diff --git a/.gitignore b/.gitignore
index 0b8158019..4e837718f 100644
--- a/.gitignore
+++ b/.gitignore
@@ -14,3 +14,4 @@ vendor
.env
dev/
.ruby-version
+.rakeTasks
diff --git a/README.md b/README.md
index 3edc29b40..b4a78c8e8 100644
--- a/README.md
+++ b/README.md
@@ -73,13 +73,33 @@ supports:
## Resource Documentation
-The following is a list of generic resources and static resources.
-The static resources derived from the generic resources prepended with `azure_` are fully backward compatible with their `azurerm_` counterparts.
+The following is a list of generic resources.
- [azure_generic_resource](docs/resources/azure_generic_resource.md)
- [azure_generic_resources](docs/resources/azure_generic_resources.md)
- [azure_graph_generic_resource](docs/resources/azure_graph_generic_resource.md)
- [azure_graph_generic_resources](docs/resources/azure_graph_generic_resources.md)
+
+With the generic resources:
+
+- Azure cloud resources that this resource pack does not include a static InSpec resource for can be tested.
+- Azure resources from different resource providers and resource groups can be tested at the same time.
+- Server side filtering can be used for more efficient tests.
+
+The following is a list of static resources.
+The static resources derived from the generic resources prepended with `azure_` are fully backward compatible with their `azurerm_` counterparts.
+
+- [azure_aks_cluster](docs/resources/azure_aks_cluster.md)
+- [azure_aks_clusters](docs/resources/azure_aks_clusters.md)
+- [azure_api_management](docs/resources/azure_api_management.md)
+- [azure_api_managements](docs/resources/azure_api_managements.md)
+- [azure_application_gateway](docs/resources/azure_application_gateway.md)
+- [azure_application_gateways](docs/resources/azure_application_gateways.md)
+- [azure_cosmosdb_database_account](docs/resources/azure_cosmosdb_database_account.md)
+- [azure_event_hub_authorization_rule](docs/resources/azure_event_hub_authorization_rule.md)
+- [azure_event_hub_event_hub](docs/resources/azure_event_hub_event_hub.md)
+- [azure_event_hub_namespace](docs/resources/azure_event_hub_namespace.md)
+- [azure_hdinsight_cluster](docs/resources/azure_hdinsight_cluster.md)
- [azure_graph_user](docs/resources/azure_graph_user.md)
- [azure_graph_users](docs/resources/azure_graph_users.md)
- [azure_key_vault](docs/resources/azure_key_vault.md)
@@ -88,6 +108,7 @@ The static resources derived from the generic resources prepended with `azure_`
- [azure_mysql_servers](docs/resources/azure_mysql_servers.md)
- [azure_network_security_group](docs/resources/azure_network_security_group.md)
- [azure_network_security_groups](docs/resources/azure_network_security_groups.md)
+- [azure_public_ip](docs/resources/azure_public_ip.md)
- [azure_subnet](docs/resources/azure_subnet.md)
- [azure_subnets](docs/resources/azure_subnets.md)
- [azure_virtual_machine](docs/resources/azure_virtual_machine.md)
@@ -95,11 +116,7 @@ The static resources derived from the generic resources prepended with `azure_`
- [azure_virtual_network](docs/resources/azure_virtual_network.md)
- [azure_virtual_networks](docs/resources/azure_virtual_networks.md)
-With the generic resources:
-- Azure cloud resources that this resource pack does not include a static InSpec resource for can be tested.
-- Azure resources from different resource providers and resource groups can be tested at the same time.
-- Server side filtering can be used for more efficient tests.
For more details and different use cases, please refer to the specific resource pages.
diff --git a/docs/resources/azure_aks_cluster.md b/docs/resources/azure_aks_cluster.md
new file mode 100644
index 000000000..ba4e9737d
--- /dev/null
+++ b/docs/resources/azure_aks_cluster.md
@@ -0,0 +1,102 @@
+---
+title: About the azure_aks_cluster Resource
+platform: azure
+---
+
+# azure_aks_cluster
+
+Use the `azure_aks_cluster` InSpec audit resource to test properties of an Azure AKS Cluster.
+
+## Azure REST API version, endpoint and http client parameters
+
+This resource interacts with api versions supported by the resource provider.
+The `api_version` can be defined as a resource parameter.
+If not provided, the latest version will be used.
+For more information, refer to [`azure_generic_resource`](azure_generic_resource.md).
+
+Unless defined, `azure_cloud` global endpoint, and default values for the http client will be used .
+For more information, refer to the resource pack [README](../../README.md).
+
+## Availability
+
+### Installation
+
+This resource is available in the [InSpec Azure resource pack](https://github.com/inspec/inspec-azure).
+For an example `inspec.yml` file and how to set up your Azure credentials, refer to resource pack [README](../../README.md#Service-Principal).
+
+## Syntax
+
+An `azure_aks_cluster` resource block identifies an AKS Cluster by `name` and `resource_group`.
+```ruby
+describe azure_aks_cluster(resource_group: 'example', name: 'ClusterName') do
+ it { should exist }
+end
+```
+## Parameters
+
+| Name | Description |
+|--------------------------------|-----------------------------------------------------------------------------------|
+| resource_group | Azure resource group that the targeted resource resides in. `MyResourceGroup` |
+| name | Name of the AKS cluster to test. `ClusterName` |
+| resource_id | The unique resource ID. `/subscriptions/{subscriptionId}/resourceGroups/{resourceGroup}/providers/Microsoft.ContainerService/managedClusters/{ClusterName}` |
+
+Either one of the parameter sets can be provided for a valid query:
+- `resource_id`
+- `resource_group` and `name`
+
+## Properties
+
+| Property | Description |
+|-------------------|-------------|
+| identity | The identity of the managed cluster, if configured. It is a [managed cluster identity object](https://docs.microsoft.com/en-us/rest/api/aks/managedclusters/get#managedclusteridentity). |
+| sku | The SKU (pricing tier) of the resource. |
+
+For properties applicable to all resources, such as `type`, `name`, `id`, `properties`, refer to [`azure_generic_resource`](azure_generic_resource.md#properties).
+
+Also, refer to [Azure documentation](https://docs.microsoft.com/en-us/rest/api/aks/managedclusters/get#managedcluster) for other properties available.
+Any attribute in the response may be accessed with the key names separated by dots (`.`).
+
+## Examples
+
+### Test that an AKS Cluster has the Desired Network Plug-in
+```ruby
+describe azure_aks_cluster(resource_group: 'example', name: 'ClusterName') do
+ its('properties.networkProfile.networkPlugin') { should cmp 'kubenet' }
+end
+```
+
+### Loop through All Clusters within The Subscription
+```ruby
+azure_aks_clusters.ids.each do |resource_id|
+ describe azure_aks_cluster(resource_id: resource_id) do
+ its('properties.networkProfile.networkPlugin') { should cmp 'kubenet' }
+ end
+end
+```
+### Test that a Specified AKS Cluster has the Correct Number of Nodes in Pool
+```ruby
+describe azure_aks_cluster(resource_group: 'example', name: 'ClusterName') do
+ its('properties.agentPoolProfiles.first.count') { should cmp 5 }
+end
+```
+See [integration tests](../../test/integration/verify/controls/azurerm_aks_cluster.rb) for more examples.
+
+## Matchers
+
+This InSpec audit resource has the following special matchers. For a full list of available matchers, please visit our [Universal Matchers page](https://docs.chef.io/inspec/matchers/).
+
+### exists
+```ruby
+# If we expect 'ClusterName' to always exist
+describe azure_aks_cluster(resource_group: 'example', name: 'ClusterName') do
+ it { should exist }
+end
+
+# If we expect 'ClusterName' to never exist
+describe azure_aks_cluster(resource_group: 'example', name: 'ClusterName') do
+ it { should_not exist }
+end
+```
+## Azure Permissions
+
+Your [Service Principal](https://docs.microsoft.com/en-us/azure/azure-resource-manager/resource-group-create-service-principal-portal) must be setup with a `contributor` role on the subscription you wish to test.
diff --git a/docs/resources/azure_aks_clusters.md b/docs/resources/azure_aks_clusters.md
new file mode 100644
index 000000000..d1fdbaae0
--- /dev/null
+++ b/docs/resources/azure_aks_clusters.md
@@ -0,0 +1,85 @@
+---
+title: About the azure_aks_clusters Resource
+platform: azure
+---
+
+# azure_aks_clusters
+
+Use the `azure_aks_clusters` InSpec audit resource to test properties and configuration of multiple Azure AKS Clusters.
+
+## Azure REST API version, endpoint and http client parameters
+
+This resource interacts with api versions supported by the resource provider.
+The `api_version` can be defined as a resource parameter.
+If not provided, the latest version will be used.
+For more information, refer to [`azure_generic_resource`](azure_generic_resource.md).
+
+Unless defined, `azure_cloud` global endpoint, and default values for the http client will be used .
+For more information, refer to the resource pack [README](../../README.md).
+
+## Availability
+
+### Installation
+
+This resource is available in the [InSpec Azure resource pack](https://github.com/inspec/inspec-azure).
+For an example `inspec.yml` file and how to set up your Azure credentials, refer to resource pack [README](../../README.md#Service-Principal).
+
+## Syntax
+
+An `azure_aks_clusters` resource block returns all AKS Clusters, either within a Resource Group (if provided), or within an entire Subscription.
+```ruby
+describe azure_aks_clusters do
+ #...
+end
+```
+or
+```ruby
+describe azure_aks_clusters(resource_group: 'my-rg') do
+ #...
+end
+```
+## Parameters
+
+- `resource_group` (Optional)
+
+## Properties
+
+|Property | Description | Filter Criteria* |
+|---------------|--------------------------------------------------------------------------------------|-----------------|
+| ids | A list of the unique resource ids. | `id` |
+| locations | A list of locations for all the resources being interrogated. | `location` |
+| names | A list of all the resources being interrogated. | `name` |
+| tags | A list of `tag:value` pairs defined on the resources being interrogated. | `tags` |
+| properties | A list of properties for all the resources being interrogated. | `properties` |
+
+* For information on how to use filter criteria on plural resources refer to [FilterTable usage](https://github.com/inspec/inspec/blob/master/docs/dev/filtertable-usage.md#a-where-method-you-can-call-with-hash-params-with-loose-matching).
+
+## Examples
+
+### Test that an Example Resource Group has the Named AKS Cluster
+```ruby
+describe azure_aks_clusters(resource_group: 'ExampleGroup') do
+ its('names') { should include('ClusterName') }
+end
+```
+## Matchers
+
+This InSpec audit resource has the following special matchers. For a full list of available matchers, please visit our [Universal Matchers page](https://www.inspec.io/docs/reference/matchers/).
+
+### exists
+
+The control will pass if the filter returns at least one result. Use `should_not` if you expect zero matches.
+```ruby
+# If we expect 'ExampleGroup' Resource Group to have AKS Clusters
+describe azure_aks_clusters(resource_group: 'ExampleGroup') do
+ it { should exist }
+end
+
+# If we expect 'EmptyExampleGroup' Resource Group to not have AKS Clusters
+describe azure_aks_clusters(resource_group: 'EmptyExampleGroup') do
+ it { should_not exist }
+end
+```
+## Azure Permissions
+
+Your [Service Principal](https://docs.microsoft.com/en-us/azure/azure-resource-manager/resource-group-create-service-principal-portal) must be setup with a `contributor` role on the subscription you wish to test.
diff --git a/docs/resources/azure_api_management.md b/docs/resources/azure_api_management.md
new file mode 100644
index 000000000..0c8e34457
--- /dev/null
+++ b/docs/resources/azure_api_management.md
@@ -0,0 +1,99 @@
+---
+title: About the azure_api_management Resource
+platform: azure
+---
+
+# azure_api_management
+
+Use the `azure_api_management` InSpec audit resource to test properties and configuration of an Azure API Management Service.
+
+## Azure REST API version, endpoint and http client parameters
+
+This resource interacts with api versions supported by the resource provider.
+The `api_version` can be defined as a resource parameter.
+If not provided, the latest version will be used.
+For more information, refer to [`azure_generic_resource`](azure_generic_resource.md).
+
+Unless defined, `azure_cloud` global endpoint, and default values for the http client will be used .
+For more information, refer to the resource pack [README](../../README.md).
+
+## Availability
+
+### Installation
+
+This resource is available in the [InSpec Azure resource pack](https://github.com/inspec/inspec-azure).
+For an example `inspec.yml` file and how to set up your Azure credentials, refer to resource pack [README](../../README.md#Service-Principal).
+
+## Syntax
+
+The `resource_group` and `name` must be given as a parameter.
+```ruby
+describe azure_api_management(resource_group: 'inspec-resource-group-9', name: 'apim01') do
+ it { should exist }
+end
+```
+## Parameters
+
+| Name | Description |
+|--------------------------------|-----------------------------------------------------------------------------------|
+| resource_group | Azure resource group that the targeted resource resides in. `MyResourceGroup` |
+| name | The unique name of the API Management Service. `apim01` |
+| api_management_name | Alias for the `name` parameter. |
+| resource_id | The unique resource ID. `/subscriptions/{subscriptionId}/resourceGroups/{resourceGroup}/providers/Microsoft.ApiManagement/service/{apim01}` |
+
+Either one of the parameter sets can be provided for a valid query:
+- `resource_id`
+- `resource_group` and `name`
+- `resource_group` and `api_management_name`
+
+## Properties
+
+| Property | Description |
+|-------------------|-------------|
+| identity | Managed service identity of the Api Management service. It is an [api management service identity object](https://docs.microsoft.com/en-us/rest/api/apimanagement/2019-12-01/apimanagementservice/get#apimanagementserviceidentity). |
+| sku | The SKU (pricing tier) of the resource. |
+
+For properties applicable to all resources, such as `type`, `name`, `id`, `properties`, refer to [`azure_generic_resource`](azure_generic_resource.md#properties).
+
+Also, refer to [Azure documentation](https://docs.microsoft.com/en-us/rest/api/apimanagement/2019-12-01/apimanagementservice/get#apimanagementserviceresource) for other properties available.
+Any attribute in the response may be accessed with the key names separated by dots (`.`).
+
+## Examples
+
+### Test API Management Service's Publisher Email Value
+```ruby
+describe azure_api_management(resource_group: resource_group, api_management_name: api_management_name) do
+ its('properties.publisherEmail') { should eq 'company@inspec.io' }
+end
+```
+
+### Loop through Resources via Plural Resource
+```ruby
+azure_api_managements.ids.each do |resource_id|
+ describe azure_api_management(resource_id: resource_id) do
+ its('properties.publisherEmail') { should eq 'company@inspec.io' }
+ end
+end
+```
+See [integration tests](../../test/integration/verify/controls/azurerm_api_management.rb) for more examples.
+
+## Matchers
+
+This InSpec audit resource has the following special matchers. For a full list of available matchers, please visit our [Universal Matchers page](https://docs.chef.io/inspec/matchers/).
+
+### exists
+```ruby
+# If we expect 'apim01' to always exist
+describe azure_api_management(resource_group: 'example', name: 'apim01') do
+ it { should exist }
+end
+
+# If we expect 'apim01' to never exist
+describe azure_api_management(resource_group: 'example', name: 'apim01') do
+ it { should_not exist }
+end
+```
+## Azure Permissions
+
+Your [Service Principal](https://docs.microsoft.com/en-us/azure/azure-resource-manager/resource-group-create-service-principal-portal) must be setup with a `contributor` role on the subscription you wish to test.
+
diff --git a/docs/resources/azure_api_managements.md b/docs/resources/azure_api_managements.md
new file mode 100644
index 000000000..c542b5d2d
--- /dev/null
+++ b/docs/resources/azure_api_managements.md
@@ -0,0 +1,94 @@
+---
+title: About the azure_api_managements Resource
+platform: azure
+---
+
+# azure_api_managements
+
+Use the `azure_api_managements` InSpec audit resource to test properties and configuration of Azure API Management Services.
+
+## Azure REST API version, endpoint and http client parameters
+
+This resource interacts with api versions supported by the resource provider.
+The `api_version` can be defined as a resource parameter.
+If not provided, the latest version will be used.
+For more information, refer to [`azure_generic_resource`](azure_generic_resource.md).
+
+Unless defined, `azure_cloud` global endpoint, and default values for the http client will be used .
+For more information, refer to the resource pack [README](../../README.md).
+
+## Availability
+
+### Installation
+
+This resource is available in the [InSpec Azure resource pack](https://github.com/inspec/inspec-azure).
+For an example `inspec.yml` file and how to set up your Azure credentials, refer to resource pack [README](../../README.md#Service-Principal).
+
+## Syntax
+
+An `azure_api_managements` resource block returns all Azure Api Management Services, either within a Resource Group (if provided), or within an entire Subscription.
+```ruby
+describe azure_api_managements do
+ #...
+end
+```
+or
+```ruby
+describe azure_api_managements(resource_group: 'my-rg') do
+ #...
+end
+```
+## Parameters
+
+- `resource_group` (Optional)
+
+## Properties
+
+|Property | Description | Filter Criteria* |
+|---------------|--------------------------------------------------------------------------------------|-----------------|
+| ids | A list of the unique resource ids. | `id` |
+| locations | A list of locations for all the resources being interrogated. | `location` |
+| names | A list of all the resources being interrogated. | `name` |
+| tags | A list of `tag:value` pairs defined on the resources being interrogated. | `tags` |
+| types | A list of the types of resources being interrogated. | `type` |
+| properties | A list of properties for all the resources being interrogated. | `properties` |
+
+* For information on how to use filter criteria on plural resources refer to [FilterTable usage](https://github.com/inspec/inspec/blob/master/docs/dev/filtertable-usage.md#a-where-method-you-can-call-with-hash-params-with-loose-matching).
+
+## Examples
+
+### Check Api Management Services are Present
+```ruby
+describe azure_api_managements do
+ it { should exist }
+ its('names') { should include 'my-apim' }
+end
+```
+### Filter the Results to Include Only those with Names Match the Given String Value
+```ruby
+describe azure_api_managements.where{ name.eql?('production-apim-01') } do
+ it { should exist }
+end
+```
+## Matchers
+
+This InSpec audit resource has the following special matchers. For a full list of available matchers, please visit our [Universal Matchers page](https://www.inspec.io/docs/reference/matchers/).
