-
Notifications
You must be signed in to change notification settings - Fork 80
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Support resource health availability statuses #411
Merged
sathish-progress
merged 10 commits into
master
from
support-resource-health-availability-status
Aug 5, 2021
Merged
Changes from all commits
Commits
Show all changes
10 commits
Select commit
Hold shift + click to select a range
69d01c1
support resource health availability status(s)
sathish-progress ac291f9
unit test resource health availability status(s)
sathish-progress 84ccb77
integration test resource health availability status(s)
sathish-progress 17572cf
support doc for availability statuses
sathish-progress edbd51b
update readme
sathish-progress 7a2c2e2
Docs editing
IanMadd 77e97ad
Merge branch 'master' into support-resource-health-availability-status
sathish-progress 128a7c8
Merge branch 'master' into support-resource-health-availability-status
sathish-progress 73ede40
Merge branch 'master' into support-resource-health-availability-status
sathish-progress 20104a6
Merge branch 'master' of github.com:inspec/inspec-azure into support-…
sathish-progress File filter
Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
98 changes: 98 additions & 0 deletions
98
docs/resources/azure_resource_health_availability_status.md
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,98 @@ | ||
--- | ||
title: About the azure_resource_health_availability_status Resource | ||
platform: azure | ||
--- | ||
|
||
# azure_resource_health_availability_status | ||
|
||
Use the `azure_resource_health_availability_status` InSpec audit resource to test properties related to a Azure Resource Health availability status. | ||
|
||
## Azure REST API version, endpoint, and HTTP client parameters | ||
|
||
This resource interacts with api versions supported by the resource provider. | ||
The `api_version` can be defined as a resource parameter. | ||
If not provided, the latest version will be used. | ||
For more information, refer to [`azure_generic_resource`](azure_generic_resource.md). | ||
|
||
Unless defined, `azure_cloud` global endpoint, and default values for the HTTP client will be used. | ||
For more information, refer to the resource pack [README](../../README.md). | ||
|
||
## Availability | ||
|
||
### Installation | ||
|
||
This resource is available in the [InSpec Azure resource pack](https://github.com/inspec/inspec-azure). | ||
For an example `inspec.yml` file and how to set up your Azure credentials, refer to resource pack [README](../../README.md#Service-Principal). | ||
|
||
## Syntax | ||
|
||
`resource_group`, `resource_type` and `name` are required parameters. | ||
|
||
```ruby | ||
describe azure_resource_health_availability_status(resource_group: 'AZURE_RESOURCE_GROUP', resource_type: 'AZURE_RESOURCE_TYPE', name: 'RESOURCE_NAME') do | ||
it { should exist } | ||
its('name') { should cmp 'current' } | ||
its('type') { should cmp 'Microsoft.ResourceHealth/AvailabilityStatuses' } | ||
its('location') { should cmp 'ukwest' } | ||
its('properties.availabilityState') { should cmp 'Available' } | ||
its('properties.reasonChronicity') { should cmp 'Persistent' } | ||
end | ||
``` | ||
|
||
## Parameters | ||
|
||
| Name | Description | | ||
|----------------|----------------------------------------------------------------------------------| | ||
| name | Name of the Azure resource to test. | | ||
| resource_group | Azure resource group that the targeted resource resides in. | | ||
| resource_type | Azure resource type of the targeted resource. | | ||
|
||
The parameter set should be provided for a valid query: | ||
- `resource_group`, `resource_type` and `name` | ||
|
||
## Properties | ||
|
||
| Property | Description | | ||
|-------------------------------|------------------------------------------------------------------| | ||
| id | Azure Resource Manager Identity for the availabilityStatuses resource. | | ||
| name | current. | | ||
| type | `Microsoft.ResourceHealth/AvailabilityStatuses`. | | ||
| location | Azure Resource Manager geo location of the resource. | | ||
| properties | Properties of availability state. | | ||
|
||
For properties applicable to all resources, such as `type`, `name`, `id`, `properties`, refer to [`azure_generic_resource`](azure_generic_resource.md#properties). | ||
|
||
Also, refer to [Azure documentation](https://docs.microsoft.com/en-us/rest/api/resourcehealth/availability-statuses/get-by-resource) for other properties available. | ||
Any attribute in the response may be accessed with the key names separated by dots (`.`). | ||
|
||
## Examples | ||
|
||
### Test availability status of a resource. | ||
|
||
```ruby | ||
describe azure_resource_health_availability_status(resource_group: 'AZURE_RESOURCE_GROUP', resource_type: 'AZURE_RESOURCE_TYPE', name: 'RESOURCE_NAME') do | ||
its('properties.availabilityState') { should eq 'Available' } | ||
