Skip to content

Commit dc071cc

Browse files
GeekMasherGeekMasher
committed
docs: Add Database docs
1 parent 5ae3636 commit dc071cc

File tree

1 file changed

+149
-10
lines changed

1 file changed

+149
-10
lines changed

ql/lib/codeql/bicep/frameworks/Microsoft/Databases.qll

Lines changed: 149 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -3,186 +3,325 @@ private import bicep
33
module Databases {
44
/**
55
* Base class for all database resources in Azure.
6+
* Provides common properties and methods for Azure database resources.
67
*/
78
abstract class DatabaseResource extends Resource {
89
/**
9-
* Returns the type of the database resource.
10+
* Returns the type of the database resource (e.g., sql, postgresql, etc).
1011
*/
1112
abstract string databaseType();
1213

14+
/**
15+
* Returns a string representation of the database resource.
16+
*/
1317
override string toString() { result = "DatabaseResource[" + this.databaseType() + "]" }
1418

19+
/**
20+
* Returns the properties object for the database resource.
21+
*/
1522
DatabaseProperties::Properties getProperties() { result = this.getProperty("properties") }
1623

24+
/**
25+
* Returns the version property of the database resource, if present.
26+
*/
1727
string version() {
1828
result = this.getProperties().getProperty("version").(StringLiteral).getValue()
1929
}
2030

31+
/**
32+
* Returns the sslEnforcement property of the database resource, if present.
33+
*/
2134
string sslEnforcement() {
2235
result = this.getProperties().getProperty("sslEnforcement").(StringLiteral).getValue()
2336
}
2437

38+
/**
39+
* Returns the infrastructureEncryption property of the database resource, if present.
40+
*/
2541
string infrastructureEncryption() {
2642
result = this.getProperties().getProperty("infrastructureEncryption").(StringLiteral).getValue()
2743
}
2844

45+
/**
46+
* Returns the minimalTlsVersion property of the database resource, if present.
47+
*/
2948
string minimalTlsVersion() {
3049
result = this.getProperties().getProperty("minimalTlsVersion").(StringLiteral).getValue()
3150
}
3251

52+
/**
53+
* Returns the storage profile for the database resource, if present.
54+
*/
3355
DatabaseProperties::StorageProfile getStorageProfile() {
3456
result = this.getProperties().getProperty("storageProfile")
3557
}
3658
}
3759

3860
/**
39-
* Azure SQL Database/Managed Instance
61+
* Represents an Azure SQL Database or Managed Instance resource.
4062
*/
4163
class SqlServers extends DatabaseResource, Resource {
64+
/**
65+
* Constructs an instance for Azure SQL Database/Managed Instance resources.
66+
*/
4267
SqlServers() { this.getResourceType().regexpMatch("^Microsoft.Sql/servers@.*") }
4368

69+
/**
70+
* Returns the type of the database resource ("sql").
71+
*/
4472
override string databaseType() { result = "sql" }
4573
}
4674

4775
/**
48-
* Azure Cosmos DB
76+
* Represents an Azure Cosmos DB account resource.
4977
*/
5078
class CosmosDBAccounts extends DatabaseResource, Resource {
79+
/**
80+
* Constructs an instance for Azure Cosmos DB account resources.
81+
*/
5182
CosmosDBAccounts() {
5283
this.getResourceType().regexpMatch("^Microsoft.DocumentDB/databaseAccounts@.*")
5384
}
5485

86+
/**
87+
* Returns the type of the database resource ("cosmosdb").
88+
*/
5589
override string databaseType() { result = "cosmosdb" }
5690

91+
/**
92+
* Returns the databaseAccountOfferType property of the Cosmos DB account.
93+
*/
5794
string databaseAccountOfferType() {
5895
result =
5996
this.getProperties().getProperty("databaseAccountOfferType").(StringLiteral).getValue()
6097
}
6198