+
+### exists
+
+The control will pass if the filter returns at least one result. Use `should_not` if you expect zero matches.
+```ruby
+# If we expect 'ExampleGroup' Resource Group to have API Management Services
+describe azure_api_managements(resource_group: 'ExampleGroup') do
+ it { should exist }
+end
+
+# If we expect 'EmptyExampleGroup' Resource Group to not have API Management Services
+describe azure_api_managements(resource_group: 'EmptyExampleGroup') do
+ it { should_not exist }
+end
+```
+## Azure Permissions
+
+Your [Service Principal](https://docs.microsoft.com/en-us/azure/azure-resource-manager/resource-group-create-service-principal-portal) must be setup with a `contributor` role on the subscription you wish to test.
+
diff --git a/docs/resources/azure_application_gateway.md b/docs/resources/azure_application_gateway.md
new file mode 100644
index 000000000..15e37ce0d
--- /dev/null
+++ b/docs/resources/azure_application_gateway.md
@@ -0,0 +1,95 @@
+---
+title: About the azure_application_gateway Resource
+platform: azure
+---
+
+# azure_application_gateway
+
+Use the `azure_application_gateway` InSpec audit resource to test properties and configuration of an Azure Application Gateway.
+
+## Azure REST API version, endpoint and http client parameters
+
+This resource interacts with api versions supported by the resource provider.
+The `api_version` can be defined as a resource parameter.
+If not provided, the latest version will be used.
+For more information, refer to [`azure_generic_resource`](azure_generic_resource.md).
+
+Unless defined, `azure_cloud` global endpoint, and default values for the http client will be used .
+For more information, refer to the resource pack [README](../../README.md).
+
+## Availability
+
+### Installation
+
+This resource is available in the [InSpec Azure resource pack](https://github.com/inspec/inspec-azure).
+For an example `inspec.yml` file and how to set up your Azure credentials, refer to resource pack [README](../../README.md#Service-Principal).
+
+## Syntax
+
+The `resource_group` and `name` must be given as a parameter.
+```ruby
+describe azure_application_gateway(resource_group: 'inspec-resource-group-9', name: 'example_lb') do
+ it { should exist }
+end
+```
+## Parameters
+
+| Name | Description |
+|--------------------------------|-----------------------------------------------------------------------------------|
+| resource_group | Azure resource group that the targeted resource resides in. `MyResourceGroup` |
+| name | The unique name of the targeted resource. `gatewayName` |
+| application_gateway_name | Alias for the `name` parameter. |
+| resource_id | The unique resource ID. `/subscriptions/{subscriptionId}/resourceGroups/{resourceGroup}/providers/Microsoft.Network/applicationGateways/{gatewayName}` |
+
+Either one of the parameter sets can be provided for a valid query:
+- `resource_id`
+- `resource_group` and `name`
+- `resource_group` and `application_gateway_name`
+
+## Properties
+
+| Property | Description |
+|-------------------|-------------|
+| identity | The identity of the application gateway, if configured. It is a [managed service identity object](https://docs.microsoft.com/en-us/rest/api/application-gateway/applicationgateways/get#managedserviceidentity). |
+| zones | A list of availability zones denoting where the resource needs to come from. |
+
+For properties applicable to all resources, such as `type`, `name`, `id`, `properties`, refer to [`azure_generic_resource`](azure_generic_resource.md#properties).
+
+Also, refer to [Azure documentation](https://docs.microsoft.com/en-us/rest/api/application-gateway/applicationgateways/get#applicationgateway) for other properties available.
+Any attribute in the response may be accessed with the key names separated by dots (`.`).
+
+## Examples
+
+### Test the SSL Policy Name of an Application Gateway
+```ruby
+describe azure_application_gateway(resource_group: 'resource_group', application_gateway_name: 'application_gateway_name') do
+ its('properties.sslPolicy.policyName') { should eq 'AppGwSslPolicy20170401S' }
+end
+```
+```ruby
+describe azure_application_gateway(resource_id: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroup}/providers/Microsoft.Network/applicationGateways/{gatewayName}') do
+ its('properties.sslPolicy.policyName') { should eq 'AppGwSslPolicy20170401S' }
+end
+```
+
+See [integration tests](../../test/integration/verify/controls/azurerm_application_gateway.rb) for more examples.
+
+## Matchers
+
+This InSpec audit resource has the following special matchers. For a full list of available matchers, please visit our [Universal Matchers page](https://docs.chef.io/inspec/matchers/).
+
+### exists
+```ruby
+# If we expect 'appgw-1' to always exist
+describe azure_application_gateway(resource_group: 'example', name: 'appgw-1') do
+ it { should exist }
+end
+
+# If we expect 'appgw-1' to never exist
+describe azure_application_gateway(resource_group: 'example', name: 'appgw-1') do
+ it { should_not exist }
+end
+```
+## Azure Permissions
+
+Your [Service Principal](https://docs.microsoft.com/en-us/azure/azure-resource-manager/resource-group-create-service-principal-portal) must be setup with a `contributor` role on the subscription you wish to test.
diff --git a/docs/resources/azure_application_gateways.md b/docs/resources/azure_application_gateways.md
new file mode 100644
index 000000000..63d720790
--- /dev/null
+++ b/docs/resources/azure_application_gateways.md
@@ -0,0 +1,96 @@
+---
+title: About the azure_application_gateways Resource
+platform: azure
+---
+
+
+# azure_application_gateways
+
+Use the `azure_application_gateways` InSpec audit resource to test properties and configuration of Azure Application Gateways.
+
+## Azure REST API version, endpoint and http client parameters
+
+This resource interacts with api versions supported by the resource provider.
+The `api_version` can be defined as a resource parameter.
+If not provided, the latest version will be used.
+For more information, refer to [`azure_generic_resource`](azure_generic_resource.md).
+
+Unless defined, `azure_cloud` global endpoint, and default values for the http client will be used .
+For more information, refer to the resource pack [README](../../README.md).
+
+## Availability
+
+### Installation
+
+This resource is available in the [InSpec Azure resource pack](https://github.com/inspec/inspec-azure).
+For an example `inspec.yml` file and how to set up your Azure credentials, refer to resource pack [README](../../README.md#Service-Principal).
+
+## Syntax
+
+## Syntax
+
+An `azure_application_gateways` resource block returns all Azure Application Gateways, either within a Resource Group (if provided), or within an entire Subscription.
+```ruby
+describe azure_application_gateways do
+ #...
+end
+```
+or
+```ruby
+describe azure_application_gateways(resource_group: 'my-rg') do
+ #...
+end
+```
+## Parameters
+
+- `resource_group` (Optional)
+
+## Properties
+
+|Property | Description | Filter Criteria* |
+|---------------|--------------------------------------------------------------------------------------|-----------------|
+| ids | A list of the unique resource ids. | `id` |
+| locations | A list of locations for all the resources being interrogated. | `location` |
+| names | A list of all the resources being interrogated. | `name` |
+| tags | A list of `tag:value` pairs defined on the resources being interrogated. | `tags` |
+| types | A list of the types of resources being interrogated. | `type` |
+| properties | A list of properties for all the resources being interrogated. | `properties` |
+
+* For information on how to use filter criteria on plural resources refer to [FilterTable usage](https://github.com/inspec/inspec/blob/master/docs/dev/filtertable-usage.md#a-where-method-you-can-call-with-hash-params-with-loose-matching).
+
+## Examples
+
+### Check Application Gateways are Present
+```ruby
+describe azure_application_gateways do
+ it { should exist }
+ its('names') { should include 'my-appgw' }
+end
+```
+### Filter the Results to Include Only those with Names Match the Given String Value
+```ruby
+describe azure_application_gateways.where{ name.eql?('production-appgw-01') } do
+ it { should exist }
+end
+```
+## Matchers
+
+This InSpec audit resource has the following special matchers. For a full list of available matchers, please visit our [Universal Matchers page](https://www.inspec.io/docs/reference/matchers/).
+
+### exists
+
+The control will pass if the filter returns at least one result. Use `should_not` if you expect zero matches.
+```ruby
+# If we expect 'ExampleGroup' Resource Group to have Application Gateways
+describe azure_application_gateways(resource_group: 'ExampleGroup') do
+ it { should exist }
+end
+
+# If we expect 'EmptyExampleGroup' Resource Group to not have Application Gateways
+describe azure_application_gateways(resource_group: 'EmptyExampleGroup') do
+ it { should_not exist }
+end
+```
+## Azure Permissions
+
+Your [Service Principal](https://docs.microsoft.com/en-us/azure/azure-resource-manager/resource-group-create-service-principal-portal) must be setup with a `contributor` role on the subscription you wish to test.
diff --git a/docs/resources/azure_cosmosdb_database_account.md b/docs/resources/azure_cosmosdb_database_account.md
new file mode 100644
index 000000000..ead7f2e3a
--- /dev/null
+++ b/docs/resources/azure_cosmosdb_database_account.md
@@ -0,0 +1,92 @@
+---
+title: About the azure_cosmosdb_database_account Resource
+platform: azure
+---
+
+# azure_cosmosdb_database_account
+
+Use the `azure_cosmosdb_database_account` InSpec audit resource to test properties and configuration of an Azure CosmosDb Database Account within a Resource Group.
+
+## Azure REST API version, endpoint and http client parameters
+
+This resource interacts with api versions supported by the resource provider.
+The `api_version` can be defined as a resource parameter.
+If not provided, the latest version will be used.
+For more information, refer to [`azure_generic_resource`](azure_generic_resource.md).
+
+Unless defined, `azure_cloud` global endpoint, and default values for the http client will be used .
+For more information, refer to the resource pack [README](../../README.md).
+
+## Availability
+
+### Installation
+
+This resource is available in the [InSpec Azure resource pack](https://github.com/inspec/inspec-azure).
+For an example `inspec.yml` file and how to set up your Azure credentials, refer to resource pack [README](../../README.md#Service-Principal).
+
+## Syntax
+
+The `resource_group` and `name` must be given as a parameter.
+```ruby
+describe azure_cosmosdb_database_account(resource_group: 'inspec-resource-group-9', name: 'my-cosmos-db') do
+ it { should exist }
+end
+```
+## Parameters
+
+| Name | Description |
+|--------------------------------|-----------------------------------------------------------------------------------|
+| resource_group | Azure resource group that the targeted resource resides in. `resource-group-name` |
+| name | The unique name of the targeted resource. `resource-name` |
+| cosmosdb_database_account | Alias for the `name` parameter. |
+| resource_id | The unique resource ID. `/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.DocumentDB/databaseAccounts/{accountName}` |
+
+Either one of the parameter sets can be provided for a valid query:
+- `resource_id`
+- `resource_group` and `name`
+- `resource_group` and `cosmosdb_database_account`
+
+## Properties
+
+| Property | Description |
+|-------------------|-------------|
+| location | Resource location, e.g. `eastus`. |
+| kind | Indicates the type of database account, e.g. `GlobalDocumentDB`, `MongoDB`. |
+
+For properties applicable to all resources, such as `type`, `name`, `id`, `properties`, refer to [`azure_generic_resource`](azure_generic_resource.md#properties).
+
+Also, refer to [Azure documentation](https://docs.microsoft.com/en-us/rest/api/cosmos-db-resource-provider/2020-04-01/databaseaccounts/get#databaseaccountgetresults) for other properties available.
+Any attribute in the response may be accessed with the key names separated by dots (`.`).
+
+## Examples
+
+### Test If a GlobalDocumentDB is Accessible on Public Network
+```ruby
+describe azure_cosmosdb_database_account(resource_group: 'my-rg', name: 'my-cosmos-db') do
+ its('properties.publicNetworkAccess') { should cmp 'Enabled' }
+end
+```
+```ruby
+describe azure_cosmosdb_database_account(resource_id: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.DocumentDB/databaseAccounts/{accountName}') do
+ its('properties.publicNetworkAccess') { should cmp 'Enabled' }
+end
+```
+## Matchers
+
+This InSpec audit resource has the following special matchers. For a full list of available matchers, please visit our [Universal Matchers page](https://docs.chef.io/inspec/matchers/).
+
+### exists
+```ruby
+# If we expect 'my-cosmos-db' to always exist
+describe azure_cosmosdb_database_account(resource_group: 'example', name: 'appgw-1') do
+ it { should exist }
+end
+
+# If we expect 'my-cosmos-db' to never exist
+describe azure_cosmosdb_database_account(resource_group: 'example', name: 'my-cosmos-db') do
+ it { should_not exist }
+end
+```
+## Azure Permissions
+
+Your [Service Principal](https://docs.microsoft.com/en-us/azure/azure-resource-manager/resource-group-create-service-principal-portal) must be setup with a `contributor` role on the subscription you wish to test.
diff --git a/docs/resources/azure_event_hub_authorization_rule.md b/docs/resources/azure_event_hub_authorization_rule.md
new file mode 100644
index 000000000..1fd15540f
--- /dev/null
+++ b/docs/resources/azure_event_hub_authorization_rule.md
@@ -0,0 +1,93 @@
+---
+title: About the azure_event_hub_authorization_rule Resource
+platform: azure
+---
+
+# azure_event_hub_authorization_rule
+
+Use the `azure_event_hub_authorization_rule` InSpec audit resource to test properties and configuration of an Azure Event Hub Authorization Rule within a Resource Group.
+
+## Azure REST API version, endpoint and http client parameters
+
+This resource interacts with api versions supported by the resource provider.
+The `api_version` can be defined as a resource parameter.
+If not provided, the latest version will be used.
+For more information, refer to [`azure_generic_resource`](azure_generic_resource.md).
+
+Unless defined, `azure_cloud` global endpoint, and default values for the http client will be used .
+For more information, refer to the resource pack [README](../../README.md).
+
+## Availability
+
+### Installation
+
+This resource is available in the [InSpec Azure resource pack](https://github.com/inspec/inspec-azure).
+For an example `inspec.yml` file and how to set up your Azure credentials, refer to resource pack [README](../../README.md#Service-Principal).
+
+## Syntax
+
+The `resource_group`, `namespace_name`, `event_hub_endpoint` and `name` must be given as a parameter.
+```ruby
+describe azure_event_hub_authorization_rule(resource_group: 'my-rg', namespace_name: 'my-event-hub-ns', event_hub_endpoint: 'myeventhub', name: 'my-auth-rule') do
+ it { should exist }
+end
+```
+## Parameters
+
+| Name | Description |
+|--------------------------------|-----------------------------------------------------------------------------------|
+| resource_group | Azure resource group that the targeted resource resides in. `resource-group-name` |
+| namespace_name | The unique name of the Event Hub Namespace. |
+| event_hub_endpoint | The unique name of the Event Hub Name. |
+| name | The unique name of the targeted resource. `resource-name` |
+| authorization_rule | Alias for the `name` parameter. |
+| resource_id | The unique resource ID. `/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventHub/namespaces/{namespaceName}/eventhubs/{eventHubName}/authorizationRules/{authorizationRuleName}` |
+
+Either one of the parameter sets can be provided for a valid query:
+- `resource_id`
+- `resource_group`, `namespace_name`, `event_hub_endpoint` and `name`
+- `resource_group`, `namespace_name`, `event_hub_endpoint` and `authorization_rule`
+
+## Properties
+
+| Property | Description |
+|-------------------|-------------|
+| properties.rights | The list of rights associated with the rule. |
+
+For properties applicable to all resources, such as `type`, `name`, `id`, `properties`, refer to [`azure_generic_resource`](azure_generic_resource.md#properties).
+
+Also, refer to [Azure documentation](https://docs.microsoft.com/en-us/rest/api/eventhub/2017-04-01/authorization%20rules%20-%20event%20hubs/getauthorizationrule) for other properties available.
+Any attribute in the response may be accessed with the key names separated by dots (`.`).
+
+## Examples
+
+### Test the Name of an Authorization Rule
+```ruby
+describe azure_event_hub_authorization_rule(resource_group: 'my-rg', namespace_name: 'my-event-hub-ns', event_hub_endpoint: 'myeventhub', name: 'my-auth-rule') do
+ its('name') { should cmp 'my-auth-rule' }
+end
+```
+```ruby
+describe azure_event_hub_authorization_rule(resource_id: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventHub/namespaces/{namespaceName}/eventhubs/{eventHubName}/authorizationRules/{authorizationRuleName}') do
+ its('name') { should cmp 'my-auth-rule' }
+end
+```
+## Matchers
+
+This InSpec audit resource has the following special matchers. For a full list of available matchers, please visit our [Universal Matchers page](https://docs.chef.io/inspec/matchers/).
+
+### exists
+```ruby
+# If we expect the resource to always exist
+describe azure_event_hub_authorization_rule(resource_group: 'my-rg', namespace_name: 'my-event-hub-ns', event_hub_endpoint: 'myeventhub', name: 'my-auth-rule') do
+ it { should exist }
+end
+
+# If we expect the resource not to exist
+describe azure_event_hub_authorization_rule(resource_group: 'my-rg', namespace_name: 'my-event-hub-ns', event_hub_endpoint: 'myeventhub', name: 'my-auth-rule') do
+ it { should_not exist }
+end
+```
+## Azure Permissions
+
+Your [Service Principal](https://docs.microsoft.com/en-us/azure/azure-resource-manager/resource-group-create-service-principal-portal) must be setup with a `contributor` role on the subscription you wish to test.
diff --git a/docs/resources/azure_event_hub_event_hub.md b/docs/resources/azure_event_hub_event_hub.md
new file mode 100644
index 000000000..b71ec7d7c
--- /dev/null
+++ b/docs/resources/azure_event_hub_event_hub.md
@@ -0,0 +1,92 @@
+---
+title: About the azure_event_hub_event_hub Resource
+platform: azure
+---
+
+# azure_event_hub_event_hub
+
+Use the `azure_event_hub_event_hub` InSpec audit resource to test properties of an Azure Event Hub description within a Resource Group.
+
+## Azure REST API version, endpoint and http client parameters
+
+This resource interacts with api versions supported by the resource provider.
+The `api_version` can be defined as a resource parameter.
+If not provided, the latest version will be used.
+For more information, refer to [`azure_generic_resource`](azure_generic_resource.md).
