v3

Azure.Endpoints/ResourceGroup/ActivityLogReader.cs

@@ -1,37 +1,75 @@
+using Azure;
+using Azure.Monitor.Query;
+using Azure.Monitor.Query.Models;
 using Azure.ResourceManager;
+using Azure.ResourceManager.Resources;
 using Microsoft.Extensions.Logging;
+using ProperDI.Azure.Endpoints.ResourceGroup.Models;
 
-namespace ProperDI.Azure.Endpoints.ResourceGroup.LogLooker;
+namespace ProperDI.Azure.Endpoints.ResourceGroup;
 
 public interface IActivityLogReader
 {
-    Task Scan(CancellationToken cancellationToken);
+    Task ScanAppAsync(string appName, CancellationToken cancellationToken, QueryTimeRange? givenTimeRange);
+    Task ScanAllAsync(CancellationToken cancellationToken);
 }
 
-public class ActivityLogReader(
-    ILogger<ActivityLogReader> logger,
-    ArmClient armClient)
-    : IActivityLogReader
+public class ActivityLogReader : IActivityLogReader
 {
-    private readonly ILogger<ActivityLogReader> _logger = logger ?? throw new ArgumentNullException(nameof(logger));
-    private readonly ArmClient _armClient = armClient ?? throw new ArgumentNullException(nameof(armClient));
+    private readonly ILogger<ActivityLogReader> _logger;
+    private readonly ArmClient _armClient;
+    private readonly LogsQueryClient _logsQueryClient;
 
-    public async Task Scan(CancellationToken cancellationToken)
+    public ActivityLogReader(ILogger<ActivityLogReader> logger, ArmClient armClient, LogsQueryClient logsQueryClient)
     {
+        _logger = logger ?? throw new ArgumentNullException(nameof(logger));
+        _armClient = armClient ?? throw new ArgumentNullException(nameof(armClient));
+        _logsQueryClient = logsQueryClient ?? throw new ArgumentNullException(nameof(logsQueryClient));
+    }
+
+    public async Task ScanAppAsync(string appName, CancellationToken cancellationToken, QueryTimeRange? givenTimeRange = default)
+    {
+        var timeRange = givenTimeRange ?? new QueryTimeRange(DateTime.UtcNow.AddDays(-7), DateTime.UtcNow);
+        
         try
         {
             _logger.LogInformation("Scanning for resources");
-            var resp = await _armClient.GetDefaultSubscriptionAsync(cancellationToken);
-            _logger.LogInformation("Found default subscription {sub}", resp.Data.DisplayName);
+            await ScanLogsForAppActivityAsync();
         }
         catch (TaskCanceledException)
         {
             _logger.LogWarning("Task canceled");
         }
-        catch (System.Exception ex)
+        catch (Exception ex)
         {
             _logger.LogError(ex, "Http request failed");
             throw;
         }
-    } 
+    }
+
+    public async Task ScanAllAsync(CancellationToken cancellationToken)
+    {
+        throw new NotImplementedException();
+    }
+
+    public async Task ScanLogsForAppActivityAsync()
+    {
+    }
+
+
+    private async Task<SubscriptionResource> GetDefaultSubscriptionAsync(CancellationToken cancellationToken)
+    {
+        try
+        {
+            var sub = await _armClient.GetDefaultSubscriptionAsync(cancellationToken);
+
+            
+            return sub;
+        }
+        catch (Exception ex)
+        {
+            _logger.LogError(ex, "Failed to retrieve default subscription");
+            throw;
+        }
+    }
 }

Azure.Endpoints/ResourceGroup/Models/AppActivitySummary.cs

@@ -0,0 +1,3 @@
+namespace ProperDI.Azure.Endpoints.ResourceGroup.Models;
+
+public record AppActivitySummary(string AppName, string PermissionsExercised);

Azure.Endpoints/ResourceGroup/Models/TimeRange.cs

@@ -0,0 +1,3 @@
+namespace ProperDI.Azure.Endpoints.ResourceGroup.Models;
+
+public record TimeRange(DateTime Start, DateTime End);