end | ||
``` | ||
### Test the chronicity type of a resource. | ||
|
||
```ruby | ||
describe azure_resource_health_availability_status(resource_group: 'AZURE_RESOURCE_GROUP', resource_type: 'AZURE_RESOURCE_TYPE', name: 'RESOURCE_NAME') do | ||
its('properties.reasonChronicity') { should include 'Persistent' } | ||
end | ||
``` | ||
## Matchers | ||
|
||
This InSpec audit resource has the following special matchers. For a full list of available matchers, please visit our [Universal Matchers page](/inspec/matchers/). | ||
|
||
### exists | ||
```ruby | ||
# If a resource status is found it will exist | ||
describe azure_resource_health_availability_status(resource_group: 'AZURE_RESOURCE_GROUP', resource_type: 'AZURE_RESOURCE_TYPE', name: 'RESOURCE_NAME') do | ||
it { should exist } | ||
end | ||
``` | ||
|
||
## Azure Permissions | ||
|
||
Your [Service Principal](https://docs.microsoft.com/en-us/azure/azure-resource-manager/resource-group-create-service-principal-portal) must be setup with a `contributor` role on the subscription you wish to test. |
88 changes: 88 additions & 0 deletions
88
docs/resources/azure_resource_health_availability_statuses.md
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,88 @@ | ||
--- | ||
title: About the azure_resource_health_availability_statuses Resource | ||
platform: azure | ||
--- | ||
|
||
# azure_resource_health_availability_statuses | ||
|
||
Use the `azure_resource_health_availability_statuses` InSpec audit resource to test properties related to all Azure Availability Statuses for the subscription. | ||
|
||
## Azure REST API version, endpoint and http client parameters | ||
|
||
This resource interacts with api versions supported by the resource provider. | ||
The `api_version` can be defined as a resource parameter. | ||
If not provided, the latest version will be used. | ||
For more information, refer to [`azure_generic_resource`](azure_generic_resource.md). | ||
|
||
Unless defined, `azure_cloud` global endpoint, and default values for the http client will be used. | ||
For more information, refer to the resource pack [README](../../README.md). | ||
|
||
## Availability | ||
|
||
### Installation | ||
|
||
This resource is available in the [InSpec Azure resource pack](https://github.com/inspec/inspec-azure). | ||
For an example `inspec.yml` file and how to set up your Azure credentials, refer to resource pack [README](../../README.md#Service-Principal). | ||
|
||
## Syntax | ||
|
||
An `azure_resource_health_availability_statuses` resource block returns all Azure Availability Statuses within a Subscription. | ||
```ruby | ||
describe azure_resource_health_availability_statuses do | ||
#... | ||
end | ||
``` | ||
|
||
## Parameters | ||
|
||
## Properties | ||
|
||
|Property | Description | Filter Criteria<superscript>*</superscript> | | ||
|--------------------|--------------------------------------------------------------------------|-----------------| | ||
| ids | A list of the Azure Resource Manager Identity for the availabilityStatuses resources.| `id` | | ||
| names | current. | `name` | | ||
| types | Microsoft.ResourceHealth/AvailabilityStatuses. | `type` | | ||
| properties | A list of Properties of availability state. | `properties` | | ||
| locations | A list of Azure Resource Manager geo locations of the resource. | `location` | | ||
|
||
<superscript>*</superscript> For information on how to use filter criteria on plural resources refer to [FilterTable usage](https://github.com/inspec/inspec/blob/master/dev-docs/filtertable-usage.md). | ||
|
||
## Examples | ||
|
||
### Loop through availability statuses by resource ID | ||
|
||
```ruby | ||
azure_resource_health_availability_statuses.ids.each do |id| | ||
describe azure_resource_health_availability_status(resource_id: id) do | ||
it { should exist } | ||
end | ||
end | ||
``` | ||
|
||
### Test that there are availability statuses that have an `Available` availability state | ||
|
||
```ruby | ||
describe azure_resource_health_availability_statuses.where{ properties.select{|prop| prop.availabilityState == 'Available' } } do | ||
it { should exist } | ||
end | ||
``` | ||
|
||
## Matchers | ||
|
||
This InSpec audit resource has the following special matchers. For a full list of available matchers, please visit our [Universal Matchers page](https://www.inspec.io/docs/reference/matchers/). | ||
|
||
### exists | ||
```ruby | ||
# Should not exist if no availability statuses are present in the subscription | ||
describe azure_resource_health_availability_statuses do | ||
it { should_not exist } | ||
end | ||
|
||
# Should exist if the filter returns at least one availability status in the subscription | ||
describe azure_resource_health_availability_statuses do | ||
it { should exist } | ||
end | ||
``` | ||
## Azure Permissions | ||
|
||
