/** * Checks whether access to the given storage account is allowed from all networks. * * @param inner the storage account * @return true if access allowed from all networks, false otherwise */ static boolean isAccessAllowedFromAllNetworks(final StorageAccountInner inner) { if (inner.networkRuleSet() == null || inner.networkRuleSet().defaultAction() == null) { return true; } return inner.networkRuleSet().defaultAction().equals(DefaultAction.ALLOW); }
/** * Checks whether access to the given storage account is allowed from all networks. * * @param inner the storage account * @return true if access allowed from all networks, false otherwise */ static boolean isAccessAllowedFromAllNetworks(final StorageAccountInner inner) { if (inner.networkRuleSet() == null || inner.networkRuleSet().defaultAction() == null) { return true; } return inner.networkRuleSet().defaultAction().equals(DefaultAction.ALLOW); }
/** * Checks storage account can be accessed from applications running on azure. * * @param inner the storage account * @return true if storage can be accessed from application running on azure, false otherwise */ static boolean canAccessFromAzureServices(final StorageAccountInner inner) { if (inner.networkRuleSet() != null && inner.networkRuleSet().defaultAction() != null && inner.networkRuleSet().defaultAction().equals(DefaultAction.DENY)) { Set<String> bypassSet = parseBypass(inner.networkRuleSet().bypass()); return bypassSet.contains(Bypass.AZURE_SERVICES.toString().toLowerCase()); } return true; }
/** * Checks storage log entries can be read from any network. * * @param inner the storage account * @return true if storage log entries can be read from any network, false otherwise */ static boolean canReadLogEntriesFromAnyNetwork(final StorageAccountInner inner) { if (inner.networkRuleSet() != null && inner.networkRuleSet().defaultAction() != null && inner.networkRuleSet().defaultAction().equals(DefaultAction.DENY)) { Set<String> bypassSet = parseBypass(inner.networkRuleSet().bypass()); return bypassSet.contains(Bypass.LOGGING.toString().toLowerCase()); } return true; }
/** * Checks storage metrics can be read from any network. * * @param inner the storage account * @return true if storage metrics can be read from any network, false otherwise */ static boolean canReadMetricsFromAnyNetwork(final StorageAccountInner inner) { if (inner.networkRuleSet() != null && inner.networkRuleSet().defaultAction() != null && inner.networkRuleSet().defaultAction().equals(DefaultAction.DENY)) { Set<String> bypassSet = parseBypass(inner.networkRuleSet().bypass()); return bypassSet.contains(Bypass.METRICS.toString().toLowerCase()); } return true; }
/** * Checks storage account can be accessed from applications running on azure. * * @param inner the storage account * @return true if storage can be accessed from application running on azure, false otherwise */ static boolean canAccessFromAzureServices(final StorageAccountInner inner) { if (inner.networkRuleSet() != null && inner.networkRuleSet().defaultAction() != null && inner.networkRuleSet().defaultAction().equals(DefaultAction.DENY)) { Set<String> bypassSet = parseBypass(inner.networkRuleSet().bypass()); return bypassSet.contains(Bypass.AZURE_SERVICES.toString().toLowerCase()); } return true; }
/** * The list of resource id of subnets having access to the given storage account. * * @param inner the storage account * @return list of subnet resource ids */ static List<String> networkSubnetsWithAccess(final StorageAccountInner inner) { List<String> subnetIds = new ArrayList<>(); if (inner.networkRuleSet() != null && inner.networkRuleSet().virtualNetworkRules() != null) { for (VirtualNetworkRule rule : inner.networkRuleSet().virtualNetworkRules()) { if (rule != null && rule.virtualNetworkResourceId() != null) { subnetIds.add(rule.virtualNetworkResourceId()); } } } return subnetIds; }
/** * Checks storage log entries can be read from any network. * * @param inner the storage account * @return true if storage log entries can be read from any network, false otherwise */ static boolean canReadLogEntriesFromAnyNetwork(final StorageAccountInner inner) { if (inner.networkRuleSet() != null && inner.networkRuleSet().defaultAction() != null && inner.networkRuleSet().defaultAction().equals(DefaultAction.DENY)) { Set<String> bypassSet = parseBypass(inner.networkRuleSet().bypass()); return bypassSet.contains(Bypass.LOGGING.toString().toLowerCase()); } return true; }
/** * Checks storage metrics can be read from any network. * * @param inner the storage account * @return true if storage metrics can be read from any network, false otherwise */ static boolean canReadMetricsFromAnyNetwork(final StorageAccountInner inner) { if (inner.networkRuleSet() != null && inner.networkRuleSet().defaultAction() != null && inner.networkRuleSet().defaultAction().equals(DefaultAction.DENY)) { Set<String> bypassSet = parseBypass(inner.networkRuleSet().bypass()); return bypassSet.contains(Bypass.METRICS.toString().toLowerCase()); } return true; }
