/*******************************************************************************
* Copyright 2012-2019 Amazon.com, Inc. or its affiliates. All Rights Reserved.
* Licensed under the Apache License, Version 2.0 (the "License"). You may not use
* this file except in compliance with the License. A copy of the License is located at
*
* http://aws.amazon.com/apache2.0
*
* or in the "license" file accompanying this file.
* This file is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR
* CONDITIONS OF ANY KIND, either express or implied. See the License for the
* specific language governing permissions and limitations under the License.
* *****************************************************************************
*
* AWS Tools for Windows (TM) PowerShell (TM)
*
*/
using System;
using System.Collections.Generic;
using System.Linq;
using System.Management.Automation;
using System.Text;
using Amazon.PowerShell.Common;
using Amazon.Runtime;
using Amazon.SecurityHub;
using Amazon.SecurityHub.Model;
namespace Amazon.PowerShell.Cmdlets.SHUB
{
///
/// Used to update the configuration related to Organizations. Can only be called from
/// a Security Hub administrator account.
///
[Cmdlet("Update", "SHUBOrganizationConfiguration", SupportsShouldProcess = true, ConfirmImpact = ConfirmImpact.Medium)]
[OutputType("None")]
[AWSCmdlet("Calls the AWS Security Hub UpdateOrganizationConfiguration API operation.", Operation = new[] {"UpdateOrganizationConfiguration"}, SelectReturnType = typeof(Amazon.SecurityHub.Model.UpdateOrganizationConfigurationResponse))]
[AWSCmdletOutput("None or Amazon.SecurityHub.Model.UpdateOrganizationConfigurationResponse",
"This cmdlet does not generate any output." +
"The service response (type Amazon.SecurityHub.Model.UpdateOrganizationConfigurationResponse) can be referenced from properties attached to the cmdlet entry in the $AWSHistory stack."
)]
public partial class UpdateSHUBOrganizationConfigurationCmdlet : AmazonSecurityHubClientCmdlet, IExecutor
{
#region Parameter AutoEnable
///
///
/// Whether to automatically enable Security Hub for new accounts in the organization.By default, this is false, and new accounts are not added automatically.To automatically enable Security Hub for new accounts, set this to true.
///
///
#if !MODULAR
[System.Management.Automation.Parameter(Position = 0, ValueFromPipelineByPropertyName = true, ValueFromPipeline = true)]
#else
[System.Management.Automation.Parameter(Position = 0, ValueFromPipelineByPropertyName = true, ValueFromPipeline = true, Mandatory = true)]
[System.Management.Automation.AllowNull]
#endif
[Amazon.PowerShell.Common.AWSRequiredParameter]
public System.Boolean? AutoEnable { get; set; }
#endregion
#region Parameter AutoEnableStandard
///
///
/// Whether to automatically enable Security Hub default
/// standards for new member accounts in the organization.By default, this parameter is equal to DEFAULT, and new member accounts
/// are automatically enabled with default Security Hub standards.To opt out of enabling default standards for new member accounts, set this parameter
/// equal to NONE.
///
///
[System.Management.Automation.Parameter(ValueFromPipelineByPropertyName = true)]
[Alias("AutoEnableStandards")]
[AWSConstantClassSource("Amazon.SecurityHub.AutoEnableStandards")]
public Amazon.SecurityHub.AutoEnableStandards AutoEnableStandard { get; set; }
#endregion
#region Parameter Select
///
/// Use the -Select parameter to control the cmdlet output. The cmdlet doesn't have a return value by default.
/// Specifying -Select '*' will result in the cmdlet returning the whole service response (Amazon.SecurityHub.Model.UpdateOrganizationConfigurationResponse).
/// Specifying -Select '^ParameterName' will result in the cmdlet returning the selected cmdlet parameter value.
///
[System.Management.Automation.Parameter(ValueFromPipelineByPropertyName = true)]
public string Select { get; set; } = "*";
#endregion
#region Parameter PassThru
///
/// Changes the cmdlet behavior to return the value passed to the AutoEnable parameter.
/// The -PassThru parameter is deprecated, use -Select '^AutoEnable' instead. This parameter will be removed in a future version.
///
[System.Obsolete("The -PassThru parameter is deprecated, use -Select '^AutoEnable' instead. This parameter will be removed in a future version.")]
[System.Management.Automation.Parameter(ValueFromPipelineByPropertyName = true)]
public SwitchParameter PassThru { get; set; }
#endregion
#region Parameter Force
///
/// This parameter overrides confirmation prompts to force
/// the cmdlet to continue its operation. This parameter should always
/// be used with caution.
