2017-03-02 10:11:18 +00:00
---
2017-12-12 18:20:22 +00:00
title: About the azure_resource_group_resource_counts Resource
2018-02-20 01:54:42 +00:00
platform: azure
2017-03-02 10:11:18 +00:00
---
2018-02-15 02:23:29 +00:00
# azure\_resource\_group\_resource\_counts
2017-03-02 10:11:18 +00:00
2018-02-19 13:42:52 +00:00
Use the `azure_resource_group_resource_counts` InSpec audit resource to check the number of Azure resources in a resource group.
2017-03-02 10:11:18 +00:00
## Syntax
2017-12-12 18:20:22 +00:00
The name of the resource group is specified as a parameter on the resource:
2017-03-02 10:11:18 +00:00
2018-02-15 04:31:56 +00:00
describe azure_resource_group(name: 'MyResourceGroup') do
2018-02-15 18:24:21 +00:00
its('property') { should eq 'value' }
2018-02-15 04:31:56 +00:00
end
2017-03-02 10:11:18 +00:00
where
2018-02-15 18:24:21 +00:00
* `MyResourceGroup` is the name of the resource group being interrogated
2018-02-15 02:23:29 +00:00
* `property` is one a resource property
2017-03-02 10:11:18 +00:00
* `value` is the expected output from the matcher
2018-02-15 04:31:56 +00:00
## Examples
2018-02-19 13:42:52 +00:00
The following examples show how to use this InSpec audit resource:
2018-02-15 04:31:56 +00:00
2018-02-20 01:54:42 +00:00
### Ensure the Resource Group has the correct number of resources
2018-02-15 04:31:56 +00:00
describe azure_resource_group_resource_counts(name: 'Inspec-Azure') do
its('total') { should eq 7}
2018-02-15 18:24:21 +00:00
end
2018-02-15 04:31:56 +00:00
### Ensure that the Resource Group contains the correct resources
describe azure_resource_group_resource_counts(name: 'Inspec-Azure') do
its('total') { should eq 7 }
its('vm_count') { should eq 2 }
its('nic_count') { should eq 2 }
its('public_ip_count') { should eq 1 }
its('sa_count') { should eq 1 }
its('vnet_count') { should eq 1 }
end
<br>
2018-02-20 01:54:42 +00:00
## Parameters
* `group_name`, `name`
## Parameter Examples
2018-02-15 04:31:56 +00:00
The options that can be passed to the resource are as follows.
2018-02-20 01:54:42 +00:00
### group_name (required)
2018-02-15 04:31:56 +00:00
2018-02-19 13:42:52 +00:00
Use this parameter to define the Azure Resource Group to be tested.
2018-02-15 04:31:56 +00:00
2018-02-20 01:54:42 +00:00
describe azure_virtual_machine_data_disk(group_name: 'InSpec-Azure') do
...
end
2018-02-15 04:31:56 +00:00
2018-02-20 01:54:42 +00:00
### name
2018-02-15 04:31:56 +00:00
2018-02-19 13:42:52 +00:00
Use this parameter to define the name of the Azure resource to test.
2018-02-15 04:31:56 +00:00
2018-02-20 01:54:42 +00:00
describe azure_virtual_machine_data_disk(group_name: 'InSpec-Azure', name: 'Windows-Internal-VM') do
...
end
2017-12-12 18:20:22 +00:00
2018-02-20 03:09:51 +00:00
If both `group_name` and `name` is set then `name` takes priority
2017-12-12 18:20:22 +00:00
These options can also be set using the environment variables:
2018-02-19 13:42:52 +00:00
* `AZURE_RESOURCE_GROUP_NAME`
* `AZURE_RESOURCE_NAME`
2017-12-12 18:20:22 +00:00
When the options have been set as well as the environment variables, the environment variables take priority.