+
+Unless defined, `azure_cloud` global endpoint, and default values for the http client will be used .
+For more information, refer to the resource pack [README](../../README.md).
+
+## Availability
+
+### Installation
+
+This resource is available in the [InSpec Azure resource pack](https://github.com/inspec/inspec-azure).
+For an example `inspec.yml` file and how to set up your Azure credentials, refer to resource pack [README](../../README.md#Service-Principal).
+
+## Syntax
+
+The `resource_group`, `namespace_name` and `name` must be given as a parameter.
+```ruby
+describe azure_event_hub_event_hub(resource_group: 'my-rg', namespace_name: 'my-event-hub-ns', name: 'myeventhub') do
+ it { should exist }
+end
+```
+## Parameters
+
+| Name | Description |
+|--------------------------------|-----------------------------------------------------------------------------------|
+| resource_group | Azure resource group that the targeted resource resides in. `resourceGroupName` |
+| namespace_name | The unique name of the Event Hub Namespace. `namespaceName` |
+| name | The unique name of the targeted resource. `eventHubName` |
+| event_hub_name | Alias for the `name` parameter. |
+| resource_id | The unique resource ID. `/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventHub/namespaces/{namespaceName}/eventhubs/{eventHubName}` |
+
+Either one of the parameter sets can be provided for a valid query:
+- `resource_id`
+- `resource_group`, `namespace_name` and `name`
+- `resource_group`, `namespace_name` and `event_hub_name`
+
+## Properties
+
+| Property | Description |
+|-----------------------------------|-------------|
+| properties.messageRetentionInDays | Number of days to retain the events for this Event Hub, value should be 1 to 7 days. |
+
+For properties applicable to all resources, such as `type`, `name`, `id`, `properties`, refer to [`azure_generic_resource`](azure_generic_resource.md#properties).
+
+Also, refer to [Azure documentation](https://docs.microsoft.com/en-us/rest/api/eventhub/2017-04-01/eventhubs/get#eventhub) for other properties available.
+Any attribute in the response may be accessed with the key names separated by dots (`.`).
+
+## Examples
+
+### Test the Message Retention Time of an Event Hub
+```ruby
+describe azure_event_hub_event_hub(resource_group: 'my-rg', namespace_name: 'my-event-hub-ns', name: 'myeventhub') do
+ its('properties.messageRetentionInDays') { should cmp 4 }
+end
+```
+```ruby
+describe azure_event_hub_event_hub(resource_id: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventHub/namespaces/{namespaceName}/eventhubs/{eventHubName}') do
+ its('properties.messageRetentionInDays') { should cmp 4 }
+end
+```
+## Matchers
+
+This InSpec audit resource has the following special matchers. For a full list of available matchers, please visit our [Universal Matchers page](https://docs.chef.io/inspec/matchers/).
+
+### exists
+```ruby
+# If we expect the resource to always exist
+describe azure_event_hub_event_hub(resource_group: 'my-rg', namespace_name: 'my-event-hub-ns', name: 'myeventhub') do
+ it { should exist }
+end
+
+# If we expect the resource not to exist
+describe azure_event_hub_event_hub(resource_group: 'my-rg', namespace_name: 'my-event-hub-ns', name: 'myeventhub') do
+ it { should_not exist }
+end
+```
+## Azure Permissions
+
+Your [Service Principal](https://docs.microsoft.com/en-us/azure/azure-resource-manager/resource-group-create-service-principal-portal) must be setup with a `contributor` role on the subscription you wish to test.
diff --git a/docs/resources/azure_event_hub_namespace.md b/docs/resources/azure_event_hub_namespace.md
new file mode 100644
index 000000000..6a53d6492
--- /dev/null
+++ b/docs/resources/azure_event_hub_namespace.md
@@ -0,0 +1,91 @@
+---
+title: About the azure_event_hub_namespace Resource
+platform: azure
+---
+
+# azure_event_hub_namespace
+
+Use the `azure_event_hub_namespace` InSpec audit resource to test properties and configuration of an Azure Event Hub Namespace within a Resource Group.
+
+## Azure REST API version, endpoint and http client parameters
+
+This resource interacts with api versions supported by the resource provider.
+The `api_version` can be defined as a resource parameter.
+If not provided, the latest version will be used.
+For more information, refer to [`azure_generic_resource`](azure_generic_resource.md).
+
+Unless defined, `azure_cloud` global endpoint, and default values for the http client will be used .
+For more information, refer to the resource pack [README](../../README.md).
+
+## Availability
+
+### Installation
+
+This resource is available in the [InSpec Azure resource pack](https://github.com/inspec/inspec-azure).
+For an example `inspec.yml` file and how to set up your Azure credentials, refer to resource pack [README](../../README.md#Service-Principal).
+
+## Syntax
+
+The `resource_group` and `name` must be given as a parameter.
+```ruby
+describe azure_event_hub_namespace(resource_group: 'my-rg', name: 'my-event-hub-ns') do
+ it { should exist }
+end
+```
+## Parameters
+
+| Name | Description |
+|--------------------------------|-----------------------------------------------------------------------------------|
+| resource_group | Azure resource group that the targeted resource resides in. `resourceGroupName` |
+| name | The unique name of the Event Hub Namespace. `namespaceName` |
+| namespace_name | Alias for the `name` parameter. |
+| resource_id | The unique resource ID. `/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventHub/namespaces/{namespaceName}` |
+
+Either one of the parameter sets can be provided for a valid query:
+- `resource_id`
+- `resource_group` and `name`
+- `resource_group` and `namespace_name`
+
+## Properties
+
+| Property | Description |
+|-----------------------------------|-------------|
+| properties.kafkaEnabled | Value that indicates whether Kafka is enabled for eventhub namespace. |
+
+For parameters applicable to all resources, such as `type`, `name`, `id`, `properties`, refer to [`azure_generic_resource`](azure_generic_resource.md#properties).
+
+Also, refer to [Azure documentation](https://docs.microsoft.com/en-us/rest/api/eventhub/2017-04-01/namespaces/get#ehnamespace) for other properties available.
+Any attribute in the response may be accessed with the key names separated by dots (`.`).
+
+## Examples
+
+### Test If Kafka is Enabled for an Eventhub Namespace
+```ruby
+describe azure_event_hub_namespace(resource_group: 'my-rg', namespace_name: 'my-event-hub-ns') do
+ its('properties.kafkaEnabled') { should be true }
+end
+```
+```ruby
+describe azure_event_hub_namespace(resource_id: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventHub/namespaces/{namespaceName}') do
+ its('properties.kafkaEnabled') { should be true }
+end
+```
+## Matchers
+
+This InSpec audit resource has the following special matchers. For a full list of available matchers, please visit our [Universal Matchers page](https://docs.chef.io/inspec/matchers/).
+
+### exists
+```ruby
+# If we expect the resource to always exist
+describe azure_event_hub_namespace(resource_group: 'my-rg', namespace_name: 'my-event-hub-ns') do
+ it { should exist }
+end
+
+# If we expect the resource not to exist
+describe azure_event_hub_namespace(resource_group: 'my-rg', namespace_name: 'my-event-hub-ns') do
+ it { should_not exist }
+end
+```
+## Azure Permissions
+
+Your [Service Principal](https://docs.microsoft.com/en-us/azure/azure-resource-manager/resource-group-create-service-principal-portal) must be setup with a `contributor` role on the subscription you wish to test.
diff --git a/docs/resources/azure_generic_resource.md b/docs/resources/azure_generic_resource.md
index 59b8915a5..a4a1b9712 100644
--- a/docs/resources/azure_generic_resource.md
+++ b/docs/resources/azure_generic_resource.md
@@ -11,7 +11,7 @@ Use the `azure_generic_resource` Inspec audit resource to test any valid Azure r
### Installation
-This resource is available in the `inspec-azure` [resource pack](/inspec/glossary/#resource-pack).
+This resource is available in the [InSpec Azure resource pack](https://github.com/inspec/inspec-azure).
For an example `inspec.yml` file and how to set up your Azure credentials, refer to resource pack [README](../../README.md#Service-Principal).
## Syntax
@@ -63,12 +63,14 @@ The following properties are applicable to almost all resources.
| Property | Description |
|------------|-------------|
-| id | The unique resource identifier.|
-| name | The name of the resource. |
-| type | The resource type. |
-| location | The location of the resource. |
-| tags | The tag `key:value pairs` if defined on the resource. |
-| properties | The resource properties. |
+| id | The unique resource identifier. |
+| name | The name of the resource. |
+| type | The resource type. |
+| location | The location of the resource. |
+| tags | The tag `key:value pairs` if defined on the resource. |
+| properties | The resource properties. |
+
+For more properties, refer to [Azure documents](https://docs.microsoft.com/en-us/rest/api/resources/resources/list#genericresourceexpanded).
## Examples
@@ -83,8 +85,6 @@ describe azure_generic_resource(resource_group: 'my_vms', name: 'my_linux_vm') d
its('api_version_used_for_query_state') { should eq 'latest' }
end
```
-
-
### Test the API Version Used for the Query
```ruby
describe azure_generic_resource(resource_id: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroup}/providers/Microsoft.Compute/virtualMachines/{vmName}', api_version: '2017-01-01') do
@@ -92,8 +92,6 @@ describe azure_generic_resource(resource_id: '/subscriptions/{subscriptionId}/re
its('api_version_used_for_query') { should eq '2017-01-01' }
end
```
-
-
### Test the Tags if Include Specific Values
```ruby
describe azure_generic_resource(resource_group: 'my_vms', name: 'my_linux_vm') do
@@ -103,7 +101,6 @@ describe azure_generic_resource(resource_group: 'my_vms', name: 'my_linux_vm') d
its('tags') { should include('name') } # regardless of the value
end
```
-
For more examples, please see the [integration tests](/test/integration/verify/controls/azure_generic_resource.rb).
## Matchers
@@ -125,4 +122,4 @@ end
```
## Azure Permissions
-Your [Service Principal](https://docs.microsoft.com/en-us/azure/azure-resource-manager/resource-group-create-service-principal-portal) must be setup with a `contributor` role on the subscription you wish to test.
\ No newline at end of file
+Your [Service Principal](https://docs.microsoft.com/en-us/azure/azure-resource-manager/resource-group-create-service-principal-portal) must be setup with a `contributor` role on the subscription you wish to test.
diff --git a/docs/resources/azure_generic_resources.md b/docs/resources/azure_generic_resources.md
index 5c71b060e..0d060a15c 100644
--- a/docs/resources/azure_generic_resources.md
+++ b/docs/resources/azure_generic_resources.md
@@ -11,7 +11,7 @@ Use the `azure_generic_resources` Inspec audit resource to test any valid Azure
### Installation
-This resource is available in the `inspec-azure` [resource pack](/inspec/glossary/#resource-pack).
+This resource is available in the [InSpec Azure resource pack](https://github.com/inspec/inspec-azure).
For an example `inspec.yml` file and how to set up your Azure credentials, refer to resource pack [README](../../README.md#Service-Principal).
## Syntax
diff --git a/docs/resources/azure_graph_generic_resource.md b/docs/resources/azure_graph_generic_resource.md
index 67dc50d0e..de28c475f 100644
--- a/docs/resources/azure_graph_generic_resource.md
+++ b/docs/resources/azure_graph_generic_resource.md
@@ -20,17 +20,15 @@ For more information, refer to the resource pack [README](../../README.md).
### Installation
-This resource is available in the `inspec-azure` [resource pack](/inspec/glossary/#resource-pack).
+This resource is available in the [InSpec Azure resource pack](https://github.com/inspec/inspec-azure).
For an example `inspec.yml` file and how to set up your Azure credentials, refer to resource pack [README](../../README.md#Service-Principal).
## Syntax
-
```ruby
describe azure_graph_generic_resource(resource: 'resource', id: 'GUID', select: %w(attributes to be tested)) do
its('property') { should eq 'value' }
end
```
-
where
- Resource parameters are used to query Azure Graph API endpoint for the resource to be tested.
diff --git a/docs/resources/azure_graph_generic_resources.md b/docs/resources/azure_graph_generic_resources.md
index 9f35cf571..4a59c5631 100644
--- a/docs/resources/azure_graph_generic_resources.md
+++ b/docs/resources/azure_graph_generic_resources.md
@@ -20,7 +20,7 @@ For more information, refer to the resource pack [README](../../README.md).
### Installation
-This resource is available in the `inspec-azure` [resource pack](/inspec/glossary/#resource-pack).
+This resource is available in the [InSpec Azure resource pack](https://github.com/inspec/inspec-azure).
For an example `inspec.yml` file and how to set up your Azure credentials, refer to resource pack [README](../../README.md#Service-Principal).
## Syntax
diff --git a/docs/resources/azure_graph_user.md b/docs/resources/azure_graph_user.md
index 34c5fc2b2..036933670 100644
--- a/docs/resources/azure_graph_user.md
+++ b/docs/resources/azure_graph_user.md
@@ -21,7 +21,7 @@ For more information, refer to the resource pack [README](../../README.md).
### Installation
-This resource is available in the `inspec-azure` [resource pack](/inspec/glossary/#resource-pack).
+This resource is available in the [InSpec Azure resource pack](https://github.com/inspec/inspec-azure).
For an example `inspec.yml` file and how to set up your Azure credentials, refer to resource pack [README](../../README.md#Service-Principal).
## Syntax
diff --git a/docs/resources/azure_graph_users.md b/docs/resources/azure_graph_users.md
index 4f1821ca5..b3b584435 100644
--- a/docs/resources/azure_graph_users.md
+++ b/docs/resources/azure_graph_users.md
@@ -20,7 +20,7 @@ For more information, refer to the resource pack [README](../../README.md).
### Installation
-This resource is available in the `inspec-azure` [resource pack](/inspec/glossary/#resource-pack).
+This resource is available in the [InSpec Azure resource pack](https://github.com/inspec/inspec-azure).
For an example `inspec.yml` file and how to set up your Azure credentials, refer to resource pack [README](../../README.md#Service-Principal).
## Syntax
@@ -37,8 +37,8 @@ The following parameters can be passed for targeting specific users.
| Name | Description | Example |
|-------------------|-------------------------------------------------------------|-------------------------------------|
-| filter | A hash containing the filtering options and their values. The `starts_with_` operator can be used for fuzzy string matching. Parameter names are in snakecase. | `{ starts_with_given_name: 'J', starts_with_department: 'Core', country: 'United Kingdom', given_name: John}` |
-| filter_free_text | [OData](https://www.odata.org/getting-started/basic-tutorial/) query string in double quotes, `"`. Property names are in camelcase, refer to [here](https://docs.microsoft.com/en-us/graph/query-parameters#filter-parameter) for more information. | `"startswith(displayName,'J') and surname eq 'Doe'"` |
+| filter | A hash containing the filtering options and their values. The `starts_with_` operator can be used for fuzzy string matching. Parameter names are in snake_case. | `{ starts_with_given_name: 'J', starts_with_department: 'Core', country: 'United Kingdom', given_name: John}` |
+| filter_free_text | [OData](https://www.odata.org/getting-started/basic-tutorial/) query string in double quotes, `"`. Property names are in camelcase, refer to [here](https://docs.microsoft.com/en-us/graph/query-parameters#filter-parameter) for more information. | `"startswith(displayName,'J') and surname eq 'Doe'"` or `"userType eq 'Guest'"` |
It is advised to use these parameters to narrow down the targeted resources at the server side, Azure Graph API, for a more efficient test.
diff --git a/docs/resources/azure_hdinsight_cluster.md b/docs/resources/azure_hdinsight_cluster.md
new file mode 100644
index 000000000..7b3ff036a
--- /dev/null
+++ b/docs/resources/azure_hdinsight_cluster.md
@@ -0,0 +1,97 @@
+---
+title: About the azure_hdinsight_cluster Resource
+platform: azure
+---
+
+# azure_hdinsight_cluster
+
+Use the `azure_hdinsight_cluster` InSpec audit resource to test properties of an Azure HDInsight Cluster.
+
+## Azure REST API version, endpoint and http client parameters
+
+This resource interacts with api versions supported by the resource provider.
+The `api_version` can be defined as a resource parameter.
+If not provided, the latest version will be used.
+For more information, refer to [`azure_generic_resource`](azure_generic_resource.md).
+
+Unless defined, `azure_cloud` global endpoint, and default values for the http client will be used .
+For more information, refer to the resource pack [README](../../README.md).
+
+## Availability
+
+### Installation
+
+This resource is available in the [InSpec Azure resource pack](https://github.com/inspec/inspec-azure).
+For an example `inspec.yml` file and how to set up your Azure credentials, refer to resource pack [README](../../README.md#Service-Principal).
+
+## Syntax
+
+An `azure_hdinsight_cluster` resource block identifies a HDInsight Cluster by `name` and `resource_group`.
+```ruby
+describe azure_hdinsight_cluster(resource_group: 'example', name: 'ClusterName') do
+ it { should exist }
+end
+```
+## Parameters
+
+| Name | Description |
+|--------------------------------|-----------------------------------------------------------------------------------|
+| resource_group | Azure resource group that the targeted resource resides in. `resourceGroupName` |
+| name | The unique name of the cluster. `clusterName` |
+| resource_id | The unique resource ID. `/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.HDInsight/clusters/{clusterName}` |
+
+Either one of the parameter sets can be provided for a valid query:
+- `resource_id`
+- `resource_group` and `name`
+
+## Properties
+
+| Property | Description |
+|-----------------------------------|-------------|
+| properties.clusterVersion | The version of the cluster. |
+
+For properties applicable to all resources, such as `type`, `name`, `id`, `properties`, refer to [`azure_generic_resource`](azure_generic_resource.md#properties).
+
+Also, refer to [Azure documentation](https://docs.microsoft.com/en-us/rest/api/hdinsight/clusters/get) for other properties available.
+Any attribute in the response may be accessed with the key names separated by dots (`.`).