/** * The list of resource id of subnets having access to the given storage account. * * @param inner the storage account * @return list of subnet resource ids */ static List<String> networkSubnetsWithAccess(final StorageAccountInner inner) { List<String> subnetIds = new ArrayList<>(); if (inner.networkRuleSet() != null && inner.networkRuleSet().virtualNetworkRules() != null) { for (VirtualNetworkRule rule : inner.networkRuleSet().virtualNetworkRules()) { if (rule != null && rule.virtualNetworkResourceId() != null) { subnetIds.add(rule.virtualNetworkResourceId()); } } } return subnetIds; }
/** * The list of CIDR formatted ip address ranges having access to the given storage account. * * @param inner the storage account * @return list of ip address ranges in cidr format */ static List<String> ipAddressRangesWithAccess(final StorageAccountInner inner) { List<String> ipAddressRanges = new ArrayList<>(); if (inner.networkRuleSet() != null && inner.networkRuleSet().ipRules() != null) { for (IPRule rule : inner.networkRuleSet().ipRules()) { if (rule != null && rule.iPAddressOrRange() != null && rule.iPAddressOrRange().contains("/")) { ipAddressRanges.add(rule.iPAddressOrRange()); } } } return ipAddressRanges; }
/** * The list of ipv4 addresses having access to the given storage account. * * @param inner the storage account * @return list of ip addresses */ static List<String> ipAddressesWithAccess(final StorageAccountInner inner) { List<String> ipAddresses = new ArrayList<>(); if (inner.networkRuleSet() != null && inner.networkRuleSet().ipRules() != null) { for (IPRule rule : inner.networkRuleSet().ipRules()) { if (rule != null && rule.iPAddressOrRange() != null && !rule.iPAddressOrRange().contains("/")) { ipAddresses.add(rule.iPAddressOrRange()); } } } return ipAddresses; }
/** * The list of ipv4 addresses having access to the given storage account. * * @param inner the storage account * @return list of ip addresses */ static List<String> ipAddressesWithAccess(final StorageAccountInner inner) { List<String> ipAddresses = new ArrayList<>(); if (inner.networkRuleSet() != null && inner.networkRuleSet().ipRules() != null) { for (IPRule rule : inner.networkRuleSet().ipRules()) { if (rule != null && rule.iPAddressOrRange() != null && !rule.iPAddressOrRange().contains("/")) { ipAddresses.add(rule.iPAddressOrRange()); } } } return ipAddresses; }
/** * The list of CIDR formatted ip address ranges having access to the given storage account. * * @param inner the storage account * @return list of ip address ranges in cidr format */ static List<String> ipAddressRangesWithAccess(final StorageAccountInner inner) { List<String> ipAddressRanges = new ArrayList<>(); if (inner.networkRuleSet() != null && inner.networkRuleSet().ipRules() != null) { for (IPRule rule : inner.networkRuleSet().ipRules()) { if (rule != null && rule.iPAddressOrRange() != null && rule.iPAddressOrRange().contains("/")) { ipAddressRanges.add(rule.iPAddressOrRange()); } } } return ipAddressRanges; }
} else { if (this.updateParameters.networkRuleSet() == null) { if (this.inner.networkRuleSet() == null) { if (createIfNotExists) { this.updateParameters.withNetworkRuleSet(new NetworkRuleSet()); clonedNetworkRuleSet.withDefaultAction(this.inner.networkRuleSet().defaultAction()); clonedNetworkRuleSet.withBypass(this.inner.networkRuleSet().bypass()); if (this.inner.networkRuleSet().virtualNetworkRules() != null) { clonedNetworkRuleSet.withVirtualNetworkRules(new ArrayList<VirtualNetworkRule>()); for (VirtualNetworkRule rule : this.inner.networkRuleSet().virtualNetworkRules()) { VirtualNetworkRule clonedRule = new VirtualNetworkRule() .withAction(rule.action()) if (this.inner.networkRuleSet().ipRules() != null) { clonedNetworkRuleSet.withIpRules(new ArrayList<IPRule>()); for (IPRule rule : this.inner.networkRuleSet().ipRules()) { IPRule clonedRule = new IPRule() .withAction(rule.action())
} else { if (this.updateParameters.networkRuleSet() == null) { if (this.inner.networkRuleSet() == null) { if (createIfNotExists) { this.updateParameters.withNetworkRuleSet(new NetworkRuleSet()); clonedNetworkRuleSet.withDefaultAction(this.inner.networkRuleSet().defaultAction()); clonedNetworkRuleSet.withBypass(this.inner.networkRuleSet().bypass()); if (this.inner.networkRuleSet().virtualNetworkRules() != null) { clonedNetworkRuleSet.withVirtualNetworkRules(new ArrayList<VirtualNetworkRule>()); for (VirtualNetworkRule rule : this.inner.networkRuleSet().virtualNetworkRules()) { VirtualNetworkRule clonedRule = new VirtualNetworkRule() .withAction(rule.action()) if (this.inner.networkRuleSet().ipRules() != null) { clonedNetworkRuleSet.withIpRules(new ArrayList<IPRule>()); for (IPRule rule : this.inner.networkRuleSet().ipRules()) { IPRule clonedRule = new IPRule() .withAction(rule.action())
NetworkRuleSet currentRuleSet = this.inner.networkRuleSet();
NetworkRuleSet currentRuleSet = this.inner.networkRuleSet();