2018-02-19 13:42:52 +00:00
<br>
2018-02-20 01:54:42 +00:00
## Parameter Example
2017-03-02 10:11:18 +00:00
2018-02-20 01:54:42 +00:00
describe azure_generic_resource(group_name: 'Inspec-Azure', name: 'Linux-Internal-VM') do
its('location') { should eq 'westeurope' }
2018-02-15 02:23:29 +00:00
end
2017-12-12 18:20:22 +00:00
2018-02-15 04:31:56 +00:00
<br>
2017-12-12 18:20:22 +00:00
2018-02-15 02:23:29 +00:00
## Properties
2017-12-12 18:20:22 +00:00
2018-02-15 02:23:29 +00:00
* `name`, `location` ,`id`, `provisioning_state`, `subscription_id`, `total`, `nic_count`, `vm_count`, `extension_count`, `vnet_count`, `sa_count`, `public_ip_count`,`managed_disk_image_count`, `managed_disk_count`, `tag_count`
2017-12-12 18:20:22 +00:00
2018-02-15 02:23:29 +00:00
<br>
2017-03-02 10:11:18 +00:00
2018-02-15 02:23:29 +00:00
## Property Examples
2017-03-02 10:11:18 +00:00
2018-02-15 04:31:56 +00:00
This InSpec audit resource has the following properties:
2017-12-12 18:20:22 +00:00
### name
2018-02-19 13:42:52 +00:00
Tests the name of the resource group.
2017-12-12 18:20:22 +00:00
2018-02-19 13:42:52 +00:00
its('name') { should cmp 'Inspec-Azure' }
2018-02-15 04:31:56 +00:00
2017-12-12 18:20:22 +00:00
### location
2018-02-19 13:42:52 +00:00
Tests where in Azure the resource group is located.
2017-12-12 18:20:22 +00:00
2018-02-19 13:42:52 +00:00
its('location') { should cmp 'westeurope' }
2018-02-15 04:31:56 +00:00
2017-12-12 18:20:22 +00:00
### id
2018-02-19 13:42:52 +00:00
Tests the full qualified ID of the resource group.
2017-03-02 10:11:18 +00:00
2018-02-19 13:42:52 +00:00
This takes the format: `/subscriptions/<SUBSCRIPTION_ID>/resourceGroups/<RESOURCE_GROUP_NAME>`.
2017-03-02 10:41:05 +00:00
2018-02-19 13:42:52 +00:00
its('id') { should cmp 'FQDN' }
2018-02-15 04:31:56 +00:00
### provisioning_state
2017-12-12 18:20:22 +00:00
2018-02-19 13:42:52 +00:00
Tests thehe provisioning state of the resource group.
2017-12-12 18:20:22 +00:00
2018-02-19 13:42:52 +00:00
its('provisioning_state') { should cmp 'Succeeded' }
2018-02-15 04:31:56 +00:00
2017-03-02 10:11:18 +00:00
### total
2018-02-19 13:42:52 +00:00
Tests the total number of resources in the resource group.
2017-03-02 10:11:18 +00:00
2018-02-19 13:42:52 +00:00
its('total') { should eq 13 }
2018-02-15 04:31:56 +00:00
### nic_count
2017-03-02 10:11:18 +00:00
2018-02-19 13:42:52 +00:00
Tests the number of network interface cards in the resource group.
2017-03-02 10:11:18 +00:00
2018-02-19 13:42:52 +00:00
it { should have_nics }
its('nic_count') { should eq 3 }
2018-02-15 04:31:56 +00:00
### vm_count
2017-03-02 10:11:18 +00:00
2018-02-19 13:42:52 +00:00
Tests the number of virtual machines in the resource group.
2017-03-02 10:11:18 +00:00
2018-02-19 13:42:52 +00:00
its('vm_count') { should eq 5 }
2018-02-15 04:31:56 +00:00
### vnet_count
2017-03-02 10:11:18 +00:00
2018-02-19 13:42:52 +00:00
Tests the number of virtual networks in the resource group.
