Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Adds MySQL Resources #213

Merged
merged 2 commits into from
Oct 23, 2019
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
10 changes: 10 additions & 0 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -115,17 +115,24 @@ The following resources are available in the InSpec Azure Resource Pack
- [azurerm_key_vault_secret](docs/resources/azurerm_key_vault_secret.md.erb)
- [azurerm_key_vault_secrets](docs/resources/azurerm_key_vault_secrets.md)
- [azurerm_key_vaults](docs/resources/azurerm_key_vaults.md.erb)
- [azurerm_locks](docs/resources/azurerm_locks.md.erb)
- [azurerm_management_group](docs/resources/azurerm_management_group.md.erb)
- [azurerm_management_groups](docs/resources/azurerm_management_groups.md.erb)
- [azurerm_monitor_activity_log_alert](docs/resources/azurerm_monitor_activity_log_alert.md.erb)
- [azurerm_monitor_activity_log_alerts](docs/resources/azurerm_monitor_activity_log_alerts.md.erb)
- [azurerm_monitor_log_profile](docs/resources/azurerm_monitor_log_profile.md.erb)
- [azurerm_monitor_log_profiles](docs/resources/azurerm_monitor_log_profiles.md.erb)
- [azurerm_mysql_database](docs/resources/azurerm_mysql_database.md.erb)
- [azurerm_mysql_databases](docs/resources/azurerm_mysql_databases.md.erb)
- [azurerm_mysql_server](docs/resources/azurerm_mysql_server.md.erb)
- [azurerm_mysql_servers](docs/resources/azurerm_mysql_servers.md.erb)
- [azurerm_network_security_group](docs/resources/azurerm_network_security_group.md.erb)
- [azurerm_network_security_groups](docs/resources/azurerm_network_security_groups.md.erb)
- [azurerm_network_watcher](docs/resources/azurerm_network_watcher.md.erb)
- [azurerm_network_watchers](docs/resources/azurerm_network_watchers.md.erb)
- [azurerm_resource_groups](docs/resources/azurerm_resource_groups.md.erb)
- [azurerm_role_definition](docs/resources/azurerm_role_definition.md.erb)
- [azurerm_role_definitions](docs/resources/azurerm_role_definitions.md.erb)
- [azurerm_security_center_policies](docs/resources/azurerm_security_center_policies.md.erb)
- [azurerm_security_center_policy](docs/resources/azurerm_security_center_policy.md.erb)
- [azurerm_sql_database](docs/resources/azurerm_sql_database.md.erb)
Expand All @@ -141,6 +148,9 @@ The following resources are available in the InSpec Azure Resource Pack
- [azurerm_virtual_machines](docs/resources/azurerm_virtual_machines.md.erb)
- [azurerm_virtual_network](docs/resources/azurerm_virtual_network.md.erb)
- [azurerm_virtual_networks](docs/resources/azurerm_virtual_networks.md.erb)
- [azurerm_webapp](docs/resources/azurerm_webapp.md.erb)
- [azurerm_webapps](docs/resources/azurerm_webapps.md.erb)


## Connectors

Expand Down
3 changes: 3 additions & 0 deletions docs/resource_creation_guide.md
Original file line number Diff line number Diff line change
Expand Up @@ -117,6 +117,9 @@ To determine which properties are available for a given resource, start by looki

## Create documentation in `docs/resources`
Once everything is working, documentation must be added for the resources that have been added. Copy similar resource documents in `docs/resources/` and edit them as appropriate. Include enough examples to give a good idea how the resource works. Make sure to include any special case examples that might exist.
After writing the documentation:
- Run `bundle exec rake docs:resource_links`
- Copy/Paste all display links in the Readme.md

## Create a pull request.
- Prior to creating a pull request, make user to do the following:
Expand Down
122 changes: 122 additions & 0 deletions docs/resources/azurerm_mysql_database.md.erb
Original file line number Diff line number Diff line change
@@ -0,0 +1,122 @@
---
title: About the azurerm_mysql_database Resource
platform: azure
---

# azurerm\_mysql\_database

Use the `azurerm_mysql_database` InSpec audit resource to test properties and configuration of
an Azure MySQL Database on a MySQL Server.
<br />

## Azure REST API version

This resource interacts with version `2017-12-01` of the Azure Management API. For more
information see the [Official Azure Documentation](https://docs.microsoft.com/en-us/rest/api/mysql/databases/get).

At the moment, there doesn't appear to be a way to select the version of the
Azure API docs. If you notice a newer version being referenced in the official
documentation please open an issue or submit a pull request using the updated
version.

## Availability

### Installation

This resource is available in the `inspec-azure` [resource
pack](https://www.inspec.io/docs/reference/glossary/#resource-pack). To use it, add the
following to your `inspec.yml` in your top-level profile:

depends:
inspec-azure:
git: https://github.com/inspec/inspec-azure.git

You'll also need to setup your Azure credentials; see the resource pack
[README](https://github.com/inspec/inspec-azure#inspec-for-azure).

### Version

This resource first became available in 1.6.0 of the inspec-azure resource pack.