///
[System.Management.Automation.Parameter(ValueFromPipelineByPropertyName = true)]
public SwitchParameter Force { get; set; }
#endregion
protected override void ProcessRecord()
{
this._AWSSignerType = "v4";
base.ProcessRecord();
var resourceIdentifiersText = FormatParameterValuesForConfirmationMsg(nameof(this.AutoEnable), MyInvocation.BoundParameters);
if (!ConfirmShouldProceed(this.Force.IsPresent, resourceIdentifiersText, "Update-SHUBOrganizationConfiguration (UpdateOrganizationConfiguration)"))
{
return;
}
var context = new CmdletContext();
// allow for manipulation of parameters prior to loading into context
PreExecutionContextLoad(context);
#pragma warning disable CS0618, CS0612 //A class member was marked with the Obsolete attribute
if (ParameterWasBound(nameof(this.Select)))
{
context.Select = CreateSelectDelegate(Select) ??
throw new System.ArgumentException("Invalid value for -Select parameter.", nameof(this.Select));
if (this.PassThru.IsPresent)
{
throw new System.ArgumentException("-PassThru cannot be used when -Select is specified.", nameof(this.Select));
}
}
else if (this.PassThru.IsPresent)
{
context.Select = (response, cmdlet) => this.AutoEnable;
}
#pragma warning restore CS0618, CS0612 //A class member was marked with the Obsolete attribute
context.AutoEnable = this.AutoEnable;
#if MODULAR
if (this.AutoEnable == null && ParameterWasBound(nameof(this.AutoEnable)))
{
WriteWarning("You are passing $null as a value for parameter AutoEnable which is marked as required. In case you believe this parameter was incorrectly marked as required, report this by opening an issue at https://github.com/aws/aws-tools-for-powershell/issues.");
}
#endif
context.AutoEnableStandard = this.AutoEnableStandard;
// allow further manipulation of loaded context prior to processing
PostExecutionContextLoad(context);
var output = Execute(context) as CmdletOutput;
ProcessOutput(output);
}
#region IExecutor Members
public object Execute(ExecutorContext context)
{
var cmdletContext = context as CmdletContext;
// create request
var request = new Amazon.SecurityHub.Model.UpdateOrganizationConfigurationRequest();
if (cmdletContext.AutoEnable != null)
{
request.AutoEnable = cmdletContext.AutoEnable.Value;
}
if (cmdletContext.AutoEnableStandard != null)
{
request.AutoEnableStandards = cmdletContext.AutoEnableStandard;
}
CmdletOutput output;
// issue call
var client = Client ?? CreateClient(_CurrentCredentials, _RegionEndpoint);
try
{
var response = CallAWSServiceOperation(client, request);
object pipelineOutput = null;
pipelineOutput = cmdletContext.Select(response, this);
output = new CmdletOutput
{
PipelineOutput = pipelineOutput,
ServiceResponse = response
};
}
catch (Exception e)
{
output = new CmdletOutput { ErrorResponse = e };
}
return output;
}
public ExecutorContext CreateContext()
{
return new CmdletContext();
}
#endregion
#region AWS Service Operation Call
private Amazon.SecurityHub.Model.UpdateOrganizationConfigurationResponse CallAWSServiceOperation(IAmazonSecurityHub client, Amazon.SecurityHub.Model.UpdateOrganizationConfigurationRequest request)
{
Utils.Common.WriteVerboseEndpointMessage(this, client.Config, "AWS Security Hub", "UpdateOrganizationConfiguration");
try
{
#if DESKTOP
return client.UpdateOrganizationConfiguration(request);
#elif CORECLR
return client.UpdateOrganizationConfigurationAsync(request).GetAwaiter().GetResult();
#else
#error "Unknown build edition"
#endif
}
catch (AmazonServiceException exc)
{
var webException = exc.InnerException as System.Net.WebException;
if (webException != null)
{
throw new Exception(Utils.Common.FormatNameResolutionFailureMessage(client.Config, webException.Message), webException);
}
throw;
}
}
#endregion
internal partial class CmdletContext : ExecutorContext
{
public System.Boolean? AutoEnable { get; set; }
public Amazon.SecurityHub.AutoEnableStandards AutoEnableStandard { get; set; }
public System.Func Select { get; set; } =
(response, cmdlet) => null;
}
}
}