2017-03-02 10:11:18 +00:00
2018-02-19 13:42:52 +00:00
its('vnet_count') { should eq 5 }
2018-02-15 04:31:56 +00:00
### sa_count
2017-03-02 10:11:18 +00:00
2018-02-19 13:42:52 +00:00
Tests the number of storage accounts in the resource group.
2017-03-02 10:11:18 +00:00
2018-02-19 13:42:52 +00:00
its('sa_count') { should eq 5 }
2018-02-15 04:31:56 +00:00
2018-02-19 13:42:52 +00:00
### public\_ip\_count
2017-03-02 10:11:18 +00:00
2018-02-19 13:42:52 +00:00
Tests the number of Public IP Addresses in the resource group.
2017-03-02 10:11:18 +00:00
2018-02-19 13:42:52 +00:00
its('public_ip_count') { should eq 5 }
2018-02-15 04:31:56 +00:00
2018-02-19 13:42:52 +00:00
### managed\_disk\_image\_count
2017-03-02 11:10:41 +00:00
2018-02-19 13:42:52 +00:00
Tests the number of managed disk images that are in the resource group.
2017-03-02 11:10:41 +00:00
2018-02-20 03:09:51 +00:00
Managed disks are created from disk images and then attached to the machines. Generally, the images are created from a base image or a custom image (e.g., Packer)
2017-03-02 11:10:41 +00:00
2018-02-19 13:42:52 +00:00
its('managed_disk_image_count') { should eq 5 }
2018-02-15 04:31:56 +00:00
2018-02-19 13:42:52 +00:00
### managed\_disk\_count
2017-03-02 11:10:41 +00:00
2018-02-19 13:42:52 +00:00
Tests the number of managed disks in the resource group.
2017-03-02 11:10:41 +00:00
If a resource group contains one virtual machine with an OS disk and 2 data disks that are all Managed Disks, then the count would be 3.
2018-02-19 13:42:52 +00:00
its('managed_disk_count') { should eq 3 }
2018-02-15 02:23:29 +00:00
2018-02-15 04:31:56 +00:00
<br>
2018-02-15 02:23:29 +00:00
## Matchers
2018-02-19 13:42:52 +00:00
This resource has a number of special matchers that provide a simple way to test of a specific Azure Resoure Type exists in the resource group.
2018-02-15 02:23:29 +00:00
2018-02-19 13:42:52 +00:00
For a full list of available matchers, please visit our [matchers page](https://www.inspec.io/docs/reference/matchers/).
2018-02-15 04:31:56 +00:00
2018-02-19 13:42:52 +00:00
### have_nics
2018-02-15 04:31:56 +00:00
2018-02-19 13:42:52 +00:00
Use this matcher to test if network interfaces exist.
2018-02-15 04:31:56 +00:00
2018-02-19 13:42:52 +00:00
it { should have_ncis }
2018-02-15 04:31:56 +00:00
2018-02-19 13:42:52 +00:00
### have_vms
2018-02-15 04:31:56 +00:00
2018-02-19 13:42:52 +00:00
Use this matcher to test that virtual machines exist.
2018-02-15 04:31:56 +00:00
2018-02-19 13:42:52 +00:00
it { should have_vms }
2018-02-15 04:31:56 +00:00
2018-02-19 13:42:52 +00:00
### have_extensions
2018-02-15 04:31:56 +00:00
2018-02-19 13:42:52 +00:00
Use this matcher to test for virtual machine extensions.
2018-02-15 02:23:29 +00:00
2018-02-19 13:42:52 +00:00
it { should have_extensions }
2018-02-15 04:31:56 +00:00
2018-02-19 13:42:52 +00:00
### have_nsgs
2018-02-15 04:31:56 +00:00
2018-02-19 13:42:52 +00:00
Use this matcher to test that network security groups exist.
2018-02-15 04:31:56 +00:00
2018-02-19 13:42:52 +00:00
it { should have_nsgs }
2018-02-15 04:31:56 +00:00
2018-02-19 13:42:52 +00:00
### have_vnets
2018-02-15 04:31:56 +00:00
2018-02-19 13:42:52 +00:00
Use this matcher to test that virtual networks exist.