+
+## Examples
+
+### Test that a Specified HDInsight Cluster is Successfully Provisioned
+```ruby
+describe azure_hdinsight_cluster(resource_group: 'example', name: 'ClusterName') do
+ its('properties.provisioningState') { should cmp 'Succeeded' }
+end
+```
+```ruby
+describe azure_hdinsight_cluster(resource_id: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.HDInsight/clusters/{clusterName}') do
+ its('properties.provisioningState') { should cmp 'Succeeded' }
+end
+```
+### Test the Version of a HDInsight Cluster
+```ruby
+describe azure_hdinsight_cluster(resource_group: 'example', name: 'ClusterName') do
+ its('properties.clusterVersion') { should cmp '4.0' }
+end
+```
+See [integration tests](../../test/integration/verify/controls/azurerm_hdinsight_cluster.rb) for more examples.
+
+## Matchers
+
+This InSpec audit resource has the following special matchers. For a full list of available matchers, please visit our [Universal Matchers page](https://docs.chef.io/inspec/matchers/).
+
+### exists
+```ruby
+# If we expect the resource to always exist
+describe azure_hdinsight_cluster(resource_group: 'example', name: 'ClusterName') do
+ it { should exist }
+end
+
+# If we expect the resource not to exist
+describe azure_hdinsight_cluster(resource_group: 'example', name: 'ClusterName') do
+ it { should_not exist }
+end
+```
+## Azure Permissions
+
+Your [Service Principal](https://docs.microsoft.com/en-us/azure/azure-resource-manager/resource-group-create-service-principal-portal) must be setup with a `contributor` role on the subscription you wish to test.
diff --git a/docs/resources/azure_key_vault.md b/docs/resources/azure_key_vault.md
index 4939b2402..03a44f167 100644
--- a/docs/resources/azure_key_vault.md
+++ b/docs/resources/azure_key_vault.md
@@ -21,7 +21,7 @@ For more information, refer to the resource pack [README](../../README.md).
### Installation
-This resource is available in the `inspec-azure` [resource pack](/inspec/glossary/#resource-pack).
+This resource is available in the [InSpec Azure resource pack](https://github.com/inspec/inspec-azure).
For an example `inspec.yml` file and how to set up your Azure credentials, refer to resource pack [README](../../README.md#Service-Principal).
## Syntax
@@ -53,7 +53,7 @@ Either one of the parameter sets can be provided for a valid query:
|---------------------------------------|-------------|
| diagnostic_settings | The active diagnostic settings list for the key vault. |
-For parameters applicable to all resources, such as `type`, `name`, `id`, `location`, `properties`, refer to [`azure_generic_resource`](azure_generic_resource.md#parameters).
+For properties applicable to all resources, such as `type`, `name`, `id`, `properties`, refer to [`azure_generic_resource`](azure_generic_resource.md#properties).
Also, refer to [Azure documentation](https://docs.microsoft.com/en-us/rest/api/keyvault/vaults/get#vault) for other properties available.
Any attribute in the response may be accessed with the key names separated by dots (`.`).
diff --git a/docs/resources/azure_key_vaults.md b/docs/resources/azure_key_vaults.md
index 76bfd6b6e..a261a0816 100644
--- a/docs/resources/azure_key_vaults.md
+++ b/docs/resources/azure_key_vaults.md
@@ -21,7 +21,7 @@ For more information, refer to the resource pack [README](../../README.md).
### Installation
-This resource is available in the `inspec-azure` [resource pack](/inspec/glossary/#resource-pack).
+This resource is available in the [InSpec Azure resource pack](https://github.com/inspec/inspec-azure).
For an example `inspec.yml` file and how to set up your Azure credentials, refer to resource pack [README](../../README.md#Service-Principal).
## Syntax
diff --git a/docs/resources/azure_mysql_server.md b/docs/resources/azure_mysql_server.md
index 9d4053153..a39131143 100644
--- a/docs/resources/azure_mysql_server.md
+++ b/docs/resources/azure_mysql_server.md
@@ -21,7 +21,7 @@ For more information, refer to the resource pack [README](../../README.md).
### Installation
-This resource is available in the `inspec-azure` [resource pack](/inspec/glossary/#resource-pack).
+This resource is available in the [InSpec Azure resource pack](https://github.com/inspec/inspec-azure).
For an example `inspec.yml` file and how to set up your Azure credentials, refer to resource pack [README](../../README.md#Service-Principal).
## Syntax
@@ -53,7 +53,7 @@ Either one of the parameter sets can be provided for a valid query:
| firewall_rules | A list of all firewall rules in the targeted server. |
| sku | The SKU (pricing tier) of the server. |
-For parameters applicable to all resources, such as `type`, `name`, `id`, `properties`, refer to [`azure_generic_resource`](azure_generic_resource.md#parameters).
+For properties applicable to all resources, such as `type`, `name`, `id`, `properties`, refer to [`azure_generic_resource`](azure_generic_resource.md#properties).
Also, refer to [Azure documentation](https://docs.microsoft.com/en-us/rest/api/mysql/servers/get#server) for other properties available.
Any attribute in the response may be accessed with the key names separated by dots (`.`).
diff --git a/docs/resources/azure_mysql_servers.md b/docs/resources/azure_mysql_servers.md
index 7f8e4ca8c..bff0b56b0 100644
--- a/docs/resources/azure_mysql_servers.md
+++ b/docs/resources/azure_mysql_servers.md
@@ -6,6 +6,7 @@ platform: azure
# azure_mysql_servers
Use the `azure_mysql_servers` InSpec audit resource to test properties and configuration of multiple Azure MySQL Servers.
+
## Azure REST API version, endpoint and http client parameters
This resource interacts with api versions supported by the resource provider.
@@ -20,7 +21,7 @@ For more information, refer to the resource pack [README](../../README.md).
### Installation
-This resource is available in the `inspec-azure` [resource pack](/inspec/glossary/#resource-pack).
+This resource is available in the [InSpec Azure resource pack](https://github.com/inspec/inspec-azure).
For an example `inspec.yml` file and how to set up your Azure credentials, refer to resource pack [README](../../README.md#Service-Principal).
## Syntax
@@ -46,11 +47,11 @@ end
|Property | Description | Filter Criteria* |
|---------------|--------------------------------------------------------------------------------------|-----------------|
| ids | A list of the unique resource ids. | `id` |
-| locations | A list of locations for all the virtual networks. | `location` |
-| names | A list of all the virtual network names. | `name` |
+| locations | A list of locations for all the resources being interrogated. | `location` |
+| names | A list of all the resources being interrogated. | `name` |
| tags | A list of `tag:value` pairs defined on the resources. | `tags` |
-| skus | A list of the SKUs (pricing tiers) of the server. | `sku` |
-| properties | A list of properties for all the key vaults. | `properties` |
+| skus | A list of the SKUs (pricing tiers) of the servers. | `sku` |
+| properties | A list of properties for all the resources being interrogated. | `properties` |
* For information on how to use filter criteria on plural resources refer to [FilterTable usage](https://github.com/inspec/inspec/blob/master/docs/dev/filtertable-usage.md#a-where-method-you-can-call-with-hash-params-with-loose-matching).
diff --git a/docs/resources/azure_network_security_group.md b/docs/resources/azure_network_security_group.md
index b46f444a5..daddd9738 100644
--- a/docs/resources/azure_network_security_group.md
+++ b/docs/resources/azure_network_security_group.md
@@ -21,7 +21,7 @@ For more information, refer to the resource pack [README](../../README.md).
### Installation
-This resource is available in the `inspec-azure` [resource pack](/inspec/glossary/#resource-pack).
+This resource is available in the [InSpec Azure resource pack](https://github.com/inspec/inspec-azure).
For an example `inspec.yml` file and how to set up your Azure credentials, refer to resource pack [README](../../README.md#Service-Principal).
## Syntax
@@ -72,7 +72,7 @@ Therefore, tests using these methods should be written explicitly for service ta
For more information about network security groups and security rules refer to [here](https://docs.microsoft.com/en-us/azure/virtual-network/security-overview).
`*ip_range` used in these methods support IPv4 and IPv6. The ip range criteriaom should be written in CIDR notation.
-For parameters applicable to all resources, such as `type`, `name`, `id`, `location`, `properties`, refer to [`azure_generic_resource`](azure_generic_resource.md#parameters).
+For properties applicable to all resources, such as `type`, `name`, `id`, `properties`, refer to [`azure_generic_resource`](azure_generic_resource.md#properties).
Also, refer to [Azure documentation](https://docs.microsoft.com/en-us/rest/api/virtualnetwork/networksecuritygroups/get#networksecuritygroup) for other properties available.
Any property in the response may be accessed with the key names separated by dots (`.`).
diff --git a/docs/resources/azure_network_security_groups.md b/docs/resources/azure_network_security_groups.md
index 221ab7c20..fb6d4635a 100644
--- a/docs/resources/azure_network_security_groups.md
+++ b/docs/resources/azure_network_security_groups.md
@@ -21,7 +21,7 @@ For more information, refer to the resource pack [README](../../README.md).
### Installation
-This resource is available in the `inspec-azure` [resource pack](/inspec/glossary/#resource-pack).
+This resource is available in the [InSpec Azure resource pack](https://github.com/inspec/inspec-azure).
For an example `inspec.yml` file and how to set up your Azure credentials, refer to resource pack [README](../../README.md#Service-Principal).
## Syntax
diff --git a/docs/resources/azure_public_ip.md b/docs/resources/azure_public_ip.md
new file mode 100644
index 000000000..087fc1116
--- /dev/null
+++ b/docs/resources/azure_public_ip.md
@@ -0,0 +1,91 @@
+---
+title: About the azure_public_ip Resource
+platform: azure
+---
+
+# azure_public_ip
+
+Use the `azure_public_ip` InSpec audit resource to test properties of an Azure Public IP address.
+
+## Azure REST API version, endpoint and http client parameters
+
+This resource interacts with api versions supported by the resource provider.
+The `api_version` can be defined as a resource parameter.
+If not provided, the latest version will be used.
+For more information, refer to [`azure_generic_resource`](azure_generic_resource.md).
+
+Unless defined, `azure_cloud` global endpoint, and default values for the http client will be used .
+For more information, refer to the resource pack [README](../../README.md).
+
+## Availability
+
+### Installation
+
+This resource is available in the [InSpec Azure resource pack](https://github.com/inspec/inspec-azure).
+For an example `inspec.yml` file and how to set up your Azure credentials, refer to resource pack [README](../../README.md#Service-Principal).
+
+## Syntax
+
+An `azure_public_ip` resource block identifies a public IP address by `name` and `resource_group`.
+```ruby
+describe azure_public_ip(resource_group: 'example', name: 'addressName') do
+ it { should exist }
+end
+```
+## Parameters
+
+| Name | Description |
+|--------------------------------|-----------------------------------------------------------------------------------|
+| resource_group | Azure resource group that the targeted resource resides in. `resourceGroupName` |
+| name | The unique name of the public IP address. `publicIpAddressName` |
+| resource_id | The unique resource ID. `/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPAddresses/{publicIpAddressName}` |
+
+Either one of the parameter sets can be provided for a valid query:
+- `resource_id`
+- `resource_group` and `name`
+
+## Properties
+
+| Property | Description |
+|-----------------------------------|-------------|
+| properties.ipAddress | The IP address associated with the public IP address resource. |
+
+For properties applicable to all resources, such as `type`, `name`, `id`, `properties`, refer to [`azure_generic_resource`](azure_generic_resource.md#properties).
+
+Also, refer to [Azure documentation](https://docs.microsoft.com/en-us/rest/api/virtualnetwork/publicipaddresses/get#publicipaddress) for other properties available.
+Any attribute in the response may be accessed with the key names separated by dots (`.`).
+
+## Examples
+
+### Test the IP Address of a Public IP Resource
+```ruby
+describe azure_public_ip(resource_group: 'example', name: 'publicIpAddressName') do
+ its('properties.ipAddress') { should cmp '51.224.11.75' }
+end
+```
+```ruby
+describe azure_public_ip(resource_id: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/publicIPAddresses/{publicIpAddressName}') do
+ its('properties.ipAddress') { should cmp '51.224.11.75' }
+end
+```
+See [integration tests](../../test/integration/verify/controls/azurerm_public_ip.rb) for more examples.
+
+## Matchers
+
+This InSpec audit resource has the following special matchers. For a full list of available matchers, please visit our [Universal Matchers page](https://docs.chef.io/inspec/matchers/).
+
+### exists
+```ruby
+# If we expect the resource to always exist
+describe azure_public_ip(resource_group: 'example', name: 'publicIpAddressName') do
+ it { should exist }
+end
+
+# If we expect the resource not to exist
+describe azure_public_ip(resource_group: 'example', name: 'publicIpAddressName') do
+ it { should_not exist }
+end
+```
+## Azure Permissions
+
+Your [Service Principal](https://docs.microsoft.com/en-us/azure/azure-resource-manager/resource-group-create-service-principal-portal) must be setup with a `contributor` role on the subscription you wish to test.
diff --git a/docs/resources/azure_subnet.md b/docs/resources/azure_subnet.md
index 3d011fd21..7d6ab8113 100644
--- a/docs/resources/azure_subnet.md
+++ b/docs/resources/azure_subnet.md
@@ -21,7 +21,7 @@ For more information, refer to the resource pack [README](../../README.md).
### Installation
-This resource is available in the `inspec-azure` [resource pack](/inspec/glossary/#resource-pack).
+This resource is available in the [InSpec Azure resource pack](https://github.com/inspec/inspec-azure).
For an example `inspec.yml` file and how to set up your Azure credentials, refer to resource pack [README](../../README.md#Service-Principal).
## Syntax
@@ -50,7 +50,7 @@ Either one of the parameter sets can be provided for a valid query:
| address_prefix | The address prefix for the subnet. `its('address_prefix') { should eq "x.x.x.x/x" }` |
| nsg | The network security group attached to the subnet. `its('nsg') { should eq 'MyNetworkSecurityGroupName' }` |
-For parameters applicable to all resources, such as `type`, `name`, `id`, `location`, `properties`, refer to [`azure_generic_resource`](azure_generic_resource.md#parameters).
+For properties applicable to all resources, such as `type`, `name`, `id`, `properties`, refer to [`azure_generic_resource`](azure_generic_resource.md#properties).
Also, refer to [Azure documentation](https://docs.microsoft.com/en-us/rest/api/virtualnetwork/subnets/get#subnet) for other properties available.
Any property in the response may be accessed with the key names separated by dots (`.`).
diff --git a/docs/resources/azure_subnets.md b/docs/resources/azure_subnets.md
index 3740d176a..a8657a4f2 100644
--- a/docs/resources/azure_subnets.md
+++ b/docs/resources/azure_subnets.md
@@ -21,7 +21,7 @@ For more information, refer to the resource pack [README](../../README.md).
### Installation
-This resource is available in the `inspec-azure` [resource pack](/inspec/glossary/#resource-pack).
+This resource is available in the [InSpec Azure resource pack](https://github.com/inspec/inspec-azure).
For an example `inspec.yml` file and how to set up your Azure credentials, refer to resource pack [README](../../README.md#Service-Principal).
## Syntax
@@ -44,7 +44,7 @@ end
|Property | Description | Filter Criteria* |
|---------------|--------------------------------------------------------------------------------------|-----------------|
| ids | A list of the unique resource ids. | `id` |
-| names | A list of all the virtual network names. | `name` |
+| names | A list of all the resources being interrogated. | `name` |
| etags | A list of etags defined on the resources. | `etag` |
* For information on how to use filter criteria on plural resources refer to [FilterTable usage](https://github.com/inspec/inspec/blob/master/docs/dev/filtertable-usage.md#a-where-method-you-can-call-with-hash-params-with-loose-matching).
diff --git a/docs/resources/azure_virtual_machine.md b/docs/resources/azure_virtual_machine.md
index 36e8bade2..698ced92e 100644
--- a/docs/resources/azure_virtual_machine.md
+++ b/docs/resources/azure_virtual_machine.md
@@ -21,7 +21,7 @@ For more information, refer to the resource pack [README](../../README.md).
### Installation
-This resource is available in the `inspec-azure` [resource pack](/inspec/glossary/#resource-pack).
+This resource is available in the [InSpec Azure resource pack](https://github.com/inspec/inspec-azure).
For an example `inspec.yml` file and how to set up your Azure credentials, refer to resource pack [README](../../README.md#Service-Principal).
## Syntax
@@ -59,7 +59,7 @@ Either one of the parameter sets can be provided for a valid query:
| os_disk_name | The virtual machine's operating system disk name. `its('os_disk_name') { should cmp 'OsDiskName' }` |
| data_disk_names | The virtual machine's data disk names. `its('data_disk_names') { should include('DataDisk1') }` |
-For parameters applicable to all resources, such as `type`, `name`, `id`, `location`, `properties`, refer to [`azure_generic_resource`](azure_generic_resource.md#parameters).
+For properties applicable to all resources, such as `type`, `name`, `id`, `properties`, refer to [`azure_generic_resource`](azure_generic_resource.md#properties).
Also, refer to [Azure documentation](https://docs.microsoft.com/en-us/rest/api/compute/virtualmachines/get#virtualmachine) for other properties available.
Any attribute in the response may be accessed with the key names separated by dots (`.`).
diff --git a/docs/resources/azure_virtual_machines.md b/docs/resources/azure_virtual_machines.md
index 156ac9ad4..9a17efc6e 100644
--- a/docs/resources/azure_virtual_machines.md
+++ b/docs/resources/azure_virtual_machines.md
@@ -21,7 +21,7 @@ For more information, refer to the resource pack [README](../../README.md).
### Installation
-This resource is available in the `inspec-azure` [resource pack](/inspec/glossary/#resource-pack).
+This resource is available in the [InSpec Azure resource pack](https://github.com/inspec/inspec-azure).
For an example `inspec.yml` file and how to set up your Azure credentials, refer to resource pack [README](../../README.md#Service-Principal).
## Syntax
diff --git a/docs/resources/azure_virtual_network.md b/docs/resources/azure_virtual_network.md
index ed2eb0629..f855ac246 100644
--- a/docs/resources/azure_virtual_network.md
+++ b/docs/resources/azure_virtual_network.md
@@ -21,7 +21,7 @@ For more information, refer to the resource pack [README](../../README.md).
### Installation
-This resource is available in the `inspec-azure` [resource pack](/inspec/glossary/#resource-pack).
+This resource is available in the [InSpec Azure resource pack](https://github.com/inspec/inspec-azure).
