From cf615eb837849c2fee9bb995ce0d2061cfb8c75a Mon Sep 17 00:00:00 2001 From: Sathish Date: Thu, 6 Jan 2022 23:59:09 +0530 Subject: [PATCH 1/7] support azure synapse workspace Signed-off-by: Sathish --- libraries/azure_synapse_workspace.rb | 22 +++++++++++++++++ libraries/azure_synapse_workspaces.rb | 35 +++++++++++++++++++++++++++ 2 files changed, 57 insertions(+) create mode 100644 libraries/azure_synapse_workspace.rb create mode 100644 libraries/azure_synapse_workspaces.rb diff --git a/libraries/azure_synapse_workspace.rb b/libraries/azure_synapse_workspace.rb new file mode 100644 index 000000000..16aab084b --- /dev/null +++ b/libraries/azure_synapse_workspace.rb @@ -0,0 +1,22 @@ +require 'azure_generic_resource' + +class AzureSynapseWorkspace < AzureGenericResource + name 'azure_synapse_workspace' + desc 'Retrieves and verifies the settings of an Azure Synapse Workspace.' + example <<-EXAMPLE + describe azure_synapse_workspace(resource_group: 'inspec-def-rg', name: 'synapse-ws') do + it { should exist } + end + EXAMPLE + + def initialize(opts = {}) + raise ArgumentError, 'Parameters must be provided in an Hash object.' unless opts.is_a?(Hash) + + opts[:resource_provider] = specific_resource_constraint('Microsoft.Synapse/workspaces', opts) + super(opts, true) + end + + def to_s + super(AzureSynapseWorkspace) + end +end diff --git a/libraries/azure_synapse_workspaces.rb b/libraries/azure_synapse_workspaces.rb new file mode 100644 index 000000000..772851731 --- /dev/null +++ b/libraries/azure_synapse_workspaces.rb @@ -0,0 +1,35 @@ +require 'azure_generic_resources' + +class AzureSynapseWorkspaces < AzureGenericResources + name 'azure_synapse_workspaces' + desc 'Verifies settings for a collection of Azure Synapse Workspaces' + example <<-EXAMPLE + describe azure_synapse_workspaces do + it { should exist } + end + EXAMPLE + + def initialize(opts = {}) + raise ArgumentError, 'Parameters must be provided in an Hash object.' unless opts.is_a?(Hash) + + opts[:resource_provider] = specific_resource_constraint('Microsoft.Synapse/workspaces', opts) + super(opts, true) + return if failed_resource? + + populate_filter_table_from_response + end + + def to_s + super(AzureSynapseWorkspaces) + end + + private + + def populate_table + @resources.each do |resource| + @table << resource.merge(resource[:properties]) + .merge(resource.dig(:properties, :defaultDataLakeStorage)) + .merge(resource.dig(:properties, :connectivityEndpoints)) + end + end +end From 7905156b638c384976ec0cdbedd8e340f7ce9ae8 Mon Sep 17 00:00:00 2001 From: Sathish Date: Thu, 6 Jan 2022 23:59:22 +0530 Subject: [PATCH 2/7] unit test azure synapse workspace Signed-off-by: Sathish --- .../resources/azure_synapse_workspace_test.rb | 17 +++++++++++++++ .../azure_synapse_workspaces_test.rb | 21 +++++++++++++++++++ 2 files changed, 38 insertions(+) create mode 100644 test/unit/resources/azure_synapse_workspace_test.rb create mode 100644 test/unit/resources/azure_synapse_workspaces_test.rb diff --git a/test/unit/resources/azure_synapse_workspace_test.rb b/test/unit/resources/azure_synapse_workspace_test.rb new file mode 100644 index 000000000..363ed161d --- /dev/null +++ b/test/unit/resources/azure_synapse_workspace_test.rb @@ -0,0 +1,17 @@ +require_relative 'helper' +require 'azure_synapse_workspace' + +class AzureSynapseWorkspaceConstructorTest < Minitest::Test + def test_empty_param_not_ok + assert_raises(ArgumentError) { AzureSynapseWorkspace.new } + end + + # resource_provider should not be allowed. + def test_resource_provider_not_ok + assert_raises(ArgumentError) { AzureSynapseWorkspace.new(resource_provider: 'some_type') } + end + + def test_resource_group_name_alone_not_ok + assert_raises(ArgumentError) { AzureSynapseWorkspace.new(resource_group: 'test') } + end +end diff --git a/test/unit/resources/azure_synapse_workspaces_test.rb b/test/unit/resources/azure_synapse_workspaces_test.rb new file mode 100644 index 000000000..ab3c80881 --- /dev/null +++ b/test/unit/resources/azure_synapse_workspaces_test.rb @@ -0,0 +1,21 @@ +require_relative 'helper' +require 'azure_synapse_workspaces' + +class AzureSynapseWorkspacesConstructorTest < Minitest::Test + # resource_type should not be allowed. + def test_resource_type_not_ok + assert_raises(ArgumentError) { AzureSynapseWorkspaces.new(resource_provider: 'some_type') } + end + + def tag_value_not_ok + assert_raises(ArgumentError) { AzureSynapseWorkspaces.new(tag_value: 'some_tag_value') } + end + + def tag_name_not_ok + assert_raises(ArgumentError) { AzureSynapseWorkspaces.new(tag_name: 'some_tag_name') } + end + + def test_name_not_ok + assert_raises(ArgumentError) { AzureSynapseWorkspaces.new(name: 'some_name') } + end +end From 2a23779193c88a4baf39e3d6c644a72e0b8a7d9f Mon Sep 17 00:00:00 2001 From: Sathish Date: Thu, 6 Jan 2022 23:59:29 +0530 Subject: [PATCH 3/7] integral test azure synapse workspace Signed-off-by: Sathish --- .../verify/controls/azure_synapse_workspace.rb | 14 ++++++++++++++ .../verify/controls/azure_synapse_workspaces.rb | 14 ++++++++++++++ 2 files changed, 28 insertions(+) create mode 100644 test/integration/verify/controls/azure_synapse_workspace.rb create mode 100644 test/integration/verify/controls/azure_synapse_workspaces.rb diff --git a/test/integration/verify/controls/azure_synapse_workspace.rb b/test/integration/verify/controls/azure_synapse_workspace.rb new file mode 100644 index 000000000..95a34430f --- /dev/null +++ b/test/integration/verify/controls/azure_synapse_workspace.rb @@ -0,0 +1,14 @@ +resource_group = input(:resource_group, value: '') +location = input(:location, value: '') +synapse_ws_name = input(:synapse_inspec_ws_name, value: '') + +control 'Verify settings of all Azure Synapse Workspaces' do + describe azure_synapse_workspace(resource_group: resource_group, name: synapse_ws_name) do + it { should exist } + its('name') { should eq synapse_ws_name } + its('location') { should eq location.downcase.gsub("\s", '') } + its('properties.provisioningState') { should eq 'Succeeded' } + its('properties.managedResourceGroupName') { should eq resource_group } + its('properties.sqlAdministratorLogin') { should eq 'login' } + end +end diff --git a/test/integration/verify/controls/azure_synapse_workspaces.rb b/test/integration/verify/controls/azure_synapse_workspaces.rb new file mode 100644 index 000000000..0524a3f40 --- /dev/null +++ b/test/integration/verify/controls/azure_synapse_workspaces.rb @@ -0,0 +1,14 @@ +resource_group = input(:resource_group, value: '') +location = input(:location, value: '') +synapse_ws_name = input(:synapse_inspec_ws_name, value: '') + +control 'Verify settings of all Azure Synapse Workspaces' do + describe azure_synapse_workspaces do + it { should exist } + its('names') { should include synapse_ws_name } + its('locations') { should include location.downcase.gsub("\s", '') } + its('provisioningStates') { should include 'Succeeded' } + its('managedResourceGroupNames') { should include resource_group } + its('sqlAdministratorLogins') { should include 'login' } + end +end From f224e6f3b1bf605ed46e5d2f81dfcdca62331526 Mon Sep 17 00:00:00 2001 From: Sathish Date: Thu, 6 Jan 2022 23:59:49 +0530 Subject: [PATCH 4/7] tf azure synapse workspace Signed-off-by: Sathish --- terraform/azure.tf | 19 +++++++++++++++++++ terraform/outputs.tf | 5 +++++ 2 files changed, 24 insertions(+) diff --git a/terraform/azure.tf b/terraform/azure.tf index beb50f970..9bbbc42c3 100644 --- a/terraform/azure.tf +++ b/terraform/azure.tf @@ -1556,4 +1556,23 @@ resource "azurerm_sql_managed_instance" "sql_instance_for_inspec" { azurerm_subnet_network_security_group_association.subnet_nsg, azurerm_subnet_route_table_association.route_table_assoc_inspec, ] +} + +resource "azurerm_synapse_workspace" "synapse_inspec_ws" { + name = "synapse-inspec-ws" + resource_group_name = azurerm_resource_group.rg.name + location = azurerm_resource_group.rg.location + storage_data_lake_gen2_filesystem_id = azurerm_storage_data_lake_gen2_filesystem.inspec_adls_gen2.id + sql_administrator_login = "sqladminuser" + sql_administrator_login_password = "H@Sh1CoR3!" + + aad_admin { + login = "AzureAD Admin" + object_id = "00000000-0000-0000-0000-000000000000" + tenant_id = "00000000-0000-0000-0000-000000000000" + } + + tags = { + Env = "inspec" + } } \ No newline at end of file diff --git a/terraform/outputs.tf b/terraform/outputs.tf index 86bcab8be..d6cdf4ad7 100644 --- a/terraform/outputs.tf +++ b/terraform/outputs.tf @@ -527,4 +527,9 @@ output "inspec_adls_dns_suffix" { output "inspec_sql_managed_instance_name" { description = "The SQL managed instance name" value = azurerm_sql_managed_instance.sql_instance_for_inspec.name +} + +output "synapse_inspec_ws_name" { + description = "Synapse Workspace Name" + value = azurerm_synapse_workspace.synapse_inspec_ws.name } \ No newline at end of file From 8e2e946db1f4b9d9886ad6b8267f8bdd9ef45f76 Mon Sep 17 00:00:00 2001 From: Sathish Date: Thu, 6 Jan 2022 23:59:58 +0530 Subject: [PATCH 5/7] document azure synapse workspace Signed-off-by: Sathish --- docs/resources/azure_synapse_workspace.md | 99 ++++++++++++++++++++++ docs/resources/azure_synapse_workspaces.md | 95 +++++++++++++++++++++ 2 files changed, 194 insertions(+) create mode 100644 docs/resources/azure_synapse_workspace.md create mode 100644 docs/resources/azure_synapse_workspaces.md diff --git a/docs/resources/azure_synapse_workspace.md b/docs/resources/azure_synapse_workspace.md new file mode 100644 index 000000000..44bb02577 --- /dev/null +++ b/docs/resources/azure_synapse_workspace.md @@ -0,0 +1,99 @@ +--- +title: About the azure_synapse_workspace Resource +platform: azure +--- + +# azure_synapse_workspace + +Use the `azure_synapse_workspace` InSpec audit resource to test properties related to an Azure Synapse Workspaces. + +## Azure REST API version, endpoint and http client parameters + +This resource interacts with api versions supported by the resource provider. +The `api_version` can be defined as a resource parameter. +If not provided, the latest version will be used. +For more information, refer to [`azure_generic_resource`](azure_generic_resource.md). + +Unless defined, `azure_cloud` global endpoint, and default values for the http client will be used. +For more information, refer to the resource pack [README](../../README.md). + +## Availability + +### Installation + +This resource is available in the [InSpec Azure resource pack](https://github.com/inspec/inspec-azure). +For an example `inspec.yml` file and how to set up your Azure credentials, refer to resource pack [README](../../README.md#Service-Principal). + +## Syntax + +`name`, `resource_group` is a required parameter. + +```ruby +describe azure_synapse_workspace(resource_group: 'RESOURCE_GROUP', name: 'SYNAPSE_WORKSPACE_NAME') do + it { should exist } + its('type') { should eq 'Microsoft.SqlVirtualMachine/sqlVirtualMachineGroups' } + its('location') { should eq 'eastus' } +end +``` + +```ruby +describe azure_synapse_workspace(resource_group: 'RESOURCE_GROUP', name: 'SYNAPSE_WORKSPACE_NAME') do + it { should exist } +end +``` +## Parameters + +| Name | Description | +|----------------|----------------------------------------------------------------------------------| +| name | Name of the Azure Synapse Workspace to test. | +| resource_group | Azure resource group that the targeted resource resides in. `MyResourceGroup` | + +The parameter set should be provided for a valid query: +- `resource_group` and `name` + +## Properties + +| Property | Description | +|--------------------------|------------------------------------------------------------------| +| id | Resource Id. | +| name | Resource name. | +| type | Resource type. `Microsoft.Synapse/workspaces` | +| location | The Geo-location where the resource lives. | +| properties | The properties of the Synapse Workspaces. | +| properties.provisioningState | State of the resource. | + + +For properties applicable to all resources, such as `type`, `name`, `id`, `properties`, refer to [`azure_generic_resource`](azure_generic_resource.md#properties). + +Also, refer to [Azure documentation](https://docs.microsoft.com/en-us/rest/api/synapse/workspaces/get) for