99+
/**
100+
* Returns true if multiple write locations are enabled for the Cosmos DB account.
101+
*/
62102
boolean isEnableMultipleWriteLocations() {
63103
result = this.getProperties().getProperty("enableMultipleWriteLocations").(Boolean).getBool()
64104
}
65105

106+
/**
107+
* Returns the backup policy for the Cosmos DB account.
108+
*/
66109
DatabaseProperties::BackupPolicy getBackupPolicy() {
67110
result = this.getProperties().getProperty("backupPolicy")
68111
}
69112
}
70113

71114
/**
72-
* Azure Database for PostgreSQL
115+
* Represents an Azure Database for PostgreSQL server resource.
73116
*/
74117
class PostgreSQLServers extends DatabaseResource, Resource {
118+
/**
119+
* Constructs an instance for Azure Database for PostgreSQL server resources.
120+
*/
75121
PostgreSQLServers() {
76122
this.getResourceType().regexpMatch("^Microsoft.DBforPostgreSQL/servers@.*")
77123
}
78124

125+
/**
126+
* Returns the type of the database resource ("postgresql").
127+
*/
79128
override string databaseType() { result = "postgresql" }
80129
}
81130

82131
/**
83-
* Azure Database for MySQL
132+
* Represents an Azure Database for MySQL server resource.
84133
*/
85134
class MySQLServers extends DatabaseResource, Resource {
135+
/**
136+
* Constructs an instance for Azure Database for MySQL server resources.
137+
*/
86138
MySQLServers() { this.getResourceType().regexpMatch("^Microsoft.DBforMySQL/servers@.*") }
87139

140+
/**
141+
* Returns the type of the database resource ("mysql").
142+
*/
88143
override string databaseType() { result = "mysql" }
89144
}
90145

91146
/**
92-
* Azure Database for MariaDB
147+
* Represents an Azure Database for MariaDB server resource.
93148
*/
94149
class MariaDBServers extends DatabaseResource, Resource {
150+
/**
151+
* Constructs an instance for Azure Database for MariaDB server resources.
152+
*/
95153
MariaDBServers() { this.getResourceType().regexpMatch("^Microsoft.DBforMariaDB/servers@.*") }
96154

155+
/**
156+
* Returns the type of the database resource ("mariadb").
157+
*/
97158
override string databaseType() { result = "mariadb" }
98159
}
99160

100161
/**
101-
* Azure Data Lake Store Gen1
162+
* Represents an Azure Data Lake Store Gen1 account resource.
102163
*/
103164
class DataLakeStoreAccounts extends DatabaseResource, Resource {
165+
/**
166+
* Constructs an instance for Azure Data Lake Store Gen1 account resources.
167+
*/
104168
DataLakeStoreAccounts() {
105169
this.getResourceType().regexpMatch("^Microsoft.DataLakeStore/accounts@.*")
106170
}
107171

172+
/**
173+
* Returns the type of the database resource ("datalakestore").
174+
*/
108175
override string databaseType() { result = "datalakestore" }
109176
}
110177

111178
/**
112-
* Azure Cache for Redis
179+
* Represents an Azure Cache for Redis resource.
113180
*/
114181
class RedisCaches extends DatabaseResource, Resource {
182+
/**
183+
* Constructs an instance for Azure Cache for Redis resources.
184+
*/
115185
RedisCaches() { this.getResourceType().regexpMatch("^Microsoft.Cache/Redis@.*") }
116186

187+
/**
188+
* Returns the type of the database resource ("redis").
189+
*/
117190
override string databaseType() { result = "redis" }
118191
}
119192

120193
/**
121-
* Azure Data Explorer (Kusto)
194+
* Represents an Azure Data Explorer (Kusto) cluster resource.
122195
*/
123196
class KustoClusters extends DatabaseResource, Resource {
197+
/**
198+
* Constructs an instance for Azure Data Explorer (Kusto) cluster resources.
199+
*/
124200
KustoClusters() { this.getResourceType().regexpMatch("^Microsoft.Kusto/Clusters@.*") }
125201

