Changed Storage account name (#41)

* Changed Storage account name * PLA-22317 - Changed the function name
vmware-samples · Jan 11, 2021 · 6cbdef4 · 6cbdef4
1 parent 6322dbe
commit 6cbdef4
Showing 1 changed file with 11 additions and 9 deletions.
diff --git a/remediation_worker/jobs/azure_sql_auditing_on_server/azure_sql_auditing_on_server.py b/remediation_worker/jobs/azure_sql_auditing_on_server/azure_sql_auditing_on_server.py
@@ -34,11 +34,11 @@
 logging.basicConfig(level=logging.INFO)
 
 
-def get_random_string(length, prefix):
-    letters = string.ascii_lowercase
-    random_str = "".join(random.choice(letters) for i in range(length))
-    prefix = "".join(i for i in prefix if i != "-")
-    result_str = prefix + random_str
+def generate_storage_account_name(prefix):
+    prefix = "".join(i for i in prefix if i.islower() or i.isdigit())
+    if len(prefix) >= 15:
+        prefix = str(prefix[:14])
+    result_str = prefix + "auditlogs"
     return result_str
 
 
@@ -57,7 +57,7 @@ def create_storage_account(
         account_name=name,
         parameters=create_params,
     )
-    return poller.result
+    return poller.result()
 
 
 def create_role_assignment(
@@ -127,10 +127,12 @@ def remediate(
     ):
         """Enable Server blob auditing policy for Azure SQL Server
         :param client: Instance of the Azure SqlManagementClient.
+        :param client_storage: Instance of the Azure StorageManagementClient.
         :param resource_group_name: The name of the resource group to which the SQL Server belongs.
         :param sql_server_name: The name of the SQL Server.
         :type resource_group_name: str.
         :type sql_server_name: str.
+        :type region: str.
         :returns: Integer signaling success or failure
         :rtype: int
         :raises: msrestazure.azure_exceptions.CloudError
@@ -159,7 +161,7 @@ def remediate(
             else:
                 principalId = server.identity.principal_id
 
-            stg_account_name = get_random_string(6, sql_server_name)
+            stg_account_name = generate_storage_account_name(sql_server_name)
             logging.info(f"Creating a storage account with name {stg_account_name}")
             logging.info("executing client_storage.storage_accounts.begin_create")
             logging.info(f"      resource_group_name={resource_group_name}")
@@ -221,7 +223,7 @@ def run(self, args):
             secret=os.environ.get("AZURE_CLIENT_SECRET"),
             tenant=os.environ.get("AZURE_TENANT_ID"),
         )
-        credentials1 = ClientSecretCredential(
+        credentials_stg = ClientSecretCredential(
             client_id=os.environ.get("AZURE_CLIENT_ID"),
             client_secret=os.environ.get("AZURE_CLIENT_SECRET"),
             tenant_id=os.environ.get("AZURE_TENANT_ID"),
@@ -231,7 +233,7 @@ def run(self, args):
             credentials, params["subscription_id"], base_url=None
         )
         client_storage = StorageManagementClient(
-            credentials1, params["subscription_id"]
+            credentials_stg, params["subscription_id"]
         )
         client_authorization = AuthorizationManagementClient(
             credentials, params["subscription_id"]