2018-02-15 04:31:56 +00:00
2018-02-19 13:42:52 +00:00
it { should have_vnets }
2018-02-15 04:31:56 +00:00
2018-02-19 13:42:52 +00:00
### have\_managed\_disks
2018-02-15 04:31:56 +00:00
2018-02-19 13:42:52 +00:00
Use this matcher to test that managed disks exist.
2018-02-15 02:23:29 +00:00
2018-02-19 13:42:52 +00:00
it { should have_managed_disks }
2018-02-15 02:23:29 +00:00
2018-02-19 13:42:52 +00:00
### have\_managed\_disk\_images
Use this matcher to test that managed disk images exist.
it { should have_managed_disk_images }
### have_sas
Use this matcher to test that storage accounts exist.
it { should have_sas }
### have\_public\_ips
Use this matcher to test that public ips exist.
it { should have_public_ips }
2018-02-15 18:24:21 +00:00
2017-12-12 18:20:22 +00:00
## Tags
2018-02-20 03:09:51 +00:00
It is possible to test the tags that have been assigned to the resource. There are some properties for checking that a resource has tags, that it has the correct number of tags, and that the correct tags are assigned.
2017-03-02 10:11:18 +00:00
2018-02-15 02:23:29 +00:00
### have\_tags
2017-12-12 18:20:22 +00:00
This is a simple test to see if the machine has tags assigned to it or not.
2017-03-02 10:11:18 +00:00
2018-02-15 02:23:29 +00:00
it { should have_tags }
2017-03-02 10:11:18 +00:00
2018-02-15 02:23:29 +00:00
### tag\_count
2017-12-12 18:20:22 +00:00
Returns the number of tags that are assigned to the resource
2017-03-02 10:11:18 +00:00
2018-02-15 02:23:29 +00:00
its ('tag_count') { should eq 2 }
2017-03-02 10:11:18 +00:00
2017-12-12 18:20:22 +00:00
### tags
2017-03-02 10:11:18 +00:00
2017-12-12 18:20:22 +00:00
It is possible to check if a specific tag has been set on the resource.
2017-03-02 10:11:18 +00:00
2018-02-20 01:54:42 +00:00
its('tags') { should include 'owner' }
2017-12-12 18:20:22 +00:00
2018-02-15 02:23:29 +00:00
### xxx\_tag
2017-12-12 18:20:22 +00:00
2018-02-20 03:09:51 +00:00
To get the value of the tag, some properties are created from the tags themselves.
2017-12-12 18:20:22 +00:00
For example, if the following tag is set on a resource:
2018-02-20 01:54:42 +00:00
* owner: JG Jinglehimerschmidt
2017-12-12 18:20:22 +00:00
Then a property is available called `Owner_tag`.
2017-03-02 10:11:18 +00:00
2018-02-20 01:54:42 +00:00
its('owner_tag') { should cmp 'JG Jinglehimerschmidt' }
2017-03-02 10:11:18 +00:00
2017-12-12 18:20:22 +00:00
Note: The tag name is case sensitive which makes the test case sensitive. E.g. `owner_tag` does not equal `Owner_tag`.
2018-02-19 13:42:52 +00:00
<br>
2017-03-02 10:11:18 +00:00
2018-02-19 13:42:52 +00:00
## References
2017-03-02 10:11:18 +00:00
2018-02-19 13:42:52 +00:00
For more information on Azure Ruby SDK resources, see:
2017-03-02 10:11:18 +00:00
2018-02-19 13:42:52 +00:00
* [Azure Ruby SDK - Resources](https://github.com/Azure/azure-sdk-for-ruby/tree/master/management/azure_mgmt_resources)
* [Resource Group](https://github.com/chef/inspec/blob/fc990346f2438690f0ac36a9f6606e61574a79b8/test/azure/verify/controls/resource_group.rb)