202+
/**
203+
* Returns the type of the database resource ("kusto").
204+
*/
126205
override string databaseType() { result = "kusto" }
127206
}
128207

129208
/**
130-
* Azure Arc-enabled SQL Managed Instance
209+
* Represents an Azure Arc-enabled SQL Managed Instance resource.
131210
*/
132211
class ArcSqlManagedInstances extends DatabaseResource, Resource {
212+
/**
213+
* Constructs an instance for Azure Arc-enabled SQL Managed Instance resources.
214+
*/
133215
ArcSqlManagedInstances() {
134216
this.getResourceType().regexpMatch("^Microsoft.AzureArcData/sqlManagedInstances@.*")
135217
}
136218

219+
/**
220+
* Returns the type of the database resource ("arc-sql-managed-instance").
221+
*/
137222
override string databaseType() { result = "arc-sql-managed-instance" }
138223
}
139224

140225
module DatabaseProperties {
226+
/**
227+
* Represents the properties object for a database resource.
228+
*/
141229
class Properties extends Object {
142230
private Resource resource;
143231

232+
/**
233+
* Constructs a Properties object for the given resource.
234+
*/
144235
Properties() { this = resource.getProperty("properties") }
145236

237+
/**
238+
* Returns the underlying resource for these properties.
239+
*/
146240
Resource getResource() { result = resource }
147241
}
148242

243+
/**
244+
* Represents the backup object within database properties.
245+
*/
149246
class Backup extends Object {
150247
private Properties properties;
151248

249+
/**
250+
* Constructs a Backup object for the given properties.
251+
*/
152252
Backup() { this = properties.getProperty("backup") }
153253

254+
/**
255+
* Returns a string representation of the backup object.
256+
*/
154257
string toString() { result = "Backup" }
155258

259+
/**
260+
* Returns the geoRedundantBackup property of the backup object.
261+
*/
156262
string geoRedundantBackup() {
157263
result = this.getProperty("geoRedundantBackup").(StringLiteral).getValue()
158264
}
159265
}
160266

267+
/**
268+
* Represents the backup policy object within database properties.
269+
*/
161270
class BackupPolicy extends Object {
162271
private Properties properties;
163272

273+
/**
274+
* Constructs a BackupPolicy object for the given properties.
275+
*/
164276
BackupPolicy() { this = properties.getProperty("backupPolicy") }
165277

278+
/**
279+
* Returns a string representation of the backup policy object.
280+
*/
166281
string toString() { result = "BackupPolicy" }
167282

283+
/**
284+
* Returns the type of the backup policy.
285+
*/
168286
string getBackupPolicyType() { result = this.getProperty("type").(StringLiteral).getValue() }
169287

288+
/**
289+
* Returns the backupRetentionDays property of the backup policy.
290+
*/
170291
Expr getBackupRetentionDays() { result = this.getProperty("backupRetentionDays") }
171292

293+
/**
294+
* Returns the backupStorageRedundancy property of the backup policy.
295+
*/
172296
Expr getBackupStorageRedundancy() { result = this.getProperty("backupStorageRedundancy") }
173297
}
174298

299+
/**
300+
* Represents the storage profile object within database properties.
301+
*/
175302
class StorageProfile extends Object {
176303
private Properties properties;
177304

305+
/**
306+
* Constructs a StorageProfile object for the given properties.
307+
*/
178308
StorageProfile() { this = properties.getProperty("storageProfile") }
179309

310+
/**
311+
* Returns a string representation of the storage profile object.
312+
*/
180313
string toString() { result = "StorageProfile" }
181314

315+
/**
316+
* Returns the storageMB property of the storage profile.
317+
*/
182318
int storageMB() {
183319
result = this.getProperty("storageMB").(Number).getValue()
184320
}
185321

322+
/**
323+
* Returns the autoGrow property of the storage profile.
324+
*/
186325
string autoGrow() {
187326
result = this.getProperty("autoGrow").(StringLiteral).getValue()
188327
}

0 commit comments

Comments
 (0)