Your [Service Principal](https://docs.microsoft.com/en-us/azure/azure-resource-manager/resource-group-create-service-principal-portal) must be setup with a `contributor` role on the subscription you wish to test. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,27 @@ | ||
require 'azure_generic_resource' | ||
|
||
class AzureResourceHealthAvailabilityStatus < AzureGenericResource | ||
name 'azure_resource_health_availability_status' | ||
desc 'Retrieves and verifies availability status for a resource.' | ||
example <<-EXAMPLE | ||
describe azure_resource_health_availability_status(resource_group: 'large_vms', resource_type: '',name: 'DemoExpensiveVM') do | ||
it { should exist } | ||
end | ||
EXAMPLE | ||
|
||
def initialize(opts = {}) | ||
raise ArgumentError, 'Parameters must be provided in an Hash object.' unless opts.is_a?(Hash) | ||
|
||
resource_type = opts.delete(:resource_type) | ||
|
||
opts[:resource_provider] = specific_resource_constraint('Microsoft.ResourceHealth/availabilityStatuses/current', opts) | ||
opts[:resource_uri] = ['resourcegroups', opts[:resource_group], 'providers', resource_type, opts[:name], | ||
'providers', opts[:resource_provider]].join('/') | ||
opts[:add_subscription_id] = true | ||
super(opts, true) | ||
end | ||
|
||
def to_s | ||
super(AzureResourceHealthAvailabilityStatus) | ||
end | ||
end |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,34 @@ | ||
require 'azure_generic_resources' | ||
|
||
class AzureResourceHealthAvailabilityStatuses < AzureGenericResources | ||
name 'azure_resource_health_availability_statuses' | ||
desc 'Retrieves and verifies all availability statuses for a resource group' | ||
example <<-EXAMPLE | ||
describe azure_resource_health_availability_statuses do | ||
it { should exist } | ||
end | ||
EXAMPLE | ||
|
||
def initialize(opts = {}) | ||
raise ArgumentError, 'Parameters must be provided in an Hash object.' unless opts.is_a?(Hash) | ||
|
||
opts[:resource_provider] = specific_resource_constraint('Microsoft.ResourceHealth/availabilityStatuses', opts) | ||
super(opts, true) | ||
|
||
return if failed_resource? | ||
|
||
table_schema = [ | ||
{ column: :ids, field: :id }, | ||
{ column: :names, field: :name }, | ||
{ column: :types, field: :type }, | ||
{ column: :properties, field: :properties }, | ||
{ column: :locations, field: :location }, | ||
] | ||
|
||
AzureGenericResources.populate_filter_table(:table, table_schema) | ||
end | ||
|
||
def to_s | ||
super(AzureResourceHealthAvailabilityStatuses) | ||
end | ||
end |
11 changes: 11 additions & 0 deletions
11
test/integration/verify/controls/azure_resource_health_availability_status.rb
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,11 @@ | ||
resource_group = input('resource_group', value: nil) | ||
storage_account = input('storage_account', value: nil) | ||
|
||
control 'azure availability status' do | ||
describe azure_resource_health_availability_status(resource_group: resource_group, resource_type: 'microsoft.storage/storageaccounts', name: storage_account) do | ||
it { should exist } | ||
its('location') { should eq 'ukwest' } | ||
its('properties.availabilityState') { should eq 'Available' } | ||
its('properties.reasonChronicity') { should eq 'Persistent' } | ||
end | ||
end |
6 changes: 6 additions & 0 deletions
6
test/integration/verify/controls/azure_resource_health_availability_statuses.rb
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,6 @@ | ||
control 'azure_resource_health_availability_statuses' do | ||
describe azure_resource_health_availability_statuses do | ||
it { should exist } | ||
its('locations') { should include 'ukwest' } | ||
end | ||
end |
12 changes: 12 additions & 0 deletions
12
test/unit/resources/azure_resource_health_availability_status_test.rb
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,12 @@ | ||
require_relative 'helper' | ||
require 'azure_resource_health_availability_status' | ||
|
||
class AzureResourceHealthAvailabilityStatusConstructorTest < Minitest::Test | ||
def test_empty_param_not_ok | ||
assert_raises(ArgumentError) { AzureResourceHealthAvailabilityStatus.new } | ||
end | ||
|
||
def test_resource_group_alone_not_ok | ||
assert_raises(ArgumentError) { AzureResourceHealthAvailabilityStatus.new(resource_group: 'large_vms') } | ||
end | ||
end |
12 changes: 12 additions & 0 deletions
12
test/unit/resources/azure_resource_health_availability_statuses_test.rb
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,12 @@ | ||
require_relative 'helper' | ||
require 'azure_resource_health_availability_statuses' | ||
|
||
class AzureResourceHealthAvailabilityStatusesConstructorTest < Minitest::Test | ||
def tag_value_not_ok | ||
assert_raises(ArgumentError) { AzureResourceHealthAvailabilityStatuses.new(tag_value: 'some_tag_value') } | ||
end | ||
|
||
def test_resource_id_alone_not_ok | ||
assert_raises(ArgumentError) { AzureResourceHealthAvailabilityStatuses.new(resource_id: 'some_id') } | ||
end | ||
end |
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Add more examples