For an example `inspec.yml` file and how to set up your Azure credentials, refer to resource pack [README](../../README.md#Service-Principal).
## Syntax
@@ -55,7 +55,7 @@ Either one of the parameter sets can be provided for a valid query:
| enable_ddos\_protection | Boolean value showing if Azure DDoS standard protection is enabled on the virtual network. `its('enable_ddos_protection') { should eq true }` |
| enable_vm_protection | Boolean value showing if the virtual network has VM protection enabled. `its('enable_vm_protection') { should eq false }` |
-For parameters applicable to all resources, such as `type`, `name`, `id`, `location`, `properties`, refer to [`azure_generic_resource`](azure_generic_resource.md#parameters).
+For properties applicable to all resources, such as `type`, `name`, `id`, `properties`, refer to [`azure_generic_resource`](azure_generic_resource.md#properties).
Also, refer to [Azure documentation](https://docs.microsoft.com/en-us/rest/api/virtualnetwork/virtualnetworks/get#virtualnetwork) for other properties available.
Any property in the response may be accessed with the key names separated by dots (`.`).
diff --git a/docs/resources/azure_virtual_networks.md b/docs/resources/azure_virtual_networks.md
index d12bae35d..dd50f0e1f 100644
--- a/docs/resources/azure_virtual_networks.md
+++ b/docs/resources/azure_virtual_networks.md
@@ -21,7 +21,7 @@ For more information, refer to the resource pack [README](../../README.md).
### Installation
-This resource is available in the `inspec-azure` [resource pack](/inspec/glossary/#resource-pack).
+This resource is available in the [InSpec Azure resource pack](https://github.com/inspec/inspec-azure).
For an example `inspec.yml` file and how to set up your Azure credentials, refer to resource pack [README](../../README.md#Service-Principal).
### Version
diff --git a/docs/resources/azurerm_aks_cluster.md b/docs/resources/azurerm_aks_cluster.md
index 6839a3c86..7ba208406 100644
--- a/docs/resources/azurerm_aks_cluster.md
+++ b/docs/resources/azurerm_aks_cluster.md
@@ -3,6 +3,8 @@ title: About the azurerm_aks_cluster Resource
platform: azure
---
+> WARNING This resource will be deprecated in InSpec Azure Resource Pack version **2**. Please start using fully backward compatible [`azure_aks_cluster`](azure_aks_cluster.md) InSpec audit resource.
+
# azurerm\_aks\_cluster
Use the `azurerm_aks_cluster` InSpec audit resource to test properties of an Azure AKS Cluster.
diff --git a/docs/resources/azurerm_aks_clusters.md b/docs/resources/azurerm_aks_clusters.md
index a8d743723..8936353db 100644
--- a/docs/resources/azurerm_aks_clusters.md
+++ b/docs/resources/azurerm_aks_clusters.md
@@ -3,6 +3,8 @@ title: About the azurerm_aks_clusters Resource
platform: azure
---
+> WARNING This resource will be deprecated in InSpec Azure Resource Pack version **2**. Please start using fully backward compatible [`azure_aks_clusters`](azure_aks_clusters.md) InSpec audit resource.
+
# azurerm\_aks\_clusters
Use the `azurerm_aks_clusters` InSpec audit resource to enumerate AKS Clusters.
diff --git a/docs/resources/azurerm_api_management.md b/docs/resources/azurerm_api_management.md
index d769b9309..ff5807b1b 100644
--- a/docs/resources/azurerm_api_management.md
+++ b/docs/resources/azurerm_api_management.md
@@ -3,6 +3,8 @@ title: About the azurerm_api_management Resource
platform: azure
---
+> WARNING This resource will be deprecated in InSpec Azure Resource Pack version **2**. Please start using fully backward compatible [`azure_api_management`](azure_api_management.md) InSpec audit resource.
+
# azurerm\_\_api\_management
Use the `azurerm_api_management` InSpec audit resource to test properties and configuration of
diff --git a/docs/resources/azurerm_api_managements.md b/docs/resources/azurerm_api_managements.md
index 5e07c8648..c7026622e 100644
--- a/docs/resources/azurerm_api_managements.md
+++ b/docs/resources/azurerm_api_managements.md
@@ -3,6 +3,8 @@ title: About the azurerm_api_managements Resource
platform: azure
---
+> WARNING This resource will be deprecated in InSpec Azure Resource Pack version **2**. Please start using fully backward compatible [`azure_api_managements`](azure_api_managements.md) InSpec audit resource.
+
# azurerm\_api\_managements
Use the `azurerm_api_managements` InSpec audit resource to test properties and configuration of Azure Api Management Service.
diff --git a/docs/resources/azurerm_application_gateway.md b/docs/resources/azurerm_application_gateway.md
index f98fdacd9..2ba4940ba 100644
--- a/docs/resources/azurerm_application_gateway.md
+++ b/docs/resources/azurerm_application_gateway.md
@@ -3,6 +3,8 @@ title: About the azurerm_application_gateway Resource
platform: azure
---
+> WARNING This resource will be deprecated in InSpec Azure Resource Pack version **2**. Please start using fully backward compatible [`azure_application_gateway`](azure_application_gateway.md) InSpec audit resource.
+
# azurerm\_\_application\_gateway
Use the `azurerm_application_gateway` InSpec audit resource to test properties and configuration of
diff --git a/docs/resources/azurerm_application_gateways.md b/docs/resources/azurerm_application_gateways.md
index d6bee99c6..008dd74df 100644
--- a/docs/resources/azurerm_application_gateways.md
+++ b/docs/resources/azurerm_application_gateways.md
@@ -3,6 +3,8 @@ title: About the azurerm_application_gateways Resource
platform: azure
---
+> WARNING This resource will be deprecated in InSpec Azure Resource Pack version **2**. Please start using fully backward compatible [`azure_application_gateways`](azure_application_gateways.md) InSpec audit resource.
+
# azurerm\_Load\_balancers
Use the `azurerm_application_gateways` InSpec audit resource to test properties and configuration of Azure Application Gateways.
diff --git a/docs/resources/azurerm_cosmosdb_database_account.md b/docs/resources/azurerm_cosmosdb_database_account.md
index b4e2e3675..77cc7e7fb 100644
--- a/docs/resources/azurerm_cosmosdb_database_account.md
+++ b/docs/resources/azurerm_cosmosdb_database_account.md
@@ -3,6 +3,8 @@ title: About the azurerm_cosmosdb_database_account Resource
platform: azure
---
+> WARNING This resource will be deprecated in InSpec Azure Resource Pack version **2**. Please start using fully backward compatible [`azure_cosmosdb_database_account`](azure_cosmosdb_database_account.md) InSpec audit resource.
+
# azurerm\_cosmosdb\_database\_account
Use the `azurerm_cosmosdb_database_account` InSpec audit resource to test properties and configuration of
diff --git a/docs/resources/azurerm_event_hub_authorization_rule.md b/docs/resources/azurerm_event_hub_authorization_rule.md
index d5bde9023..9cc6cd745 100644
--- a/docs/resources/azurerm_event_hub_authorization_rule.md
+++ b/docs/resources/azurerm_event_hub_authorization_rule.md
@@ -3,6 +3,8 @@ title: About the azurerm_event_hub_authorization_rule Resource
platform: azure
---
+> WARNING This resource will be deprecated in InSpec Azure Resource Pack version **2**. Please start using fully backward compatible [`azure_event_hub_authorization_rule`](azure_event_hub_authorization_rule.md) InSpec audit resource.
+
# azurerm\_event\_hub\_authorization\_rule
Use the `azurerm_event_hub_authorization_rule` InSpec audit resource to test properties and configuration of
@@ -40,9 +42,9 @@ This resource first became available in 1.11.0 of the inspec-azure resource pack
## Syntax
-The `resource_group`, `namespace_name`, `event_hub_name` and `authorization_rule_name` must be given as a parameter.
+The `resource_group`, `namespace_name`, `event_hub_endpoint` and `authorization_rule` must be given as a parameter.
- describe azurerm_event_hub_authorization_rule(resource_group: 'my-rg', namespace_name 'my-event-hub-ns', event_hub_name: 'myeventhub', authorization_rule_name: 'my-auth-rule') do
+ describe azurerm_event_hub_authorization_rule(resource_group: 'my-rg', namespace_name: 'my-event-hub-ns', event_hub_endpoint: 'myeventhub', authorization_rule: 'my-auth-rule') do
it { should exist }
end
diff --git a/docs/resources/azurerm_event_hub_event_hub.md b/docs/resources/azurerm_event_hub_event_hub.md
index 8d10bd300..da239c710 100644
--- a/docs/resources/azurerm_event_hub_event_hub.md
+++ b/docs/resources/azurerm_event_hub_event_hub.md
@@ -3,6 +3,8 @@ title: About the azurerm_event_hub_event_hub Resource
platform: azure
---
+> WARNING This resource will be deprecated in InSpec Azure Resource Pack version **2**. Please start using fully backward compatible [`azure_event_hub_event_hub`](azure_event_hub_event_hub.md) InSpec audit resource.
+
# azurerm\_event\_hub\_event\_hub
Use the `azurerm_event_hub_event_hub` InSpec audit resource to test properties and configuration of
diff --git a/docs/resources/azurerm_event_hub_namespace.md b/docs/resources/azurerm_event_hub_namespace.md
index ff7d73de5..c6ab28888 100644
--- a/docs/resources/azurerm_event_hub_namespace.md
+++ b/docs/resources/azurerm_event_hub_namespace.md
@@ -3,6 +3,8 @@ title: About the azurerm_event_hub_namespace Resource
platform: azure
---
+> WARNING This resource will be deprecated in InSpec Azure Resource Pack version **2**. Please start using fully backward compatible [`azure_event_hub_namespace`](azure_event_hub_namespace.md) InSpec audit resource.
+
# azurerm\_event\_hub\_namespace
Use the `azurerm_event_hub_namespace` InSpec audit resource to test properties and configuration of
diff --git a/docs/resources/azurerm_hdinsight_cluster.md b/docs/resources/azurerm_hdinsight_cluster.md
index 560f48c01..73642eff7 100644
--- a/docs/resources/azurerm_hdinsight_cluster.md
+++ b/docs/resources/azurerm_hdinsight_cluster.md
@@ -3,6 +3,8 @@ title: About the azurerm_hdinsight_cluster Resource
platform: azure
---
+> WARNING This resource will be deprecated in InSpec Azure Resource Pack version **2**. Please start using fully backward compatible [`azure_hdinsight_cluster`](azure_hdinsight_cluster.md) InSpec audit resource.
+
# azurerm\_hdinsight\_cluster
Use the `azurerm_hdinsight_cluster` InSpec audit resource to test properties of an Azure HDInsight Cluster.
diff --git a/docs/resources/azurerm_public_ip.md b/docs/resources/azurerm_public_ip.md
index 7a333d40a..5b015c6d1 100644
--- a/docs/resources/azurerm_public_ip.md
+++ b/docs/resources/azurerm_public_ip.md
@@ -3,6 +3,8 @@ title: About the azurerm_public_ip Resource
platform: azure
---
+> WARNING This resource will be deprecated in InSpec Azure Resource Pack version **2**. Please start using fully backward compatible [`azure_public_ip`](azure_public_ip.md) InSpec audit resource.
+
# azurerm\_public\_ip
Use the `azurerm_public_ip` InSpec audit resource to test properties of an Azure Public IP address.
diff --git a/libraries/azure_aks_cluster.rb b/libraries/azure_aks_cluster.rb
new file mode 100644
index 000000000..b1582c300
--- /dev/null
+++ b/libraries/azure_aks_cluster.rb
@@ -0,0 +1,41 @@
+require 'azure_generic_resource'
+
+class AzureAksCluster < AzureGenericResource
+ name 'azure_aks_cluster'
+ desc 'Verifies settings for AKS Clusters'
+ example <<-EXAMPLE
+ describe azure_aks_cluster(resource_group: 'example', name: 'name') do
+ its(name) { should eq 'name'}
+ end
+ EXAMPLE
+
+ def initialize(opts = {})
+ # Options should be Hash type. Otherwise Ruby will raise an error when we try to access the keys.
+ raise ArgumentError, 'Parameters must be provided in an Hash object.' unless opts.is_a?(Hash)
+
+ opts[:resource_provider] = specific_resource_constraint('Microsoft.ContainerService/managedClusters', opts)
+
+ super(opts, true)
+ end
+
+ def to_s
+ super(AzureAksCluster)
+ end
+end
+
+# Provide the same functionality under the old resource name.
+# This is for backward compatibility.
+class AzurermAksCluster < AzureAksCluster
+ name 'azurerm_aks_cluster'
+ desc 'Verifies settings for AKS Clusters'
+ example <<-EXAMPLE
+ describe azurerm_aks_cluster(resource_group: 'example', name: 'name') do
+ its(name) { should eq 'name'}
+ end
+ EXAMPLE
+
+ def initialize(opts = {})
+ Inspec::Log.warn Helpers.resource_deprecation_message(@__resource_name__, AzureAksCluster.name)
+ super
+ end
+end
diff --git a/libraries/azure_aks_clusters.rb b/libraries/azure_aks_clusters.rb
new file mode 100644
index 000000000..fe672ee0b
--- /dev/null
+++ b/libraries/azure_aks_clusters.rb
@@ -0,0 +1,62 @@
+require 'azure_generic_resources'
+
+class AzureAksClusters < AzureGenericResources
+ name 'azure_aks_clusters'
+ desc 'Verifies settings for AKS Clusters'
+ example <<-EXAMPLE
+ azure_aks_clusters(resource_group: 'example') do
+ it{ should exist }
+ end
+ EXAMPLE
+
+ attr_reader :table
+
+ def initialize(opts = {})
+ # Options should be Hash type. Otherwise Ruby will raise an error when we try to access the keys.
+ raise ArgumentError, 'Parameters must be provided in an Hash object.' unless opts.is_a?(Hash)
+
+ opts[:resource_provider] = specific_resource_constraint('Microsoft.ContainerService/managedClusters', opts)
+
+ # static_resource parameter must be true for setting the scene in the backend.
+ super(opts, true)
+
+ # Check if the resource is failed.
+ # It is recommended to check that after every usage of inherited methods or making API calls.
+ return if failed_resource?
+
+ # Define the column and field names for FilterTable.
+ # In most cases, the `column` should be the pluralized form of the `field`.
+ # @see https://github.com/inspec/inspec/blob/master/docs/dev/filtertable-usage.md
+ table_schema = [
+ { column: :names, field: :name },
+ { column: :ids, field: :id },
+ { column: :tags, field: :tags },
+ { column: :locations, field: :location },
+ { column: :properties, field: :properties },
+ ]
+
+ # FilterTable is populated at the very end due to being an expensive operation.
+ AzureGenericResources.populate_filter_table(:table, table_schema)
+ end
+
+ def to_s
+ super(AzureAksClusters)
+ end
+end
+
+# Provide the same functionality under the old resource name.
+# This is for backward compatibility.
+class AzurermAksClusters < AzureAksClusters
+ name 'azurerm_aks_clusters'
+ desc 'Verifies settings for AKS Clusters'
+ example <<-EXAMPLE
+ azurerm_aks_clusters(resource_group: 'example') do
+ it{ should exist }
+ end
+ EXAMPLE
+
+ def initialize(opts = {})
+ Inspec::Log.warn Helpers.resource_deprecation_message(@__resource_name__, AzureAksClusters.name)
+ super
+ end
+end
diff --git a/libraries/azure_api_management.rb b/libraries/azure_api_management.rb
new file mode 100644
index 000000000..3cf80ce16
--- /dev/null
+++ b/libraries/azure_api_management.rb
@@ -0,0 +1,43 @@
+require 'azure_generic_resource'
+
+class AzureApiManagement < AzureGenericResource
+ name 'azure_api_management'
+ desc 'Verifies settings for an Azure Api Management Service'
+ example <<-EXAMPLE
+ describe azure_api_management(resource_group: 'rg-1', name: 'apim01') do
+ it { should exist }
+ end
+ EXAMPLE
+
+ def initialize(opts = {})
+ # Options should be Hash type. Otherwise Ruby will raise an error when we try to access the keys.
+ raise ArgumentError, 'Parameters must be provided in an Hash object.' unless opts.is_a?(Hash)
+
+ opts[:resource_provider] = specific_resource_constraint('Microsoft.ApiManagement/service', opts)
+
+ opts[:resource_identifiers] = %i(api_management_name)
+
+ super(opts, true)
+ end
+
+ def to_s
+ super(AzureApiManagement)
+ end
+end
+
+# Provide the same functionality under the old resource name.
+# This is for backward compatibility.
+class AzurermApiManagement < AzureApiManagement
+ name 'azurerm_api_management'
+ desc 'Verifies settings for an Azure Api Management Service'
+ example <<-EXAMPLE
+ describe azurerm_api_management(resource_group: 'rg-1', api_management_name: 'apim01') do
+ it { should exist }
+ end
+ EXAMPLE
+
+ def initialize(opts = {})
+ Inspec::Log.warn Helpers.resource_deprecation_message(@__resource_name__, AzureApiManagement.name)
+ super
+ end
+end
diff --git a/libraries/azure_api_managements.rb b/libraries/azure_api_managements.rb
new file mode 100644
index 000000000..365583bd2
--- /dev/null
+++ b/libraries/azure_api_managements.rb
@@ -0,0 +1,63 @@
+require 'azure_generic_resources'
+
+class AzureApiManagements < AzureGenericResources
+ name 'azure_api_managements'
+ desc 'Verifies settings for a collection of Azure Api Management Services'
+ example <<-EXAMPLE
+ describe azure_api_managements do
+ it { should exist }
+ end
+ EXAMPLE
+
+ attr_reader :table
+
+ def initialize(opts = {})
+ # Options should be Hash type. Otherwise Ruby will raise an error when we try to access the keys.
+ raise ArgumentError, 'Parameters must be provided in an Hash object.' unless opts.is_a?(Hash)
+
+ opts[:resource_provider] = specific_resource_constraint('Microsoft.ApiManagement/service', opts)
+
+ # static_resource parameter must be true for setting the scene in the backend.
+ super(opts, true)
+
+ # Check if the resource is failed.