other properties available. + +## Examples + +### Test that the Synapse Workspaces is provisioned successfully. + +```ruby +describe azure_synapse_workspace(resource_group: 'RESOURCE_GROUP', name: 'SYNAPSE_WORKSPACE_NAME') do + its('properties.provisioningState') { should eq 'Succeeded' } +end +``` + +## Matchers + +This InSpec audit resource has the following special matchers. For a full list of available matchers, please visit our [Universal Matchers page](/inspec/matchers/). + +### exists + +```ruby +# If a Synapse Workspaces is found it will exist +describe azure_synapse_workspace(resource_group: 'RESOURCE_GROUP', name: 'SYNAPSE_WORKSPACE_NAME') do + it { should exist } +end +# if Synapse Workspaces is not found it will not exist +describe azure_synapse_workspace(resource_group: 'RESOURCE_GROUP', name: 'SYNAPSE_WORKSPACE_NAME') do + it { should_not exist } +end +``` + +## Azure Permissions + +Your [Service Principal](https://docs.microsoft.com/en-us/azure/azure-resource-manager/resource-group-create-service-principal-portal) must be setup with a `reader` role on the subscription you wish to test. \ No newline at end of file diff --git a/docs/resources/azure_synapse_workspaces.md b/docs/resources/azure_synapse_workspaces.md new file mode 100644 index 000000000..d3ec6f16e --- /dev/null +++ b/docs/resources/azure_synapse_workspaces.md @@ -0,0 +1,95 @@ +--- +title: About the azure_synapse_workspaces Resource +platform: azure +--- + +# azure_synapse_workspaces + +Use the `azure_synapse_workspaces` InSpec audit resource to test properties related to all Azure Synapse Workspaces. + +## Azure REST API version, endpoint and http client parameters + +This resource interacts with api versions supported by the resource provider. +The `api_version` can be defined as a resource parameter. +If not provided, the latest version will be used. +For more information, refer to [`azure_generic_resource`](azure_generic_resource.md). + +Unless defined, `azure_cloud` global endpoint, and default values for the http client will be used. +For more information, refer to the resource pack [README](../../README.md). + +## Availability + +### Installation + +This resource is available in the [InSpec Azure resource pack](https://github.com/inspec/inspec-azure). +For an example `inspec.yml` file and how to set up your Azure credentials, refer to resource pack [README](../../README.md#Service-Principal). + +## Syntax + +An `azure_synapse_workspaces` resource block returns all Azure Synapse Workspaces. + +```ruby +describe azure_synapse_workspaces do + #... +end +``` + +## Parameters +| Name | Description | +|----------------|----------------------------------------------------------------------------------| +| resource_group | Azure resource group that the targeted resource resides in. `MyResourceGroup` (Optional) | + +The parameter set optionally be provided for a valid query: +- `resource_group` + +## Properties + +|Property | Description | Filter Criteria* | +|--------------------------------|------------------------------------------------------------------------|------------------| +| ids | A list of resource IDs. | `id` | +| names | A list of resource Names. | `name` | +| types | A list of the resource types. | `type` | +| properties | A list of Properties for all the Synapse Workspaces. | `properties` | +| locations | A list of the Geo-locations. | `location` | +| provisioningStates | A list of provisioning states of the Synapse Workspaces. | `provisioningState`| + +* For information on how to use filter criteria on plural resources refer to [FilterTable usage](https://github.com/inspec/inspec/blob/master/dev-docs/filtertable-usage.md). + +## Examples + +### Loop through Synapse Workspaces by their names. + +```ruby +azure_synapse_workspaces.names.each do |name| + describe azure_synapse_workspace(resource_group: 'RESOURCE_GROUP', name: name) do + it { should exist } + end +end +``` +### Test that there are Synapse Workspaces that are successfully provisioned. + +```ruby +describe azure_synapse_workspaces(resource_group: 'RESOURCE_GROUP').where(provisioningState: 'Succeeded') do + it { should exist } +end +``` + +## Matchers + +This InSpec audit resource has the following special matchers. For a full list of available matchers, please visit our [Universal Matchers page](https://www.inspec.io/docs/reference/matchers/). + +### exists + +```ruby +# Should not exist if no Synapse Workspaces are present +describe azure_synapse_workspaces(resource_group: 'RESOURCE_GROUP') do + it { should_not exist } +end +# Should exist if the filter returns at least one Synapse Workspaces +describe azure_synapse_workspaces(resource_group: 'RESOURCE_GROUP') do + it { should exist } +end +``` +## Azure Permissions + +Your [Service Principal](https://docs.microsoft.com/en-us/azure/azure-resource-manager/resource-group-create-service-principal-portal) must be setup with a `reader` role on the subscription you wish to test. \ No newline at end of file From 694bd45a575e35345a3b022925fa723432e631c5 Mon Sep 17 00:00:00 2001 From: Sathish Date: Fri, 7 Jan 2022 00:00:49 +0530 Subject: [PATCH 6/7] update docs for synapse workspace Signed-off-by: Sathish --- README.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/README.md b/README.md index 2126c478f..5752fbe42 100644 --- a/README.md +++ b/README.md @@ -245,6 +245,8 @@ The following is a list of static resources. - [azure_subscriptions](docs/resources/azure_subscriptions.md) - [azure_synapse_notebook](docs/resources/azure_synapse_notebook.md) - [azure_synapse_notebooks](docs/resources/azure_synapse_notebooks.md) +- [azure_synapse_workspace](docs/resources/azure_synapse_workspace.md) +- [azure_synapse_workspaces](docs/resources/azure_synapse_workspaces.md) - [azure_virtual_machine](docs/resources/azure_virtual_machine.md) - [azure_virtual_machines](docs/resources/azure_virtual_machines.md) - [azure_virtual_machine_disk](docs/resources/azure_virtual_machine_disk.md) From 232708a9c6ca286f451f2c067537d8ccf33788b8 Mon Sep 17 00:00:00 2001 From: Ian Maddaus Date: Fri, 11 Mar 2022 14:32:19 -0500 Subject: [PATCH 7/7] doc edits Signed-off-by: Ian Maddaus --- .../resources/azure_synapse_workspace.md | 103 ++++++++++++++++ .../resources/azure_synapse_workspaces.md | 113 ++++++++++++++++++ .../resources/azure_synapse_workspace.md | 99 --------------- .../resources/azure_synapse_workspaces.md | 95 --------------- 4 files changed, 216 insertions(+), 194 deletions(-) create mode 100644 docs-chef-io/content/inspec/resources/azure_synapse_workspace.md create mode 100644 docs-chef-io/content/inspec/resources/azure_synapse_workspaces.md delete mode 100644 docs-chef-io/resources/azure_synapse_workspace.md delete mode 100644 docs-chef-io/resources/azure_synapse_workspaces.md diff --git a/docs-chef-io/content/inspec/resources/azure_synapse_workspace.md b/docs-chef-io/content/inspec/resources/azure_synapse_workspace.md new file mode 100644 index 000000000..a7f274b03 --- /dev/null +++ b/docs-chef-io/content/inspec/resources/azure_synapse_workspace.md @@ -0,0 +1,103 @@ ++++ +title = "azure_synapse_workspace Resource" +platform = "azure" +draft = false +gh_repo = "inspec-azure" + +[menu.inspec] +title = "azure_synapse_workspace" +identifier = "inspec/resources/azure/azure_synapse_workspace Resource" +parent = "inspec/resources/azure" ++++ + +Use the `azure_synapse_workspace` InSpec audit resource to test properties related to an Azure Synapse workspace. + +## Azure REST API Version, Endpoint, and HTTP Client Parameters + +{{% inspec_azure_common_parameters %}} + +## Installation + +{{% inspec_azure_install %}} + +## Syntax + +```ruby +describe azure_synapse_workspace(resource_group: 'RESOURCE_GROUP', name: 'SYNAPSE_WORKSPACE_NAME') do + it { should exist } + its('type') { should eq 'Microsoft.SqlVirtualMachine/sqlVirtualMachineGroups' } + its('location') { should eq 'eastus' } +end +``` + +```ruby +describe azure_synapse_workspace(resource_group: 'RESOURCE_GROUP', name: 'SYNAPSE_WORKSPACE_NAME') do + it { should exist } +end +``` + +## Parameters + +`name` _(required)_ +: Name of the Azure Synapse workspace to test. + +`resource_group` _(required)_ +: Azure resource group that the targeted resource resides in. + +## Properties + +`id` +: Resource Id. + +`name` +: Resource name. + +`type` +: Resource type. `Microsoft.Synapse/workspaces`. + +`location` +: The Geo-location where the resource lives. + +`properties` +: The properties of the Synapse workspaces. + +`properties.provisioningState` +: State of the resource. + + +For properties applicable to all resources, such as `type`, `name`, `id`, `properties`, refer to [`azure_generic_resource`]({{< relref "azure_generic_resource.md#properties" >}}). + +Also, refer to [Azure documentation](https://docs.microsoft.com/en-us/rest/api/synapse/workspaces/get) for other properties available. + +## Examples + +**Test that the Synapse workspaces is provisioned successfully.** + +```ruby +describe azure_synapse_workspace(resource_group: 'RESOURCE_GROUP', name: 'SYNAPSE_WORKSPACE_NAME') do + its('properties.provisioningState') { should eq 'Succeeded' } +end +``` + +## Matchers + +{{% inspec_matchers_link %}} + +### exists + +```ruby +# If a Synapse workspaces is found it will exist + +describe azure_synapse_workspace(resource_group: 'RESOURCE_GROUP', name: 'SYNAPSE_WORKSPACE_NAME') do + it { should exist } +end +# if Synapse workspaces is not found it will not exist + +describe azure_synapse_workspace(resource_group: 'RESOURCE_GROUP', name: 'SYNAPSE_WORKSPACE_NAME') do + it { should_not exist } +end +``` + +## Azure Permissions + +{{% azure_permissions_service_principal role="reader" %}} diff --git a/docs-chef-io/content/inspec/resources/azure_synapse_workspaces.md b/docs-chef-io/content/inspec/resources/azure_synapse_workspaces.md new file mode 100644 index 000000000..6909b50ac --- /dev/null +++ b/docs-chef-io/content/inspec/resources/azure_synapse_workspaces.md @@ -0,0 +1,113 @@ ++++ +title = "azure_synapse_workspaces Resource" +platform = "azure" +draft = false +gh_repo = "inspec-azure" + +[menu.inspec] +title = "azure_synapse_workspaces" +identifier = "inspec/resources/azure/azure_synapse_workspaces Resource" +parent = "inspec/resources/azure" ++++ + +Use the `azure_synapse_workspaces` InSpec audit resource to test properties related to all Azure Synapse workspaces. + +## Azure REST API Version, Endpoint, and HTTP Client Parameters + +{{% inspec_azure_common_parameters %}} + +## Installation + +{{% inspec_azure_install %}} + +## Syntax + +An `azure_synapse_workspaces` resource block returns all Azure Synapse workspaces. + +```ruby +describe azure_synapse_workspaces do + #... +end +``` + +## Parameters + +`resource_group` _(optional)_ +: Azure resource group that the targeted resource resides in. + +## Properties + +`ids` +: A list of resource IDs. + +: **Field**: `id` + +`names` +: A list of resource Names. + +: **Field**: `name` + +`types` +: A list of the resource types. + +: **Field**: `type` + +`properties` +: A list of Properties for all the Synapse workspaces. + +: **Field**: `properties` + +`locations` +: A list of the Geo-locations. + +: **Field**: `location` + +`provisioningStates` +: A list of provisioning states of the Synapse workspaces. + +: **Field**: `provisioningState` + +{{% inspec_filter_table %}} + +## Examples + +**Loop through Synapse workspaces by their names.** + +```ruby +azure_synapse_workspaces.names.each do |name| + describe azure_synapse_workspace(resource_group: 'RESOURCE_GROUP', name: name) do + it { should exist } + end +end +``` + +**Test that there are Synapse workspaces that are successfully provisioned.