Skip to content

Commit

Permalink
Merge pull request #517 from inspec/support-power-bi-gateways
Browse files Browse the repository at this point in the history
Support power bi gateways
  • Loading branch information
sathish-progress authored Nov 18, 2021
2 parents 2ce81e7 + 0d5d1bc commit d85bd56
Show file tree
Hide file tree
Showing 9 changed files with 300 additions and 0 deletions.
2 changes: 2 additions & 0 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -216,6 +216,8 @@ The following is a list of static resources.
- [azure_postgresql_databases](docs/resources/azure_postgresql_databases.md)
- [azure_postgresql_server](docs/resources/azure_postgresql_server.md)
- [azure_postgresql_servers](docs/resources/azure_postgresql_servers.md)
- [azure_power_bi_gateway](docs/resources/azure_power_bi_gateway.md)
- [azure_power_bi_gateways](docs/resources/azure_power_bi_gateways.md)
- [azure_public_ip](docs/resources/azure_public_ip.md)
- [azure_redis_cache](docs/resources/azure_redis_cache.md)
- [azure_redis_caches](docs/resources/azure_redis_caches.md)
Expand Down
82 changes: 82 additions & 0 deletions docs/resources/azure_power_bi_gateway.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,82 @@
---
title: About the azure_power_bi_gateway Resource
platform: azure
---

# azure_power_bi_gateway

Use the `azure_power_bi_gateway` InSpec audit resource to test the properties related to Azure Power BI gateway.

## Azure REST API version, Endpoint, and HTTP Client Parameters

This resource interacts with API versions supported by the resource provider. The `api_version` is defined as a resource parameter.
If not provided, the latest version is used. For more information, refer to [`azure_generic_resource`](azure_generic_resource.md).

Unless defined, `azure_cloud` global endpoint and default values for the HTTP client are used. For more information, refer to the resource pack [README](../../README.md).

## Availability

### Installation

This resource is available in the [InSpec Azure resource pack](https://github.com/inspec/inspec-azure). For an example, `inspec.yml` file and how to set up your Azure credentials, refer to resource pack [README](../../README.md#Service-Principal).

## Syntax

`gateway_id` is a required parameter.

```ruby
describe azure_power_bi_gateway(gateway_id: 'GATEWAY_ID') do
it { should exist }
end
```

## Parameters

`gateway_id` _(required)_

The gateway ID.

## Properties

| Property | Description |
|-------------------------------------|------------------------------------------------------------------|
| id | The gateway ID. |
| name | The gateway name. |
| type | The gateway type. |
| publicKey.exponent | The public key exponent. |
| publicKey.modulus | The public key modulus.

For properties applicable to all resources, such as `type`, `name`, `id`, and `properties`, refer to [`azure_generic_resource`](azure_generic_resource.md#properties).

Also, refer to [Azure documentation](https://docs.microsoft.com/en-us/rest/api/power-bi/gateways/get-gateway) for other properties available.

## Examples

### Test that the Power BI gateway's exponent is `AQAB`

```ruby
describe azure_power_bi_gateway(gateway_id: 'GATEWAY_ID') do
its('publicKey.exponent') { should eq 'AQAB' }
end
```

## Matchers

This InSpec audit resource has the following special matchers. For a full list of available matchers, please visit our [Universal Matchers page](/inspec/matchers/).

### exists

```ruby
# If the Azure Power BI gateway is found, it will exist
describe azure_power_bi_gateway(gateway_id: 'GATEWAY_ID') do
it { should exist }
end
# if the Azure Power BI gateway is not found, it will not exist
describe azure_power_bi_gateway(gateway_id: 'GATEWAY_ID') do
it { should_not exist }
end
```

## Azure Permissions

Your [Service Principal](https://docs.microsoft.com/en-us/azure/azure-resource-manager/resource-group-create-service-principal-portal) must be set up with a `Dataset.Read.All` role on the Azure Power BI Workspace you wish to test.
88 changes: 88 additions & 0 deletions docs/resources/azure_power_bi_gateways.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,88 @@
---
title: About the azure_power_bi_gateways Resource
platform: azure
---

# azure_power_bi_gateways

Use the `azure_power_bi_gateways` InSpec audit resource to test the properties related to all Azure Power BI gateways.