+ # It is recommended to check that after every usage of inherited methods or making API calls.
+ return if failed_resource?
+
+ # Define the column and field names for FilterTable.
+ # In most cases, the `column` should be the pluralized form of the `field`.
+ # @see https://github.com/inspec/inspec/blob/master/docs/dev/filtertable-usage.md
+ table_schema = [
+ { column: :names, field: :name },
+ { column: :ids, field: :id },
+ { column: :tags, field: :tags },
+ { column: :types, field: :type },
+ { column: :locations, field: :location },
+ { column: :properties, field: :properties },
+ ]
+
+ # FilterTable is populated at the very end due to being an expensive operation.
+ AzureGenericResources.populate_filter_table(:table, table_schema)
+ end
+
+ def to_s
+ super(AzureApiManagements)
+ end
+end
+
+# Provide the same functionality under the old resource name.
+# This is for backward compatibility.
+class AzurermApiManagements < AzureApiManagements
+ name 'azurerm_api_managements'
+ desc 'Verifies settings for a collection of Azure Api Management Services'
+ example <<-EXAMPLE
+ describe azurerm_api_managements do
+ it { should exist }
+ end
+ EXAMPLE
+
+ def initialize(opts = {})
+ Inspec::Log.warn Helpers.resource_deprecation_message(@__resource_name__, AzureApiManagements.name)
+ super
+ end
+end
diff --git a/libraries/azure_application_gateway.rb b/libraries/azure_application_gateway.rb
new file mode 100644
index 000000000..3b7f7cb9b
--- /dev/null
+++ b/libraries/azure_application_gateway.rb
@@ -0,0 +1,42 @@
+require 'azure_generic_resource'
+
+class AzureApplicationGateway < AzureGenericResource
+ name 'azure_application_gateway'
+ desc 'Verifies settings for an Azure Application Gateway'
+ example <<-EXAMPLE
+ describe azure_application_gateway(resource_group: 'rg-1', name: 'lb-1') do
+ it { should exist }
+ end
+ EXAMPLE
+
+ def initialize(opts = {})
+ # Options should be Hash type. Otherwise Ruby will raise an error when we try to access the keys.
+ raise ArgumentError, 'Parameters must be provided in an Hash object.' unless opts.is_a?(Hash)
+
+ opts[:resource_provider] = specific_resource_constraint('Microsoft.Network/applicationGateways', opts)
+ opts[:resource_identifiers] = %i(application_gateway_name)
+
+ super(opts, true)
+ end
+
+ def to_s
+ super(AzureApplicationGateway)
+ end
+end
+
+# Provide the same functionality under the old resource name.
+# This is for backward compatibility.
+class AzurermApplicationGateway < AzureApplicationGateway
+ name 'azurerm_application_gateway'
+ desc 'Verifies settings for an Azure Application Gateway'
+ example <<-EXAMPLE
+ describe azurerm_application_gateway(resource_group: 'rg-1', application_gateway_name: 'lb-1') do
+ it { should exist }
+ end
+ EXAMPLE
+
+ def initialize(opts = {})
+ Inspec::Log.warn Helpers.resource_deprecation_message(@__resource_name__, AzureApplicationGateway.name)
+ super
+ end
+end
diff --git a/libraries/azure_application_gateways.rb b/libraries/azure_application_gateways.rb
new file mode 100644
index 000000000..4b8cd3577
--- /dev/null
+++ b/libraries/azure_application_gateways.rb
@@ -0,0 +1,63 @@
+require 'azure_generic_resources'
+
+class AzureApplicationGateways < AzureGenericResources
+ name 'azure_application_gateways'
+ desc 'Verifies settings for a collection of Azure Application Gateways'
+ example <<-EXAMPLE
+ describe azure_application_gateways do
+ it { should exist }
+ end
+ EXAMPLE
+
+ attr_reader :table
+
+ def initialize(opts = {})
+ # Options should be Hash type. Otherwise Ruby will raise an error when we try to access the keys.
+ raise ArgumentError, 'Parameters must be provided in an Hash object.' unless opts.is_a?(Hash)
+
+ opts[:resource_provider] = specific_resource_constraint('Microsoft.Network/applicationGateways', opts)
+
+ # static_resource parameter must be true for setting the scene in the backend.
+ super(opts, true)
+
+ # Check if the resource is failed.
+ # It is recommended to check that after every usage of inherited methods or making API calls.
+ return if failed_resource?
+
+ # Define the column and field names for FilterTable.
+ # In most cases, the `column` should be the pluralized form of the `field`.
+ # @see https://github.com/inspec/inspec/blob/master/docs/dev/filtertable-usage.md
+ table_schema = [
+ { column: :names, field: :name },
+ { column: :ids, field: :id },
+ { column: :tags, field: :tags },
+ { column: :types, field: :type },
+ { column: :locations, field: :location },
+ { column: :properties, field: :properties },
+ ]
+
+ # FilterTable is populated at the very end due to being an expensive operation.
+ AzureGenericResources.populate_filter_table(:table, table_schema)
+ end
+
+ def to_s
+ super(AzureApplicationGateways)
+ end
+end
+
+# Provide the same functionality under the old resource name.
+# This is for backward compatibility.
+class AzurermApplicationGateways < AzureApplicationGateways
+ name 'azurerm_application_gateways'
+ desc 'Verifies settings for a collection of Azure Application Gateways'
+ example <<-EXAMPLE
+ describe azurerm_application_gateways do
+ it { should exist }
+ end
+ EXAMPLE
+
+ def initialize(opts = {})
+ Inspec::Log.warn Helpers.resource_deprecation_message(@__resource_name__, AzureApplicationGateways.name)
+ super
+ end
+end
diff --git a/libraries/azure_backend.rb b/libraries/azure_backend.rb
index b3ed4e5cb..85be5afb2 100644
--- a/libraries/azure_backend.rb
+++ b/libraries/azure_backend.rb
@@ -640,11 +640,9 @@ def initialize(item)
@count = item.length
end
- # Allows resources to respond to the include test
+ # Allows resources to respond to the `include` test
# This means that things like tags can be checked for and then their value tested
#
- # @author Russell Seymour
- #
# @param [String, Hash] opt Name (or Name=>Value) of the item to look for in the @item property
def include?(opt)
unless opt.is_a?(Symbol) || opt.is_a?(Hash) || opt.is_a?(String)
@@ -673,6 +671,10 @@ def method_missing(method_name, *args, &block)
def respond_to_missing?(*several_variants)
super
end
+
+ def to_s
+ "Property is missing! The following properties are available: #{item.keys.map(&:to_s)}"
+ end
end
# Ensure to return nil recursively.
@@ -706,8 +708,4 @@ def method_missing(method_name, *args, &block)
def respond_to_missing?(*several_variants)
super
end
-
- def to_s
- 'Do not exist.'
- end
end
diff --git a/libraries/azure_cosmosdb_database_account.rb b/libraries/azure_cosmosdb_database_account.rb
new file mode 100644
index 000000000..040568612
--- /dev/null
+++ b/libraries/azure_cosmosdb_database_account.rb
@@ -0,0 +1,42 @@
+require 'azure_generic_resource'
+
+class AzureCosmosDbDatabaseAccount < AzureGenericResource
+ name 'azure_cosmosdb_database_account'
+ desc 'Verifies settings for CosmosDb Database Account'
+ example <<-EXAMPLE
+ describe azure_cosmosdb_database_account(resource_group: 'example', name: 'my-cosmos-db-account') do
+ its('name') { should eq 'my-cosmos-db-account'}
+ end
+ EXAMPLE
+
+ def initialize(opts = {})
+ # Options should be Hash type. Otherwise Ruby will raise an error when we try to access the keys.
+ raise ArgumentError, 'Parameters must be provided in an Hash object.' unless opts.is_a?(Hash)
+
+ opts[:resource_provider] = specific_resource_constraint('Microsoft.DocumentDB/databaseAccounts', opts)
+ opts[:resource_identifiers] = %i(cosmosdb_database_account)
+
+ super(opts, true)
+ end
+
+ def to_s
+ super(AzureCosmosDbDatabaseAccount)
+ end
+end
+
+# Provide the same functionality under the old resource name.
+# This is for backward compatibility.
+class AzurermCosmosDbDatabaseAccount < AzureCosmosDbDatabaseAccount
+ name 'azurerm_cosmosdb_database_account'
+ desc 'Verifies settings for CosmosDb Database Account'
+ example <<-EXAMPLE
+ describe azurerm_cosmosdb_database_account(resource_group: 'example', cosmosdb_database_account: 'my-cosmos-db-account') do
+ its('name') { should eq 'my-cosmos-db-account'}
+ end
+ EXAMPLE
+
+ def initialize(opts = {})
+ Inspec::Log.warn Helpers.resource_deprecation_message(@__resource_name__, AzureCosmosDbDatabaseAccount.name)
+ super
+ end
+end
diff --git a/libraries/azure_event_hub_authorization_rule.rb b/libraries/azure_event_hub_authorization_rule.rb
new file mode 100644
index 000000000..9ffbcd49d
--- /dev/null
+++ b/libraries/azure_event_hub_authorization_rule.rb
@@ -0,0 +1,44 @@
+require 'azure_generic_resource'
+
+class AzureEventHubAuthorizationRule < AzureGenericResource
+ name 'azure_event_hub_authorization_rule'
+ desc 'Verifies settings for Event Hub Authorization Rule'
+ example <<-EXAMPLE
+ describe azure_event_hub_authorization_rule(resource_group: 'example', namespace_name: 'namespace-ns', event_hub_endpoint: 'eventhub', authorization_rule_name: 'auth-rule'") do
+ its(name) { should eq 'name'}
+ end
+ EXAMPLE
+
+ def initialize(opts = {})
+ # Options should be Hash type. Otherwise Ruby will raise an error when we try to access the keys.
+ raise ArgumentError, 'Parameters must be provided in an Hash object.' unless opts.is_a?(Hash)
+
+ opts[:required_parameters] = %i(namespace_name event_hub_endpoint)
+ opts[:resource_path] = [opts[:namespace_name], 'eventhubs', opts[:event_hub_endpoint], 'authorizationRules'].join('/')
+ opts[:resource_provider] = specific_resource_constraint('Microsoft.EventHub/namespaces', opts)
+ opts[:resource_identifiers] = %i(authorization_rule)
+
+ super(opts, true)
+ end
+
+ def to_s
+ super(AzureEventHubAuthorizationRule)
+ end
+end
+
+# Provide the same functionality under the old resource name.
+# This is for backward compatibility.
+class AzurermEventHubAuthorizationRule < AzureEventHubAuthorizationRule
+ name 'azurerm_event_hub_authorization_rule'
+ desc 'Verifies settings for Event Hub Authorization Rule'
+ example <<-EXAMPLE
+ describe azurerm_event_hub_authorization_rule(resource_group: 'example', namespace_name: 'namespace-ns', event_hub_endpoint: 'eventhub', authorization_rule_name: 'auth-rule'") do
+ its(name) { should eq 'name'}
+ end
+ EXAMPLE
+
+ def initialize(opts = {})
+ Inspec::Log.warn Helpers.resource_deprecation_message(@__resource_name__, AzureEventHubAuthorizationRule.name)
+ super
+ end
+end
diff --git a/libraries/azure_event_hub_event_hub.rb b/libraries/azure_event_hub_event_hub.rb
new file mode 100644
index 000000000..8708d7b12
--- /dev/null
+++ b/libraries/azure_event_hub_event_hub.rb
@@ -0,0 +1,44 @@
+require 'azure_generic_resource'
+
+class AzureEventHubEventHub < AzureGenericResource
+ name 'azure_event_hub_event_hub'
+ desc 'Verifies settings for Event Hub description'
+ example <<-EXAMPLE
+ describe azure_event_hub_event_hub(resource_group: 'example', namespace_name: 'namespace-ns', event_hub_name: 'eventHubName') do
+ its(name) { should eq 'name'}
+ end
+ EXAMPLE
+
+ def initialize(opts = {})
+ # Options should be Hash type. Otherwise Ruby will raise an error when we try to access the keys.
+ raise ArgumentError, 'Parameters must be provided in an Hash object.' unless opts.is_a?(Hash)
+
+ opts[:required_parameters] = %i(namespace_name)
+ opts[:resource_path] = [opts[:namespace_name], 'eventhubs'].join('/')
+ opts[:resource_provider] = specific_resource_constraint('Microsoft.EventHub/namespaces', opts)
+ opts[:resource_identifiers] = %i(event_hub_name)
+
+ super(opts, true)
+ end
+
+ def to_s
+ super(AzureEventHubEventHub)
+ end
+end
+
+# Provide the same functionality under the old resource name.
+# This is for backward compatibility.
+class AzurermEventHubEventHub < AzureEventHubEventHub
+ name 'azurerm_event_hub_event_hub'
+ desc 'Verifies settings for Event Hub description'
+ example <<-EXAMPLE
+ describe azurerm_event_hub_event_hub(resource_group: 'example', namespace_name: 'namespace-ns', event_hub_name: 'eventHubName') do
+ its(name) { should eq 'name'}
+ end
+ EXAMPLE
+
+ def initialize(opts = {})
+ Inspec::Log.warn Helpers.resource_deprecation_message(@__resource_name__, AzureEventHubEventHub.name)
+ super
+ end
+end
diff --git a/libraries/azure_event_hub_namespace.rb b/libraries/azure_event_hub_namespace.rb
new file mode 100644
index 000000000..b9dd3b212
--- /dev/null
+++ b/libraries/azure_event_hub_namespace.rb
@@ -0,0 +1,42 @@
+require 'azure_generic_resource'
+
+class AzureEventHubNamespace < AzureGenericResource
+ name 'azure_event_hub_namespace'
+ desc 'Verifies settings for Event Hub Namespace'
+ example <<-EXAMPLE
+ describe azure_event_hub_namespace(resource_group: 'example', name: 'namespace-ns') do
+ its(name) { should eq 'name'}
+ end
+ EXAMPLE
+
+ def initialize(opts = {})
+ # Options should be Hash type. Otherwise Ruby will raise an error when we try to access the keys.
+ raise ArgumentError, 'Parameters must be provided in an Hash object.' unless opts.is_a?(Hash)
+
+ opts[:resource_provider] = specific_resource_constraint('Microsoft.EventHub/namespaces', opts)
+ opts[:resource_identifiers] = %i(namespace_name)
+
+ super(opts, true)
+ end
+
+ def to_s
+ super(AzureEventHubNamespace)
+ end
+end
+
+# Provide the same functionality under the old resource name.
+# This is for backward compatibility.
+class AzurermEventHubNamespace < AzureEventHubNamespace
+ name 'azurerm_event_hub_namespace'
+ desc 'Verifies settings for Event Hub Namespace'
+ example <<-EXAMPLE
+ describe azurerm_event_hub_namespace(resource_group: 'example', namespace_name: 'namespace-ns') do
+ its(name) { should eq 'name'}
+ end
+ EXAMPLE
+
+ def initialize(opts = {})
+ Inspec::Log.warn Helpers.resource_deprecation_message(@__resource_name__, AzureEventHubNamespace.name)
+ super
+ end
+end
diff --git a/libraries/azure_generic_resources.rb b/libraries/azure_generic_resources.rb
index 272aa79b1..529e812fe 100644
--- a/libraries/azure_generic_resources.rb
+++ b/libraries/azure_generic_resources.rb
@@ -34,6 +34,7 @@ def initialize(opts = {}, static_resource = false)
}.each_with_object({}) { |(k, v), acc| acc[k] = v unless v.nil? }
validate_parameters(**parameters_to_validate)
@display_name = @opts[:display_name] unless @opts[:display_name].nil?
+ get_resources(opts[:resource_path])
return
end
diff --git a/libraries/azure_graph_generic_resources.rb b/libraries/azure_graph_generic_resources.rb
index 006a9a884..44765912f 100644
--- a/libraries/azure_graph_generic_resources.rb
+++ b/libraries/azure_graph_generic_resources.rb
@@ -56,7 +56,13 @@ def initialize(opts = {}, static_resource = false)
raise ArgumentError, 'Either `:filter` or `:filter_free_text` should be provided.'
end
if @opts[:filter]
- query_parameters['$filter'] = Helpers.odata_query(@opts[:filter])
+ if @opts[:filter].is_a?(String)
+ # This is for backward compatibility.
+ # Same feature is supported via `filter_free_text` parameter as well.
+ query_parameters['$filter'] = @opts[:filter]
+ else
+ query_parameters['$filter'] = Helpers.odata_query(@opts[:filter])
+ end
end
# This will allow passing:
diff --git a/libraries/azure_hdinsight_cluster.rb b/libraries/azure_hdinsight_cluster.rb
new file mode 100644
index 000000000..3e5a70ce1
--- /dev/null
+++ b/libraries/azure_hdinsight_cluster.rb
@@ -0,0 +1,41 @@
+require 'azure_generic_resource'
+
+class AzureHdinsightCluster < AzureGenericResource
+ name 'azure_hdinsight_cluster'
+ desc 'Verifies settings for HDInsight Clusters'
+ example <<-EXAMPLE
+ describe azure_hdinsight_cluster(resource_group: 'example', name: 'name') do
+ its(name) { should eq 'name'}
+ end
+ EXAMPLE
+
+ def initialize(opts = {})
+ # Options should be Hash type. Otherwise Ruby will raise an error when we try to access the keys.
+ raise ArgumentError, 'Parameters must be provided in an Hash object.' unless opts.is_a?(Hash)
+
+ opts[:resource_provider] = specific_resource_constraint('Microsoft.HDInsight/clusters', opts)
+
+ super(opts, true)
+ end
+
+ def to_s
+ super(AzureHdinsightCluster)
+ end
+end
+
+# Provide the same functionality under the old resource name.
+# This is for backward compatibility.