** + +```ruby +describe azure_synapse_workspaces(resource_group: 'RESOURCE_GROUP').where(provisioningState: 'Succeeded') do + it { should exist } +end +``` + +## Matchers + +{{% inspec_matchers_link %}} + +### exists + +```ruby +# Should not exist if no Synapse workspaces are present + +describe azure_synapse_workspaces(resource_group: 'RESOURCE_GROUP') do + it { should_not exist } +end +# Should exist if the filter returns at least one Synapse workspaces + +describe azure_synapse_workspaces(resource_group: 'RESOURCE_GROUP') do + it { should exist } +end +``` + +## Azure Permissions + +{{% azure_permissions_service_principal role="reader" %}} diff --git a/docs-chef-io/resources/azure_synapse_workspace.md b/docs-chef-io/resources/azure_synapse_workspace.md deleted file mode 100644 index 44bb02577..000000000 --- a/docs-chef-io/resources/azure_synapse_workspace.md +++ /dev/null @@ -1,99 +0,0 @@ ---- -title: About the azure_synapse_workspace Resource -platform: azure ---- - -# azure_synapse_workspace - -Use the `azure_synapse_workspace` InSpec audit resource to test properties related to an Azure Synapse Workspaces. - -## Azure REST API version, endpoint and http client parameters - -This resource interacts with api versions supported by the resource provider. -The `api_version` can be defined as a resource parameter. -If not provided, the latest version will be used. -For more information, refer to [`azure_generic_resource`](azure_generic_resource.md). - -Unless defined, `azure_cloud` global endpoint, and default values for the http client will be used. -For more information, refer to the resource pack [README](../../README.md). - -## Availability - -### Installation - -This resource is available in the [InSpec Azure resource pack](https://github.com/inspec/inspec-azure). -For an example `inspec.yml` file and how to set up your Azure credentials, refer to resource pack [README](../../README.md#Service-Principal). - -## Syntax - -`name`, `resource_group` is a required parameter. - -```ruby -describe azure_synapse_workspace(resource_group: 'RESOURCE_GROUP', name: 'SYNAPSE_WORKSPACE_NAME') do - it { should exist } - its('type') { should eq 'Microsoft.SqlVirtualMachine/sqlVirtualMachineGroups' } - its('location') { should eq 'eastus' } -end -``` - -```ruby -describe azure_synapse_workspace(resource_group: 'RESOURCE_GROUP', name: 'SYNAPSE_WORKSPACE_NAME') do - it { should exist } -end -``` -## Parameters - -| Name | Description | -|----------------|----------------------------------------------------------------------------------| -| name | Name of the Azure Synapse Workspace to test. | -| resource_group | Azure resource group that the targeted resource resides in. `MyResourceGroup` | - -The parameter set should be provided for a valid query: -- `resource_group` and `name` - -## Properties - -| Property | Description | -|--------------------------|------------------------------------------------------------------| -| id | Resource Id. | -| name | Resource name. | -| type | Resource type. `Microsoft.Synapse/workspaces` | -| location | The Geo-location where the resource lives. | -| properties | The properties of the Synapse Workspaces. | -| properties.provisioningState | State of the resource. | - - -For properties applicable to all resources, such as `type`, `name`, `id`, `properties`, refer to [`azure_generic_resource`](azure_generic_resource.md#properties). - -Also, refer to [Azure documentation](https://docs.microsoft.com/en-us/rest/api/synapse/workspaces/get) for other properties available. - -## Examples - -### Test that the Synapse Workspaces is provisioned successfully. - -```ruby -describe azure_synapse_workspace(resource_group: 'RESOURCE_GROUP', name: 'SYNAPSE_WORKSPACE_NAME') do - its('properties.provisioningState') { should eq 'Succeeded' } -end -``` - -## Matchers - -This InSpec audit resource has the following special matchers. For a full list of available matchers, please visit our [Universal Matchers page](/inspec/matchers/). - -### exists - -```ruby -# If a Synapse Workspaces is found it will exist -describe azure_synapse_workspace(resource_group: 'RESOURCE_GROUP', name: 'SYNAPSE_WORKSPACE_NAME') do - it { should exist } -end -# if Synapse Workspaces is not found it will not exist -describe azure_synapse_workspace(resource_group: 'RESOURCE_GROUP', name: 'SYNAPSE_WORKSPACE_NAME') do - it { should_not exist } -end -``` - -## Azure Permissions - -Your [Service