Mirrors/inspec
2
0
Fork 0
mirror of https://github.com/inspec/inspec synced 2024-11-23 21:23:29 +00:00
Code Issues Projects Releases Packages Wiki Activity

Refactors the azure_resource_group doc (#2692)

Browse source 
* Refactors the azure_resource_group doc

Signed-off-by: kagarmoe <kgarmoe@chef.io>
This commit is contained in:
Kimberly Garmoe 2018-02-19 05:42:52 -08:00 committed by Jared Quick
parent 8416c07a81
commit 4e71604ef5
1 changed files with 86 additions and 98 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

182
docs/resources/azure_resource_group.md.erb
View file

@ -4,7 +4,7 @@ title: About the azure_resource_group_resource_counts Resource
# azure\_resource\_group\_resource\_counts # azure\_resource\_group\_resource\_counts
Use the `azure_resource_group_resource_counts` InSpec audit resource to check the number of Azure resources in a resource group Use the `azure_resource_group_resource_counts` InSpec audit resource to check the number of Azure resources in a resource group.
## Syntax ## Syntax
@ -24,11 +24,7 @@ The options that can be passed to the resource are as follows.
## Examples ## Examples
The following examples show how to use this InSpec audit resource The following examples show how to use this InSpec audit resource:
Please refer the integration tests for more in depth examples:
- [Resource Group](../../test/integration/verify/controls/resource_group.rb)
### Test Resource Group has the correct number of resources ### Test Resource Group has the correct number of resources
@ -59,22 +55,24 @@ Use this parameter to define the Azure Resource Group to be tested.
example: MyResourceGroup example: MyResourceGroup
### name ### `name`
Use this parameter to define the name of the Azure resource to test Use this parameter to define the name of the Azure resource to test.
example: MyVM example: MyVM
If both `group_name` and `name` is set then `name` will take priority If both `group_name` and `name` is set then `name` will take priority.
These options can also be set using the environment variables: These options can also be set using the environment variables:
- `AZURE_RESOURCE_GROUP_NAME` * `AZURE_RESOURCE_GROUP_NAME`
- `AZURE_RESOURCE_NAME` * `AZURE_RESOURCE_NAME`
When the options have been set as well as the environment variables, the environment variables take priority. When the options have been set as well as the environment variables, the environment variables take priority.
### Parameter Example <br>
## Parameter Examples
describe azure_resource_group_resource_counts(name: 'ChefAutomate') do describe azure_resource_group_resource_counts(name: 'ChefAutomate') do
its('total') { should eq 7} its('total') { should eq 7}
@ -96,137 +94,144 @@ This InSpec audit resource has the following properties:
### name ### name
Returns the name of the resource group. Tests the name of the resource group.
its(name) { should cmp 'nugget' } its('name') { should cmp 'Inspec-Azure' }
### location ### location
Returns where in Azure the resource group is located. Tests where in Azure the resource group is located.
its(location) { should cmp 'us-west' } its('location') { should cmp 'westeurope' }
### id ### id
Returns the full qualified ID of the resource group. Tests the full qualified ID of the resource group.
This is in the format `/subscriptions/<SUBSCRIPTION_ID>/resourceGroups/<RESOURCE_GROUP_NAME>`. This takes the format: `/subscriptions/<SUBSCRIPTION_ID>/resourceGroups/<RESOURCE_GROUP_NAME>`.
its(id) { should cmp 'FQDN' } its('id') { should cmp 'FQDN' }
### provisioning_state ### provisioning_state
The provisioning state of the resource group. Tests thehe provisioning state of the resource group.
its(provisioning_state) { should cmp '????' } its('provisioning_state') { should cmp 'Succeeded' }
### subscription_id
Returns the subscription ID which contains the resource group.
This is derived from the `id`.
its(subscription_id) { should cmp '????' }
### total ### total
The total number of resources in the resource group Tests the total number of resources in the resource group.
its(total) { should eq 5 } its('total') { should eq 13 }
### nic_count ### nic_count
The number of network interface cards in the resource group Tests the number of network interface cards in the resource group.
its(nic_count) { should eq 2 } it { should have_nics }
its('nic_count') { should eq 3 }
### vm_count ### vm_count
The number of virtual machines in the resource group Tests the number of virtual machines in the resource group.
its(vm_count) { should eq 5 } its('vm_count') { should eq 5 }
### vnet_count ### vnet_count
The number of virtual networks in the resource group Tests the number of virtual networks in the resource group.
its(vnet_count) { should eq 5 } its('vnet_count') { should eq 5 }
### sa_count ### sa_count
The number of storage accounts in the resource group Tests the number of storage accounts in the resource group.
its(sa_count) { should eq 5 } its('sa_count') { should eq 5 }
### public_ip_count ### public\_ip\_count
The number of Public IP Addresses in the resource group Tests the number of Public IP Addresses in the resource group.