+class AzurermHdinsightCluster < AzureHdinsightCluster
+ name 'azurerm_hdinsight_cluster'
+ desc 'Verifies settings for HDInsight Clusters'
+ example <<-EXAMPLE
+ describe azurerm_hdinsight_cluster(resource_group: 'example', name: 'name') do
+ its(name) { should eq 'name'}
+ end
+ EXAMPLE
+
+ def initialize(opts = {})
+ Inspec::Log.warn Helpers.resource_deprecation_message(@__resource_name__, AzureHdinsightCluster.name)
+ super
+ end
+end
diff --git a/libraries/azure_mysql_servers.rb b/libraries/azure_mysql_servers.rb
index 3edd4ff18..a0ee9ff85 100644
--- a/libraries/azure_mysql_servers.rb
+++ b/libraries/azure_mysql_servers.rb
@@ -65,14 +65,6 @@ def initialize(opts = {})
{ column: :properties, field: :properties },
]
- # Talk to Azure Rest API and gather resources data in @resources.
- # Paginate if necessary.
- # Use the `populate_table` method (if defined) for filling the @table with the desired resource attributes.
- get_resources
-
- # Check if the resource is failed.
- return if failed_resource?
-
# FilterTable is populated at the very end due to being an expensive operation.
AzureGenericResources.populate_filter_table(:table, table_schema)
end
diff --git a/libraries/azure_network_security_groups.rb b/libraries/azure_network_security_groups.rb
index 2bf31eefb..64576656b 100644
--- a/libraries/azure_network_security_groups.rb
+++ b/libraries/azure_network_security_groups.rb
@@ -63,14 +63,6 @@ def initialize(opts = {})
{ column: :locations, field: :location },
]
- # Talk to Azure Rest API and gather resources data in @resources.
- # Paginate if necessary.
- # Use the `populate_table` method (if defined) for filling the @table with the desired resource attributes.
- get_resources
-
- # Check if the resource is failed.
- return if failed_resource?
-
# FilterTable is populated at the very end due to being an expensive operation.
AzureGenericResources.populate_filter_table(:table, table_schema)
end
diff --git a/libraries/azure_public_ip.rb b/libraries/azure_public_ip.rb
new file mode 100644
index 000000000..b23201560
--- /dev/null
+++ b/libraries/azure_public_ip.rb
@@ -0,0 +1,41 @@
+require 'azure_generic_resource'
+
+class AzurePublicIp < AzureGenericResource
+ name 'azure_public_ip'
+ desc 'Verifies settings for public IP address'
+ example <<-EXAMPLE
+ describe azure_public_ip(resource_group: 'example', name: 'name') do
+ its(name) { should eq 'name'}
+ end
+ EXAMPLE
+
+ def initialize(opts = {})
+ # Options should be Hash type. Otherwise Ruby will raise an error when we try to access the keys.
+ raise ArgumentError, 'Parameters must be provided in an Hash object.' unless opts.is_a?(Hash)
+
+ opts[:resource_provider] = specific_resource_constraint('Microsoft.Network/publicIPAddresses', opts)
+
+ super(opts, true)
+ end
+
+ def to_s
+ super(AzurePublicIp)
+ end
+end
+
+# Provide the same functionality under the old resource name.
+# This is for backward compatibility.
+class AzurermPublicIp < AzurePublicIp
+ name 'azurerm_public_ip'
+ desc 'Verifies settings for public IP address'
+ example <<-EXAMPLE
+ describe azurerm_public_ip(resource_group: 'example', name: 'name') do
+ its(name) { should eq 'name'}
+ end
+ EXAMPLE
+
+ def initialize(opts = {})
+ Inspec::Log.warn Helpers.resource_deprecation_message(@__resource_name__, AzurePublicIp.name)
+ super
+ end
+end
diff --git a/libraries/azure_subnets.rb b/libraries/azure_subnets.rb
index 1160d22eb..81751ab3c 100644
--- a/libraries/azure_subnets.rb
+++ b/libraries/azure_subnets.rb
@@ -50,6 +50,7 @@ def initialize(opts = {})
opts[:display_name] = "Subnets for #{opts[:vnet]} Virtual Network"
opts[:resource_provider] = specific_resource_constraint('Microsoft.Network/virtualNetworks', opts)
+ opts[:resource_path] = [opts[:vnet], 'subnets'].join('/')
# static_resource parameter must be true for setting the scene in the backend.
super(opts, true)
@@ -67,18 +68,6 @@ def initialize(opts = {})
{ column: :ids, field: :id },
]
- # Construct and provide the `resource_path`.
- resource_path = "#{@opts[:vnet]}/subnets"
- # All of the following tasks will be done via `get_resource` method:
- # - Talk to Azure Rest API and gather resources data in @resources.
- # - Paginate if necessary.
- # - Use the `populate_table` method for filling the @table with the desired resource attributes according to the
- # table_schema layout.
- get_resources(resource_path)
-
- # Check if the resource is failed.
- return if failed_resource?
-
# FilterTable is populated at the very end due to being an expensive operation.
AzureGenericResources.populate_filter_table(:table, table_schema)
end
diff --git a/libraries/azure_virtual_machines.rb b/libraries/azure_virtual_machines.rb
index 1eb968fbb..f894de0be 100644
--- a/libraries/azure_virtual_machines.rb
+++ b/libraries/azure_virtual_machines.rb
@@ -65,14 +65,6 @@ def initialize(opts = {})
{ column: :tags, field: :tags },
]
- # Before calling the `get_resources` method, a private `populate_table` method has to be defined.
- #
- # Talk to Azure Rest API and gather resources data in @resources.
- # Paginate if necessary.
- # Use the `populate_table` method for filling the @table with the desired resource attributes according to the
- # `table_schema` layout.
- get_resources
-
# FilterTable is populated at the very end due to being an expensive operation.
AzureGenericResources.populate_filter_table(:table, table_schema)
end
diff --git a/libraries/azurerm_aks_cluster.rb b/libraries/azurerm_aks_cluster.rb
deleted file mode 100644
index 7b02ba5ff..000000000
--- a/libraries/azurerm_aks_cluster.rb
+++ /dev/null
@@ -1,38 +0,0 @@
-# frozen_string_literal: true
-
-require 'azurerm_resource'
-
-class AzurermAksCluster < AzurermSingularResource
- name 'azurerm_aks_cluster'
- desc 'Verifies settings for AKS Clusters'
- example <<-EXAMPLE
- describe azurerm_aks_cluster(resource_group: 'example', name: 'name') do
- its(name) { should eq 'name'}
- end
- EXAMPLE
-
- ATTRS = %i(
- name
- id
- etag
- type
- location
- tags
- properties
- ).freeze
-
- attr_reader(*ATTRS)
-
- def initialize(resource_group: nil, name: nil)
- resp = management.aks_cluster(resource_group, name)
- return if has_error?(resp)
-
- assign_fields(ATTRS, resp)
-
- @exists = true
- end
-
- def to_s
- "'#{name}' AKS Cluster"
- end
-end
diff --git a/libraries/azurerm_aks_clusters.rb b/libraries/azurerm_aks_clusters.rb
deleted file mode 100644
index c296b651a..000000000
--- a/libraries/azurerm_aks_clusters.rb
+++ /dev/null
@@ -1,32 +0,0 @@
-# frozen_string_literal: true
-
-require 'azurerm_resource'
-
-class AzurermAksClusters < AzurermPluralResource
- name 'azurerm_aks_clusters'
- desc 'Verifies settings for AKS Clusters'
- example <<-EXAMPLE
- azurerm_aks_clusters(resource_group: 'example') do
- it{ should exist }
- end
- EXAMPLE
-
- attr_reader :table
-
- FilterTable.create
- .register_column(:names, field: 'name')
- .install_filter_methods_on_resource(self, :table)
-
- def initialize(resource_group: nil)
- resp = management.aks_clusters(resource_group)
- return if has_error?(resp)
-
- @table = resp
- end
-
- include Azure::Deprecations::StringsInWhereClause
-
- def to_s
- 'AKS Clusters'
- end
-end
diff --git a/libraries/azurerm_api_management.rb b/libraries/azurerm_api_management.rb
deleted file mode 100644
index f05ef5ca2..000000000
--- a/libraries/azurerm_api_management.rb
+++ /dev/null
@@ -1,39 +0,0 @@
-# frozen_string_literal: true
-
-require 'azurerm_resource'
-
-class AzurermApiManagement < AzurermSingularResource
- name 'azurerm_api_management'
- desc 'Verifies settings for an Azure Api Management Service'
- example <<-EXAMPLE
- describe azurerm_api_management(resource_group: 'rg-1', api_management_name: 'apim01') do
- it { should exist }
- end
- EXAMPLE
-
- ATTRS = %i(
- id
- name
- location
- type
- properties
- tags
- ).freeze
-
- attr_reader(*ATTRS)
-
- def initialize(resource_group: nil, api_management_name: nil)
- api_management = management.api_management(resource_group, api_management_name)
- return if has_error?(api_management)
-
- assign_fields(ATTRS, api_management)
-
- @resource_group = resource_group
- @api_management_name = api_management_name
- @exists = true
- end
-
- def to_s
- "Azure Api Management Service: '#{name}'"
- end
-end
diff --git a/libraries/azurerm_api_managements.rb b/libraries/azurerm_api_managements.rb
deleted file mode 100644
index 36b9e21c9..000000000
--- a/libraries/azurerm_api_managements.rb
+++ /dev/null
@@ -1,36 +0,0 @@
-# frozen_string_literal: true
-
-require 'azurerm_resource'
-require 'json'
-
-class AzurermApiManagements < AzurermPluralResource
- name 'azurerm_api_managements'
- desc 'Verifies settings for a collection of Azure Api Management Services'
- example <<-EXAMPLE
- describe azurerm_api_managements do
- it { should exist }
- end
- EXAMPLE
-
- attr_reader :table
-
- FilterTable.create
- .register_column(:ids, field: :id)
- .register_column(:names, field: :name)
- .register_column(:locations, field: :location)
- .register_column(:properties, field: :properties)
- .register_column(:tags, field: :tags)
- .register_column(:types, field: :type)
- .install_filter_methods_on_resource(self, :table)
-
- def initialize(resource_group: nil)
- api_managements = management.api_managements(resource_group)
- return if has_error?(api_managements)
-
- @table = api_managements
- end
-
- def to_s
- 'Azure Api Management Services'
- end
-end
diff --git a/libraries/azurerm_application_gateway.rb b/libraries/azurerm_application_gateway.rb
deleted file mode 100644
index c6797413b..000000000
--- a/libraries/azurerm_application_gateway.rb
+++ /dev/null
@@ -1,38 +0,0 @@
-# frozen_string_literal: true
-
-require 'azurerm_resource'
-
-class AzurermApplicationGateway < AzurermSingularResource
- name 'azurerm_application_gateway'
- desc 'Verifies settings for an Azure Application Gateway'
- example <<-EXAMPLE
- describe azurerm_application_gateway(resource_group: 'rg-1', application_gateway_name: 'lb-1') do
- it { should exist }
- end
- EXAMPLE
-
- ATTRS = %i(
- id
- name
- location
- type
- properties
- ).freeze
-
- attr_reader(*ATTRS)
-
- def initialize(resource_group: nil, application_gateway_name: nil)
- application_gateway = management.application_gateway(resource_group, application_gateway_name)
- return if has_error?(application_gateway)
-
- assign_fields(ATTRS, application_gateway)
-
- @resource_group = resource_group
- @application_gateway_name = application_gateway_name
- @exists = true
- end
-
- def to_s
- "Azure Application Gateway: '#{name}'"
- end
-end
diff --git a/libraries/azurerm_application_gateways.rb b/libraries/azurerm_application_gateways.rb
deleted file mode 100644
index 69a4a6cd2..000000000
--- a/libraries/azurerm_application_gateways.rb
+++ /dev/null
@@ -1,35 +0,0 @@
-# frozen_string_literal: true
-
-require 'azurerm_resource'
-require 'json'
-
-class AzurermApplicationGateways < AzurermPluralResource
- name 'azurerm_application_gateways'
- desc 'Verifies settings for a collection of Azure Application Gateways'
- example <<-EXAMPLE
- describe azurerm_application_gateways do
- it { should exist }
- end
- EXAMPLE
-
- attr_reader :table
-
- FilterTable.create
- .register_column(:ids, field: :id)
- .register_column(:names, field: :name)
- .register_column(:locations, field: :location)
- .register_column(:properties, field: :properties)
- .register_column(:types, field: :type)
- .install_filter_methods_on_resource(self, :table)
-
- def initialize(resource_group: nil)
- application_gateways = management.application_gateways(resource_group)
- return if has_error?(application_gateways)
-
- @table = application_gateways
- end
-
- def to_s
- 'Azure Application Gateways'
- end
-end
diff --git a/libraries/azurerm_cosmosdb_database_account.rb b/libraries/azurerm_cosmosdb_database_account.rb
deleted file mode 100644
index 88944626f..000000000
--- a/libraries/azurerm_cosmosdb_database_account.rb
+++ /dev/null
@@ -1,39 +0,0 @@
-# frozen_string_literal: true
-
-require 'azurerm_resource'
-
-class AzurermCosmoDbDatabaseAccount < AzurermSingularResource
- name 'azurerm_cosmosdb_database_account'
- desc 'Verifies settings for CosmosDb Database Account'
- example <<-EXAMPLE
- describe azurerm__cosmosdb_database_account(resource_group: 'example', cosmosdb_database_account: 'my-cosmos-db-account') do
- its('name') { should eq 'my-cosmos-db-account'}
- end
- EXAMPLE
-
- ATTRS = %i(
- id
- name
- location
- type
- kind
- tags
- properties
- ).freeze
-
- attr_reader(*ATTRS)
-
- def initialize(resource_group: nil, cosmosdb_database_account: nil)
- resp = management.cosmosdb_database_account(resource_group, cosmosdb_database_account)
-
- return if has_error?(resp)
-
- assign_fields(ATTRS, resp)
-
- @exists = true
- end
-
- def to_s
- "'#{name}' CosmosDb Database Account"
- end
-end
diff --git a/libraries/azurerm_event_hub_authorization_rule.rb b/libraries/azurerm_event_hub_authorization_rule.rb
deleted file mode 100644
index 11639e335..000000000
--- a/libraries/azurerm_event_hub_authorization_rule.rb
+++ /dev/null
@@ -1,35 +0,0 @@
-# frozen_string_literal: true
-
-require 'azurerm_resource'
-
-class AzurermEventHubAuthorizationRule < AzurermSingularResource
- name 'azurerm_event_hub_authorization_rule'
- desc 'Verifies settings for Event Hub Authorization Rule'
- example <<-EXAMPLE
- describe azurerm_event_hub_authorization_rule(resource_group: 'example', namespace_name: 'namespace-ns', event_hub_endpoint: 'eventhub', authorization_rule_name: 'auth-rule'") do
- its(name) { should eq 'name'}
- end
- EXAMPLE
-
- ATTRS = %i(
- name
- id
- type
- properties
- ).freeze
-
- attr_reader(*ATTRS)
-
- def initialize(resource_group: nil, namespace_name: nil, event_hub_endpoint: nil, authorization_rule: nil)
- resp = management.event_hub_authorization_rule(resource_group, namespace_name, event_hub_endpoint, authorization_rule)
- return if has_error?(resp)
-
- assign_fields(ATTRS, resp)
-
- @exists = true
- end
-
- def to_s
- "'#{name}' Event Hub Authorization Rule"
- end
-end
diff --git a/libraries/azurerm_event_hub_event_hub.rb b/libraries/azurerm_event_hub_event_hub.rb
deleted file mode 100644
index 26e0e0d5b..000000000
--- a/libraries/azurerm_event_hub_event_hub.rb
+++ /dev/null
@@ -1,35 +0,0 @@
-# frozen_string_literal: true
-
-require 'azurerm_resource'
-
-class AzurermEventHubEventHub < AzurermSingularResource
- name 'azurerm_event_hub_event_hub'
- desc 'Verifies settings for Event Hub Event Hub'
- example <<-EXAMPLE
- describe azurerm_event_hub_event_hub(resource_group: 'example', namespace_name: 'namespace-ns', event_hub_name: 'eventHubName') do
- its(name) { should eq 'name'}
- end
- EXAMPLE
-
- ATTRS = %i(
- name
- id
- type
- properties
- ).freeze
-
- attr_reader(*ATTRS)
-
- def initialize(resource_group: nil, namespace_name: nil, event_hub_name: nil)
- resp = management.event_hub_event_hub(resource_group, namespace_name, event_hub_name)
- return if has_error?(resp)
-
- assign_fields(ATTRS, resp)
-
- @exists = true
- end
-
- def to_s
- "'#{name}' Event Hub Event Hub"
- end
-end
diff --git a/libraries/azurerm_event_hub_namespace.rb b/libraries/azurerm_event_hub_namespace.rb
deleted file mode 100644
index 8235a1b7f..000000000
--- a/libraries/azurerm_event_hub_namespace.rb
+++ /dev/null
@@ -1,38 +0,0 @@
-# frozen_string_literal: true
-
-require 'azurerm_resource'
-
-class AzurermEventHubNamespace < AzurermSingularResource
- name 'azurerm_event_hub_namespace'
- desc 'Verifies settings for Event Hub Namespace'
- example <<-EXAMPLE
- describe azurerm_event_hub_namespace(resource_group: 'example', namespace_name: 'namespace-ns') do
- its(name) { should eq 'name'}
- end
- EXAMPLE
-
- ATTRS = %i(
- name
- sku
- id
- type
- location
- properties
- tags
- ).freeze
-
- attr_reader(*ATTRS)
-
- def initialize(resource_group: nil, namespace_name: nil)
- resp = management.event_hub_namespace(resource_group, namespace_name)
- return if has_error?(resp)
-
- assign_fields(ATTRS, resp)
-
- @exists = true
- end
-
- def to_s