Principal](https://docs.microsoft.com/en-us/azure/azure-resource-manager/resource-group-create-service-principal-portal) must be setup with a `reader` role on the subscription you wish to test. \ No newline at end of file diff --git a/docs-chef-io/resources/azure_synapse_workspaces.md b/docs-chef-io/resources/azure_synapse_workspaces.md deleted file mode 100644 index d3ec6f16e..000000000 --- a/docs-chef-io/resources/azure_synapse_workspaces.md +++ /dev/null @@ -1,95 +0,0 @@ ---- -title: About the azure_synapse_workspaces Resource -platform: azure ---- - -# azure_synapse_workspaces - -Use the `azure_synapse_workspaces` InSpec audit resource to test properties related to all Azure Synapse Workspaces. - -## Azure REST API version, endpoint and http client parameters - -This resource interacts with api versions supported by the resource provider. -The `api_version` can be defined as a resource parameter. -If not provided, the latest version will be used. -For more information, refer to [`azure_generic_resource`](azure_generic_resource.md). - -Unless defined, `azure_cloud` global endpoint, and default values for the http client will be used. -For more information, refer to the resource pack [README](../../README.md). - -## Availability - -### Installation - -This resource is available in the [InSpec Azure resource pack](https://github.com/inspec/inspec-azure). -For an example `inspec.yml` file and how to set up your Azure credentials, refer to resource pack [README](../../README.md#Service-Principal). - -## Syntax - -An `azure_synapse_workspaces` resource block returns all Azure Synapse Workspaces. - -```ruby -describe azure_synapse_workspaces do - #... -end -``` - -## Parameters -| Name | Description | -|----------------|----------------------------------------------------------------------------------| -| resource_group | Azure resource group that the targeted resource resides in. `MyResourceGroup` (Optional) | - -The parameter set optionally be provided for a valid query: -- `resource_group` - -## Properties - -|Property | Description | Filter Criteria* | -|--------------------------------|------------------------------------------------------------------------|------------------| -| ids | A list of resource IDs. | `id` | -| names | A list of resource Names. | `name` | -| types | A list of the resource types. | `type` | -| properties | A list of Properties for all the Synapse Workspaces. | `properties` | -| locations | A list of the Geo-locations. | `location` | -| provisioningStates | A list of provisioning states of the Synapse Workspaces. | `provisioningState`| - -* For information on how to use filter criteria on plural resources refer to [FilterTable usage](https://github.com/inspec/inspec/blob/master/dev-docs/filtertable-usage.md). - -## Examples - -### Loop through Synapse Workspaces by their names. - -```ruby -azure_synapse_workspaces.names.each do |name| - describe azure_synapse_workspace(resource_group: 'RESOURCE_GROUP', name: name) do - it { should exist } - end -end -``` -### Test that there are Synapse Workspaces that are successfully provisioned. - -```ruby -describe azure_synapse_workspaces(resource_group: 'RESOURCE_GROUP').where(provisioningState: 'Succeeded') do - it { should exist } -end -``` - -## Matchers - -This InSpec audit resource has the following special matchers. For a full list of available matchers, please visit our [Universal Matchers page](https://www.inspec.io/docs/reference/matchers/). - -### exists - -```ruby -# Should not exist if no Synapse Workspaces are present -describe azure_synapse_workspaces(resource_group: 'RESOURCE_GROUP') do - it { should_not exist } -end -# Should exist if the filter returns at least one Synapse Workspaces -describe azure_synapse_workspaces(resource_group: 'RESOURCE_GROUP') do - it { should exist } -end -``` -## Azure Permissions - -Your [Service Principal](https://docs.microsoft.com/en-us/azure/azure-resource-manager/resource-group-create-service-principal-portal) must be setup with a `reader` role on the subscription you wish to test. \ No newline at end of file