## Syntax

The `resource_group`, `server_name` and `database_name` must be given as a parameter.

describe azurerm_mysql_database(resource_group: 'inspec-rg', server_name: 'customer_server', database_name: 'order-db') do
it { should exist }
end

<br />

## Examples

If a MySQL Database is referenced with a valid `Resource Group`, `Server Name` and `Database name`

describe azurerm_mysql_database(resource_group: 'inspec-rg', server_name: 'customer_server', database_name: 'order-db') do
it { should exist }
its('name') { should be 'order-db' }
end

If a MySQL Database is referenced with an invalid `Resource Group`, `Server Name` or `Database Name`

describe azurerm_mysql_database(resource_group: 'inspec-rg', server_name: 'customer_server', database_name: 'invalid-db-name') do
it { should_not exist }
end
<br />

## Parameters

- `resource_group` - The resource Group to which the MySQL Server belongs.
- `server_name` - The unique name of the MySQL Server.
- `database_name` - The unique name of the MySQL Database.

## Attributes

- `id`
- `name`
- `type`
- `properties`

### id
Azure resource ID.

### name
SQL Server name, e.g. `customer-database`.

### type
The type of Resource, typically `Microsoft.DBforMySQL/servers/databases`.

### properties
A collection of additional configuration properties related to the MySQL Database, e.g. `collation`.

### Other Attributes

There are additional attributes that may be accessed that we have not
documented. Please take a look at the [Azure documentation](#-Azure-REST-API-version).
Any attribute in the response may be accessed with the key names separated by
dots (`.`).

The API may not always return keys that do not have any associated data. There
may be cases where the deeply nested property may not have the desired
attribute along your call chain. If you find yourself writing tests against
properties that may be nil, fork this resource pack and add an accessor to the
resource. Within that accessor you'll be able to guard against nil keys. Pull
requests are always welcome.

## Matchers

This InSpec audit resource has the following special matchers. For a full list of
available matchers, please visit our [Universal Matchers
page](https://www.inspec.io/docs/reference/matchers/).

### exists

describe azurerm_mysql_database(resource_group: 'my-rg', server_name: 'server-name-1', database_name: 'customer-db') do
it { should exist }
end

## Azure Permissions

Your [Service
Principal](https://docs.microsoft.com/en-us/azure/azure-resource-manager/resource-group-create-service-principal-portal)
must be setup with a `contributor` role on the subscription you wish to test.
115 changes: 115 additions & 0 deletions docs/resources/azurerm_mysql_databases.md.erb
Original file line number Diff line number Diff line change
@@ -0,0 +1,115 @@
---
title: About the azurerm_mysql_databases Resource
platform: azure
---

# azurerm\_mysql\_databases

Use the `azurerm_mysql_databases` InSpec audit resource to test properties and configuration of Azure MySQL Databases.
<br />

## Azure REST API version

This resource interacts with version `2017-12-01` of the Azure Management API. For more
information see the [Official Azure Documentation](https://docs.microsoft.com/en-us/rest/api/mysql/databases/listbyserver).

At the moment, there doesn't appear to be a way to select the version of the
Azure API docs. If you notice a newer version being referenced in the official
documentation please open an issue or submit a pull request using the updated
version.

## Availability

### Installation

This resource is available in the `inspec-azure` [resource
pack](https://www.inspec.io/docs/reference/glossary/#resource-pack). To use it, add the
following to your `inspec.yml` in your top-level profile:

depends:
inspec-azure:
git: https://github.com/inspec/inspec-azure.git

You'll also need to setup your Azure credentials; see the resource pack
[README](https://github.com/inspec/inspec-azure#inspec-for-azure).

### Version

This resource first became available in 1.6.0 of the inspec-azure resource pack.

## Syntax

An `azurerm_mysql_databases` resource block returns all MySQL Databases on a MySQL Server, within a Rsource Group.

describe azurerm_mysql_databases(resource_group: ..., server_name: ...) do
...
end

<br />

## Examples

The following examples show how to use this InSpec audit resource.

### Check MySQL Databases are present

describe azurerm_mysql_databases(resource_group: 'resource-group-1', server_name: 'production') do
it { should exist }
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This probably isn't an issue with this PR, but I was wondering whether there is a need for exist in plural resources. I believe the same thing could be achieved through it { should_not be_empty }.

its('names') { should include 'my-database-name' }
end
<br />

## Filter Criteria

* `azure_mysql_databases` resources are filterable on all available properties. Below are some examples.

### names

Filters the results to include only those databases that match the given
name. This is a string value.

describe azurerm_mysql_databases(resource_group: 'rg', server_name: 'server').where{ name.eql?('production-database') } do
it { should exist }
end

## Attributes

- `id`
- `name`
- `type`
- `properties`

### ids
Azure resource ID.

### names
SQL Database name, e.g. `my-sql-database`.

its('names') { should include 'my-sql-database' }

### type
The type of Resource, typically `Microsoft.Sql/servers/databases`.


### properties
A collection of additional configuration properties related to the MySQL Database, e.g. `collation`.

## Matchers

This InSpec audit resource has the following special matchers. For a full list of available matchers,
please visit our [Universal Matchers page](https://www.inspec.io/docs/reference/matchers/).

### exists

The control will pass if the filter returns at least one result. Use
`should_not` if you expect zero matches.

describe azurerm_mysql_databases do
it { should exist }
end

## Azure Permissions

Your [Service
Principal](https://docs.microsoft.com/en-us/azure/azure-resource-manager/resource-group-create-service-principal-portal)
must be setup with a `contributor` role on the subscription you wish to test.
Loading