- "'#{name}' Event Hub Namespace"
- end
-end
diff --git a/libraries/azurerm_hdinsight_cluster.rb b/libraries/azurerm_hdinsight_cluster.rb
deleted file mode 100644
index 92c74b92c..000000000
--- a/libraries/azurerm_hdinsight_cluster.rb
+++ /dev/null
@@ -1,38 +0,0 @@
-# frozen_string_literal: true
-
-require 'azurerm_resource'
-
-class AzurermHdinsightCluster < AzurermSingularResource
- name 'azurerm_hdinsight_cluster'
- desc 'Verifies settings for HDInsight Clusters'
- example <<-EXAMPLE
- describe azurerm_hdinsight_cluster(resource_group: 'example', name: 'name') do
- its(name) { should eq 'name'}
- end
- EXAMPLE
-
- ATTRS = %i(
- name
- id
- etag
- type
- location
- tags
- properties
- ).freeze
-
- attr_reader(*ATTRS)
-
- def initialize(resource_group: nil, name: nil)
- resp = management.hdinsight_cluster(resource_group, name)
- return if has_error?(resp)
-
- assign_fields(ATTRS, resp)
-
- @exists = true
- end
-
- def to_s
- "'#{name}' HDInsight Cluster"
- end
-end
diff --git a/libraries/azurerm_public_ip.rb b/libraries/azurerm_public_ip.rb
deleted file mode 100644
index bb3ac7ad5..000000000
--- a/libraries/azurerm_public_ip.rb
+++ /dev/null
@@ -1,38 +0,0 @@
-# frozen_string_literal: true
-
-require 'azurerm_resource'
-
-class AzurermPublicIp < AzurermSingularResource
- name 'azurerm_public_ip'
- desc 'Verifies settings for public IP address'
- example <<-EXAMPLE
- describe azurerm_public_ip(resource_group: 'example', name: 'name') do
- its(name) { should eq 'name'}
- end
- EXAMPLE
-
- ATTRS = %i(
- name
- id
- etag
- type
- location
- tags
- properties
- ).freeze
-
- attr_reader(*ATTRS)
-
- def initialize(resource_group: nil, name: nil)
- resp = management.public_ip(resource_group, name)
- return if has_error?(resp)
-
- assign_fields(ATTRS, resp)
-
- @exists = true
- end
-
- def to_s
- "'#{name}' Public IP address"
- end
-end
diff --git a/test/integration/verify/controls/azurerm_ad_users.rb b/test/integration/verify/controls/azurerm_ad_users.rb
index dfcda5b46..8fa411be4 100644
--- a/test/integration/verify/controls/azurerm_ad_users.rb
+++ b/test/integration/verify/controls/azurerm_ad_users.rb
@@ -9,4 +9,8 @@
its('mails') { should_not be_empty }
its('guest_accounts.size') { should cmp guest_accounts }
end
+
+ describe azurerm_ad_users(filter: "userType eq 'Guest'") do
+ its('guest_accounts.size') { should cmp guest_accounts }
+ end
end
diff --git a/test/integration/verify/controls/azurerm_aks_cluster.rb b/test/integration/verify/controls/azurerm_aks_cluster.rb
index 53e51a604..57e0092f7 100644
--- a/test/integration/verify/controls/azurerm_aks_cluster.rb
+++ b/test/integration/verify/controls/azurerm_aks_cluster.rb
@@ -2,7 +2,7 @@
cluster_fqdn = input('cluster_fqdn', value: nil)
control 'azurerm_aks_cluster' do
- describe azurerm_aks_cluster(resource_group: resource_group, name: 'inspecakstest') do
+ describe azurerm_aks_cluster(resource_group: resource_group, name: 'inspecakstest', api_version: '2018-03-31') do
it { should exist }
its('name') { should cmp 'inspecakstest' }
its('type') { should cmp 'Microsoft.ContainerService/managedClusters' }
diff --git a/test/integration/verify/controls/azurerm_aks_clusters.rb b/test/integration/verify/controls/azurerm_aks_clusters.rb
index a6ac661ca..1242d8f8b 100644
--- a/test/integration/verify/controls/azurerm_aks_clusters.rb
+++ b/test/integration/verify/controls/azurerm_aks_clusters.rb
@@ -1,7 +1,7 @@
resource_group = input('resource_group', value: nil)
control 'azurerm_aks_clusters' do
- describe azurerm_aks_clusters(resource_group: resource_group) do
+ describe azurerm_aks_clusters(resource_group: resource_group, api_version: '2018-03-31') do
it { should exist }
its('names') { should be_an(Array) }
end
diff --git a/test/integration/verify/controls/azurerm_event_hub_authorization_rule.rb b/test/integration/verify/controls/azurerm_event_hub_authorization_rule.rb
index c26a02a8b..69f55f24a 100644
--- a/test/integration/verify/controls/azurerm_event_hub_authorization_rule.rb
+++ b/test/integration/verify/controls/azurerm_event_hub_authorization_rule.rb
@@ -11,7 +11,7 @@
its('type') { should eq 'Microsoft.EventHub/Namespaces/EventHubs/AuthorizationRules' }
end
- describe azurerm_event_hub_authorization_rule(resource_group: resource_group, namespace_name: 'fake-ns', event_hub_endpoint: 'fake-event-hub') do
+ describe azurerm_event_hub_authorization_rule(resource_group: resource_group, namespace_name: event_hub_namespace_name, event_hub_endpoint: event_hub_endpoint, authorization_rule: 'fake') do
it { should_not exist }
end
end
diff --git a/test/integration/verify/controls/azurerm_event_hub_event_hub.rb b/test/integration/verify/controls/azurerm_event_hub_event_hub.rb
index 577e47907..4212dd721 100644
--- a/test/integration/verify/controls/azurerm_event_hub_event_hub.rb
+++ b/test/integration/verify/controls/azurerm_event_hub_event_hub.rb
@@ -10,7 +10,7 @@
its('type') { should eq 'Microsoft.EventHub/Namespaces/EventHubs' }
end
- describe azurerm_event_hub_event_hub(resource_group: resource_group, namespace_name: 'fake-ns', event_hub_name: 'fake-event-hub') do
+ describe azurerm_event_hub_event_hub(resource_group: resource_group, namespace_name: event_hub_namespace_name, event_hub_name: 'fake-event-hub') do
it { should_not exist }
end
end
diff --git a/test/unit/resources/azure_aks_cluster_test.rb b/test/unit/resources/azure_aks_cluster_test.rb
new file mode 100644
index 000000000..f8f460598
--- /dev/null
+++ b/test/unit/resources/azure_aks_cluster_test.rb
@@ -0,0 +1,17 @@
+require_relative 'helper'
+require 'azure_aks_cluster'
+
+class AzureAksClusterConstructorTest < Minitest::Test
+ def test_empty_param_not_ok
+ assert_raises(ArgumentError) { AzureAksCluster.new }
+ end
+
+ # resource_provider should not be allowed.
+ def test_resource_provider_not_ok
+ assert_raises(ArgumentError) { AzureAksCluster.new(resource_provider: 'some_type') }
+ end
+
+ def test_resource_group
+ assert_raises(ArgumentError) { AzureAksCluster.new(name: 'my-name') }
+ end
+end
diff --git a/test/unit/resources/azure_aks_clusters_test.rb b/test/unit/resources/azure_aks_clusters_test.rb
new file mode 100644
index 000000000..29d895281
--- /dev/null
+++ b/test/unit/resources/azure_aks_clusters_test.rb
@@ -0,0 +1,25 @@
+require_relative 'helper'
+require 'azure_aks_clusters'
+
+class AzureAksClustersConstructorTest < Minitest::Test
+ # resource_type should not be allowed.
+ def test_resource_type_not_ok
+ assert_raises(ArgumentError) { AzureAksClusters.new(resource_provider: 'some_type') }
+ end
+
+ def tag_value_not_ok
+ assert_raises(ArgumentError) { AzureAksClusters.new(tag_value: 'some_tag_value') }
+ end
+
+ def tag_name_not_ok
+ assert_raises(ArgumentError) { AzureAksClusters.new(tag_name: 'some_tag_name') }
+ end
+
+ def test_resource_id_not_ok
+ assert_raises(ArgumentError) { AzureAksClusters.new(resource_id: 'some_id') }
+ end
+
+ def test_name_not_ok
+ assert_raises(ArgumentError) { AzureAksClusters.new(name: 'some_name') }
+ end
+end
diff --git a/test/unit/resources/azure_api_management_test.rb b/test/unit/resources/azure_api_management_test.rb
new file mode 100644
index 000000000..7a2091f0d
--- /dev/null
+++ b/test/unit/resources/azure_api_management_test.rb
@@ -0,0 +1,17 @@
+require_relative 'helper'
+require 'azure_api_management'
+
+class AzureApiManagementConstructorTest < Minitest::Test
+ def test_empty_param_not_ok
+ assert_raises(ArgumentError) { AzureApiManagement.new }
+ end
+
+ # resource_provider should not be allowed.
+ def test_resource_provider_not_ok
+ assert_raises(ArgumentError) { AzureApiManagement.new(resource_provider: 'some_type') }
+ end
+
+ def test_resource_group
+ assert_raises(ArgumentError) { AzureApiManagement.new(name: 'my-name') }
+ end
+end
diff --git a/test/unit/resources/azure_api_managements_test.rb b/test/unit/resources/azure_api_managements_test.rb
new file mode 100644
index 000000000..bd369f18b
--- /dev/null
+++ b/test/unit/resources/azure_api_managements_test.rb
@@ -0,0 +1,25 @@
+require_relative 'helper'
+require 'azure_api_managements'
+
+class AzureApiManagementsConstructorTest < Minitest::Test
+ # resource_type should not be allowed.
+ def test_resource_type_not_ok
+ assert_raises(ArgumentError) { AzureApiManagements.new(resource_provider: 'some_type') }
+ end
+
+ def tag_value_not_ok
+ assert_raises(ArgumentError) { AzureApiManagements.new(tag_value: 'some_tag_value') }
+ end
+
+ def tag_name_not_ok
+ assert_raises(ArgumentError) { AzureApiManagements.new(tag_name: 'some_tag_name') }
+ end
+
+ def test_resource_id_not_ok
+ assert_raises(ArgumentError) { AzureApiManagements.new(resource_id: 'some_id') }
+ end
+
+ def test_name_not_ok
+ assert_raises(ArgumentError) { AzureApiManagements.new(name: 'some_name') }
+ end
+end
diff --git a/test/unit/resources/azure_application_gateway_test.rb b/test/unit/resources/azure_application_gateway_test.rb
new file mode 100644
index 000000000..489b662af
--- /dev/null
+++ b/test/unit/resources/azure_application_gateway_test.rb
@@ -0,0 +1,17 @@
+require_relative 'helper'
+require 'azure_application_gateway'
+
+class AzureApplicationGatewayConstructorTest < Minitest::Test
+ def test_empty_param_not_ok
+ assert_raises(ArgumentError) { AzureApplicationGateway.new }
+ end
+
+ # resource_provider should not be allowed.
+ def test_resource_provider_not_ok
+ assert_raises(ArgumentError) { AzureApplicationGateway.new(resource_provider: 'some_type') }
+ end
+
+ def test_resource_group
+ assert_raises(ArgumentError) { AzureApplicationGateway.new(name: 'my-name') }
+ end
+end
diff --git a/test/unit/resources/azure_application_gateways_test.rb b/test/unit/resources/azure_application_gateways_test.rb
new file mode 100644
index 000000000..de1e94ae8
--- /dev/null
+++ b/test/unit/resources/azure_application_gateways_test.rb
@@ -0,0 +1,25 @@
+require_relative 'helper'
+require 'azure_application_gateways'
+
+class AzureApplicationGatewaysConstructorTest < Minitest::Test
+ # resource_type should not be allowed.
+ def test_resource_type_not_ok
+ assert_raises(ArgumentError) { AzureApplicationGateways.new(resource_provider: 'some_type') }
+ end
+
+ def tag_value_not_ok
+ assert_raises(ArgumentError) { AzureApplicationGateways.new(tag_value: 'some_tag_value') }
+ end
+
+ def tag_name_not_ok
+ assert_raises(ArgumentError) { AzureApplicationGateways.new(tag_name: 'some_tag_name') }
+ end
+
+ def test_resource_id_not_ok
+ assert_raises(ArgumentError) { AzureApplicationGateways.new(resource_id: 'some_id') }
+ end
+
+ def test_name_not_ok
+ assert_raises(ArgumentError) { AzureApplicationGateways.new(name: 'some_name') }
+ end
+end
diff --git a/test/unit/resources/azure_cosmosdb_database_account_test.rb b/test/unit/resources/azure_cosmosdb_database_account_test.rb
new file mode 100644
index 000000000..d463bec8a
--- /dev/null
+++ b/test/unit/resources/azure_cosmosdb_database_account_test.rb
@@ -0,0 +1,17 @@
+require_relative 'helper'
+require 'azure_cosmosdb_database_account'
+
+class AzureCosmosDbDatabaseAccountConstructorTest < Minitest::Test
+ def test_empty_param_not_ok
+ assert_raises(ArgumentError) { AzureCosmosDbDatabaseAccount.new }
+ end
+
+ # resource_provider should not be allowed.
+ def test_resource_provider_not_ok
+ assert_raises(ArgumentError) { AzureCosmosDbDatabaseAccount.new(resource_provider: 'some_type') }
+ end
+
+ def test_resource_group
+ assert_raises(ArgumentError) { AzureCosmosDbDatabaseAccount.new(name: 'my-name') }
+ end
+end
diff --git a/test/unit/resources/azure_event_hub_authorization_rule_test.rb b/test/unit/resources/azure_event_hub_authorization_rule_test.rb
new file mode 100644
index 000000000..eede65657
--- /dev/null
+++ b/test/unit/resources/azure_event_hub_authorization_rule_test.rb
@@ -0,0 +1,17 @@
+require_relative 'helper'
+require 'azure_event_hub_authorization_rule'
+
+class AzureEventHubAuthorizationRuleConstructorTest < Minitest::Test
+ def test_empty_param_not_ok
+ assert_raises(ArgumentError) { AzureEventHubAuthorizationRule.new }
+ end
+
+ # resource_provider should not be allowed.
+ def test_resource_provider_not_ok
+ assert_raises(ArgumentError) { AzureEventHubAuthorizationRule.new(resource_provider: 'some_type') }
+ end
+
+ def test_resource_group
+ assert_raises(ArgumentError) { AzureEventHubAuthorizationRule.new(name: 'my-name') }
+ end
+end
diff --git a/test/unit/resources/azure_event_hub_event_hub_test.rb b/test/unit/resources/azure_event_hub_event_hub_test.rb
new file mode 100644
index 000000000..98dc2ddca
--- /dev/null
+++ b/test/unit/resources/azure_event_hub_event_hub_test.rb
@@ -0,0 +1,17 @@
+require_relative 'helper'
+require 'azure_event_hub_event_hub'
+
+class AzureEventHubEventHubConstructorTest < Minitest::Test
+ def test_empty_param_not_ok
+ assert_raises(ArgumentError) { AzureEventHubEventHub.new }
+ end
+
+ # resource_provider should not be allowed.
+ def test_resource_provider_not_ok
+ assert_raises(ArgumentError) { AzureEventHubEventHub.new(resource_provider: 'some_type') }
+ end
+
+ def test_resource_group
+ assert_raises(ArgumentError) { AzureEventHubEventHub.new(name: 'my-name') }
+ end
+end
diff --git a/test/unit/resources/azure_event_hub_namespace_test.rb b/test/unit/resources/azure_event_hub_namespace_test.rb
new file mode 100644
index 000000000..15b53073a
--- /dev/null
+++ b/test/unit/resources/azure_event_hub_namespace_test.rb
@@ -0,0 +1,17 @@
+require_relative 'helper'
+require 'azure_event_hub_namespace'
+
+class AzureEventHubNamespaceConstructorTest < Minitest::Test
+ def test_empty_param_not_ok
+ assert_raises(ArgumentError) { AzureEventHubNamespace.new }
+ end
+
+ # resource_provider should not be allowed.
+ def test_resource_provider_not_ok
+ assert_raises(ArgumentError) { AzureEventHubNamespace.new(resource_provider: 'some_type') }
+ end
+
+ def test_resource_group
+ assert_raises(ArgumentError) { AzureEventHubNamespace.new(name: 'my-name') }
+ end
+end
diff --git a/test/unit/resources/azure_graph_generic_resources_test.rb b/test/unit/resources/azure_graph_generic_resources_test.rb
index 893d7afe7..fd9d15834 100644
--- a/test/unit/resources/azure_graph_generic_resources_test.rb
+++ b/test/unit/resources/azure_graph_generic_resources_test.rb
@@ -21,10 +21,4 @@ def test_filter_filter_free_text_together_not_allowed
filter: { name: 'some_id' }, filter_free_text: %w{some_filter})
end
end
-
- def test_filter_is_hash
- assert_raises(ArgumentError) do
- AzureGraphGenericResources.new(resource: 'users', filter: 'some_filter')
- end
- end
end
diff --git a/test/unit/resources/azure_hdinsight_cluster_test.rb b/test/unit/resources/azure_hdinsight_cluster_test.rb
new file mode 100644
index 000000000..5a80e8b60
--- /dev/null
+++ b/test/unit/resources/azure_hdinsight_cluster_test.rb
@@ -0,0 +1,17 @@
+require_relative 'helper'
+require 'azure_hdinsight_cluster'
+
+class AzureHdinsightClusterConstructorTest < Minitest::Test
+ def test_empty_param_not_ok
+ assert_raises(ArgumentError) { AzureHdinsightCluster.new }
+ end
+
+ # resource_provider should not be allowed.
+ def test_resource_provider_not_ok
+ assert_raises(ArgumentError) { AzureHdinsightCluster.new(resource_provider: 'some_type') }
+ end
+
+ def test_resource_group
+ assert_raises(ArgumentError) { AzureHdinsightCluster.new(name: 'my-name') }
+ end
+end
diff --git a/test/unit/resources/azure_public_ip_test.rb b/test/unit/resources/azure_public_ip_test.rb
new file mode 100644
index 000000000..c3d45e775
--- /dev/null
+++ b/test/unit/resources/azure_public_ip_test.rb
@@ -0,0 +1,17 @@
+require_relative 'helper'
+require 'azure_public_ip'
+
+class AzurePublicIpConstructorTest < Minitest::Test
+ def test_empty_param_not_ok
+ assert_raises(ArgumentError) { AzurePublicIp.new }
+ end
+
+ # resource_provider should not be allowed.
+ def test_resource_provider_not_ok
+ assert_raises(ArgumentError) { AzurePublicIp.new(resource_provider: 'some_type') }
+ end
+
+ def test_resource_group
+ assert_raises(ArgumentError) { AzurePublicIp.new(name: 'my-name') }
+ end
+end