| title | platform |
|---|---|
About the azurerm_virtual_machines Resource |
azure |
WARNING This resource will be deprecated in InSpec Azure Resource Pack version 2. Please start using fully backward compatible
azure_virtual_machinesInSpec audit resource.
Use the azurerm_virtual_machines InSpec audit resource to test properties related to
virtual machines for a resource group.
This resource interacts with version 2017-12-01 of the Azure
Management API. For more information see the official Azure documentation.
At the moment, there doesn't appear to be a way to select the version of the Azure API docs. If you notice a newer version being referenced in the official documentation please open an issue or submit a pull request using the updated version.
This resource is available in the inspec-azure resource
pack. To use it, add the
following to your inspec.yml in your top-level profile:
depends:
- name: inspec-azure
git: https://github.com/inspec/inspec-azure.git
You'll also need to setup your Azure credentials; see the resource pack README.
This resource first became available in 1.0.0 of the inspec-azure resource pack.
The resource_group must be given as a parameter.
describe azurerm_virtual_machines(resource_group: 'MyResourceGroup') do
...
end
# Exists if any virtual machines exist in the resource group
describe azurerm_virtual_machines(resource_group: 'MyResourceGroup') do
it { should exist }
end
# Filters based on platform
describe azurerm_virtual_machines(resource_group: 'MyResourceGroup').where(platform: 'windows') do
it { should exist }
end
resource_group
describe azurerm_virtual_machines(resource_group: 'MyResourceGroup') do
...
end
platform,name,os_disk
Filters the results to only include those that match the given platform. Valid choices are
linux and windows.
# Insist that you have at least one windows virtual machine
describe azurerm_virtual_machines(resource_group: 'MyResourceGroup').where(platform: 'windows') do
it { should exist }
end
Filters the result to only those that match the given name.
# Insist that you have at least one virtual machine that starts with 'MyVm'
describe azurerm_virtual_machines(resource_group: 'MyResourceGroup').where { name.start_with?('WindowsVm') } do
it { should exist }
end
os_disksdata_disksvm_names
Gives a list of OS disk names for all the virtual machines in the resource group.
its('os_disks.sort') { should eq ['MyDisk1', 'MyDisk2'] }
Gives a list of data disks for all the virtual machines in the resource group.
its('data_disks.sort') { should eq [['MyDisk1'], ['MyDisk2']] }
Note that it returns an array of arrays. You may flatten them for testing:
its('data_disks.flatten.sort') { should eq ['MyDisk1', 'MyDisk2'] }
Gives a list of all the virtual machine names in the resource group.
its('vm_names') { should include('MyVm1', 'MyVm2') }
This InSpec audit resource has the following special matchers. For a full list of available matchers, please visit our Universal Matchers page.
# Should not exist if no virtual machines are in the resource group
describe azurerm_virtual_machines(resource_group: 'MyResourceGroup') do
it { should_not exist }
end
# Should exist if the filter returns a single virtual machine
describe azurerm_virtual_machines(resource_group: 'MyResourceGroup').where(platform: 'windows') do
it { should exist }
end
Your Service
Principal
must be setup with a contributor role on the subscription you wish to test.