its(public_ip_count) { should eq 5 } its('public_ip_count') { should eq 5 }
### managed_disk_image_count ### managed\_disk\_image\_count
The number of managed disk images that are in the resource group. Tests the number of managed disk images that are in the resource group.
These are the items from which managed disks are created which are attached to machines. Generally the images are created from a base image or a custom image (e.g. Packer) These are the items from which managed disks are created which are attached to machines. Generally the images are created from a base image or a custom image (e.g. Packer).
its(managed_disk_image_count) { should eq 5 } its('managed_disk_image_count') { should eq 5 }
### managed_disk_count ### managed\_disk\_count
The number of managed disks in the resource group. Tests the number of managed disks in the resource group.
If a resource group contains one virtual machine with an OS disk and 2 data disks that are all Managed Disks, then the count would be 3. If a resource group contains one virtual machine with an OS disk and 2 data disks that are all Managed Disks, then the count would be 3.
its(managed_disk_count) { should eq 3 } its('managed_disk_count') { should eq 3 }
<br> <br>
## Matchers ## Matchers
This resource has a number of `have_xxxx` matchers that provide a simple way to test of a specific Azure Resoure Type exists in the resource group. This resource has a number of special matchers that provide a simple way to test of a specific Azure Resoure Type exists in the resource group.
### `have_nics` For a full list of available matchers, please visit our [matchers page](https://www.inspec.io/docs/reference/matchers/).
Use this resource to test ` ### have_nics
Microsoft.Network/networkInterfaces`
### `have_vms` Use this matcher to test if network interfaces exist.
Use this resource to test `Microsoft.Compute/virtualMachines` it { should have_ncis }
### `have_extensions` ### have_vms
Use this resource to test `Microsoft.Compute/virtualMachines/extensions`` Use this matcher to test that virtual machines exist.
### `have_nsgs` it { should have_vms }
Use this resource to test `Microsoft.Network/networkSecurityGroups` ### have_extensions
### `have_vnets` Use this matcher to test for virtual machine extensions.
Use this resource to test `Microsoft.Network/virtualNetworks` it { should have_extensions }
### `have_managed_disks` ### have_nsgs
Use this resource to test `Microsoft.Compute/disks` Use this matcher to test that network security groups exist.
### `have_managed_disk_images` it { should have_nsgs }
Use this resource to test `Microsoft.Compute/images` ### have_vnets
### `have_sas` Use this matcher to test that virtual networks exist.
Use this resource to test `Microsoft.Storage/storageAccounts` it { should have_vnets }
### `have_public_ips` ### have\_managed\_disks
Use this resource to test `Microsoft.Network/publicIPAddresses` Use this matcher to test that managed disks exist.
With these methods the following tests are possible it { should have_managed_disks }
it { should have_nics } ### have\_managed\_disk\_images
it { should_not have_extensions }
Use this matcher to test that managed disk images exist.
it { should have_managed_disk_images }
### have_sas
Use this matcher to test that storage accounts exist.
it { should have_sas }
### have\_public\_ips
Use this matcher to test that public ips exist.
it { should have_public_ips }
## Tags ## Tags
@ -266,31 +271,14 @@ Then a property is available called `Owner_tag`.
Note: The tag name is case sensitive which makes the test case sensitive. E.g. `owner_tag` does not equal `Owner_tag`. Note: The tag name is case sensitive which makes the test case sensitive. E.g. `owner_tag` does not equal `Owner_tag`.
## Examples <br>
The following examples show how to use this InSpec audit resource
Please refer the integration tests for more in depth examples:
- [Resource Group](../../test/integration/verify/controls/resource_group.rb)
### Test Resource Group has the correct number of resources
describe azure_resource_group_resource_counts(name: 'Inspec-Azure') do
its('total') { should eq 7}
end
### Ensure that the Resource Group contains the correct resources
describe azure_resource_group_resource_counts(name: 'Inspec-Azure') do
its('total') { should eq 7 }
its('vm_count') { should eq 2 }
its('nic_count') { should eq 2 }
its('public_ip_count') { should eq 1 }
its('sa_count') { should eq 1 }
its('vnet_count') { should eq 1 }
end
## References ## References
- [Azure Ruby SDK - Resources](https://github.com/Azure/azure-sdk-for-ruby/tree/master/management/azure_mgmt_resources) For more information on Azure Ruby SDK resources, see:
* [Azure Ruby SDK - Resources](https://github.com/Azure/azure-sdk-for-ruby/tree/master/management/azure_mgmt_resources)
For more exaples on using these resource properties in tests, see:
* [Resource Group](https://github.com/chef/inspec/blob/fc990346f2438690f0ac36a9f6606e61574a79b8/test/azure/verify/controls/resource_group.rb)