## Azure REST API version, Endpoint, and HTTP Client Parameters

This resource interacts with API versions supported by the resource provider. The `api_version` is defined as a resource parameter.
If not provided, the latest version is used. For more information, refer to [`azure_generic_resource`](azure_generic_resource.md).

Unless defined, `azure_cloud` global endpoint and default values for the HTTP client is used. For more information, refer to the resource pack [README](../../README.md).

## Availability

### Installation

This resource is available in the [InSpec Azure resource pack](https://github.com/inspec/inspec-azure). For an example, `inspec.yml` file and how to set up your Azure credentials, refer to resource pack [README](../../README.md#Service-Principal).

## Syntax

An `azure_power_bi_gateways` resource block returns all Azure Power BI gateways.

```ruby
describe azure_power_bi_gateways do
#...
end
```

## Parameters

## Properties

|Property | Description | Filter Criteria<superscript>*</superscript> |
|--------------------------------|------------------------------------------------------------------------|------------------|
| ids | List of all gateway IDs. | `id` |
| names | List of all the gateway names. | `name` |
| types | List of all the gateway types. | `type` |
| exponents | List of all public key exponents. | `exponent` |
| modulus | List of all public key modulus. | `modulus` |


<superscript>*</superscript> For information on how to use filter criteria on plural resources refer to [FilterTable usage](https://github.com/inspec/inspec/blob/master/dev-docs/filtertable-usage.md).
Also, refer to [Azure documentation](https://docs.microsoft.com/en-us/rest/api/power-bi/Gateways/get-Gateways) for other available properties.

## Examples

### Loop through Power BI gateways by their IDs

```ruby
azure_power_bi_gateways.ids.each do |id|
describe azure_power_bi_gateway(gateway_id: id) do
it { should exist }
end
end
```

### Test to ensure all Power BI gateways exponent is `AQAB`

```ruby
describe azure_power_bi_gateways.where(exponent: 'AQAB') do
it { should exist }
end
```

## Matchers

This InSpec audit resource has the following special matchers. For a full list of available matchers, please visit our [Universal Matchers page](https://www.inspec.io/docs/reference/matchers/).

### exists

```ruby
# Should not exist if no Power BI gateways are present
describe azure_power_bi_gateways do
it { should_not exist }
end
# Should exist if the filter returns at least one Power BI gateways
describe azure_power_bi_gateways do
it { should exist }
end
```

## Azure Permissions

Your [Service Principal](https://docs.microsoft.com/en-us/azure/azure-resource-manager/resource-group-create-service-principal-portal) must be set up with a `Dataset.Read.All` role on the Azure Power BI Workspace you wish to test.
34 changes: 34 additions & 0 deletions libraries/azure_power_bi_gateway.rb
Original file line number Diff line number Diff line change
@@ -0,0 +1,34 @@
require 'azure_generic_resource'

class AzurePowerBIGateway < AzureGenericResource
name 'azure_power_bi_gateway'
desc 'Retrieves and verifies the settings of a Azure Power BI Gateway'
example <<-EXAMPLE
describe azure_power_bi_gateway(gateway_id: '95a4871a-33a4-4f35-9eea-8ff006b4840b') do
it { should exist }
end
EXAMPLE

attr_reader :table

AUDIENCE = 'https://analysis.windows.net/powerbi/api'.freeze

def initialize(opts = {})
raise ArgumentError, 'Parameters must be provided in an Hash object.' unless opts.is_a?(Hash)

