredential,
        [string]$ConfigPath,
        [string]$Database,
        [switch]$UserConfig,
        [switch]$RoleConfig,
        [switch]$SchemaConfig,
        [switch]$ObjectConfig,
        [switch]$IncludeSystemObjects
    )
    begin {}
    process {}
    end {
        $configSwitch = $true
        if ($UserConfig -or $SchemaConfig -or $RoleConfig -or $ObjectConfig){
            $configSwitch = $false
        }
        if ($UserConfig -or $configSwitch) {
            Write-Verbose -Message "Fetching User config"
            $configUser = New-DssUserConfig -SqlInstance $SqlInstance -SqlCredential $SqlCredential -Database $Database
        } 
        if ($RoleConfig -or $configSwitch) {
            Write-Verbose -Message "Fetching Role config"
            $configRole = New-DssRoleConfig -SqlInstance $SqlInstance -SqlCredential $SqlCredential -Database $Database
        } 
        if ($SchemaConfig -or $configSwitch) {
            Write-Verbose -Message "Fetching Schema config"
            $configSchema = New-DssSchemaConfig -SqlInstance $SqlInstance -SqlCredential $SqlCredential -Database $Database
        } 
        if ($ObjectConfig -or $configSwitch) {
            Write-Verbose -Message "Fetching Object config"
            $configObject = New-DssObjectConfig -SqlInstance $SqlInstance -SqlCredential $SqlCredential -Database $Database -IncludeSystemObjects:$IncludeSystemObjects
        }

        $output = [PsCustomObject]@{
                    roles = $configRole
                    users = $configUser
                    schemas = $configSchema
                    objects = $configObject
        } 

        if ($ConfigPath -ne ''){
            $output | ConvertTo-Json -Depth 7 | Out-File $ConfigPath
        } else {
            $output
        }
    }
}