Validators.validate_parameters(resource_name: @__resource_name__, required: %i(gateway_id),
opts: opts)

opts[:name] = opts.delete(:gateway_id)
opts[:resource_uri] = "https://api.powerbi.com/v1.0/myorg/gateways/#{opts[:name]}"
opts[:audience] = AUDIENCE
opts[:add_subscription_id] = false
opts[:is_uri_a_url] = true
opts[:api_version] = 'v1.0'
super
end

def to_s
super(AzurePowerBIGateway)
end
end
39 changes: 39 additions & 0 deletions libraries/azure_power_bi_gateways.rb
Original file line number Diff line number Diff line change
@@ -0,0 +1,39 @@
require 'azure_generic_resources'

class AzurePowerBIGateways < AzureGenericResources
name 'azure_power_bi_gateways'
desc 'Retrieves and verifies the settings of all Azure Power BI Gateways.'
example <<-EXAMPLE
describe azure_power_bi_gateways do
it { should exist }
end
EXAMPLE

AUDIENCE = 'https://analysis.windows.net/powerbi/api'.freeze

def initialize(opts = {})
raise ArgumentError, 'Parameters must be provided in an Hash object.' unless opts.is_a?(Hash)

opts[:resource_uri] = 'https://api.powerbi.com/v1.0/myorg/gateways'
opts[:audience] = AUDIENCE
opts[:add_subscription_id] = false
opts[:is_uri_a_url] = true
opts[:api_version] = 'v1.0'
super
return if failed_resource?

populate_filter_table_from_response
end

def to_s
super(AzurePowerBIGateways)
end

private

def populate_table
@resources.each do |resource|
@table << resource.merge(resource[:publicKey])
end
end
end
8 changes: 8 additions & 0 deletions test/integration/verify/controls/azure_power_bi_gateway.rb
Original file line number Diff line number Diff line change
@@ -0,0 +1,8 @@
gateway_id = input(:gateway_id, value: '')
control 'Verify settings of a Power BI Dashboard' do
describe azure_power_bi_gateway(gateway_id: gateway_id) do
it { should exist }
its('type') { should eq 'Resource' }
its('publicKey.exponent') { should eq 'AQAB' }
end
end
7 changes: 7 additions & 0 deletions test/integration/verify/controls/azure_power_bi_gateways.rb
Original file line number Diff line number Diff line change
@@ -0,0 +1,7 @@
control 'verify settings of Power BI Gateways' do
describe azure_power_bi_gateways do
it { should exist }
its('types') { should include 'Resource' }
its('exponents') { should include 'AQAB' }
end
end
17 changes: 17 additions & 0 deletions test/unit/resources/azure_power_bi_gateway_test.rb
Original file line number Diff line number Diff line change
@@ -0,0 +1,17 @@
require_relative 'helper'
require 'azure_power_bi_gateway'

class AzurePowerBIGatewayConstructorTest < Minitest::Test
def test_empty_param_not_ok
assert_raises(ArgumentError) { AzurePowerBIGateway.new }
end

# resource_provider should not be allowed.
def test_resource_provider_not_ok
assert_raises(ArgumentError) { AzurePowerBIGateway.new(resource_provider: 'some_type') }
end

def test_resource_group_name_alone_ok
assert_raises(ArgumentError) { AzurePowerBIGateway.new(name: 'my-name', resource_group: 'test') }
end
end
23 changes: 23 additions & 0 deletions test/unit/resources/azure_power_bi_gateways_test.rb
Original file line number Diff line number Diff line change
@@ -0,0 +1,23 @@
require_relative 'helper'

require 'azure_power_bi_gateways'

class AzurePowerBIGatewaysConstructorTest < Minitest::Test
# resource_type should not be allowed.

def test_resource_type_not_ok
assert_raises(ArgumentError) { AzurePowerBIGateways.new(resource_provider: 'some_type') }
end

def tag_value_not_ok
assert_raises(ArgumentError) { AzurePowerBIGateways.new(tag_value: 'some_tag_value') }
end

def tag_name_not_ok
assert_raises(ArgumentError) { AzurePowerBIGateways.new(tag_name: 'some_tag_name') }
end

def test_name_not_ok
assert_raises(ArgumentError) { AzurePowerBIGateways.new(name: 'some_name') }
end
end

0 comments on commit d85bd56

Please sign in to comment.