Skip to content

Commit

Permalink
Merge pull request #420 from inspec/f/express_circuit_route
Browse files Browse the repository at this point in the history 
F/express circuit route
  • Loading branch information
@sa-progress
sa-progress authored Aug 24, 2021
2 parents 67c1c3e + 345c212 commit 9e2ff52
Show file tree
Hide file tree
Showing 12 changed files with 668 additions and 0 deletions.
2 changes: 2 additions & 0 deletions README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -136,6 +136,8 @@ The following is a list of static resources.
- [azure_event_hub_event_hub](docs/resources/azure_event_hub_event_hub.md)
- [azure_event_hub_namespace](docs/resources/azure_event_hub_namespace.md)
- [azure_express_route_providers](docs/resources/azure_express_route_providers.md)
- [azure_express_route_circuit](docs/resources/azure_express_route_circuit.md)
- [azure_express_route_circuits](docs/resources/azure_express_route_circuits.md)
- [azure_generic_resource](docs/resources/azure_generic_resource.md)
- [azure_generic_resources](docs/resources/azure_generic_resources.md)
- [azure_graph_generic_resource](docs/resources/azure_graph_generic_resource.md)
Expand Down
125 changes: 125 additions & 0 deletions docs/resources/azure_express_route_circuit.md
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,125 @@
---
title: About the azure_express_route_circuit Resource
platform: azure
---

# azure_express_route_circuit

Use the `azure_express_route_circuit` InSpec audit resource to test properties of an Azure ExpressRoute circuit resource.

## Azure REST API Version, Endpoint, and HTTP Client Parameters

This resource interacts with API versions supported by the resource provider.
The `api_version` can be defined as a resource parameter.
If not provided, the latest version will be used.
For more information, refer to [`azure_generic_resource`](azure_generic_resource.md).

Unless defined, `azure_cloud` global endpoint, and default values for the HTTP client will be used.
For more information, refer to the resource pack [README](../../README.md).

## Availability

### Installation

This resource is available in the [InSpec Azure resource pack](https://github.com/inspec/inspec-azure).
For an example `inspec.yml` file and how to set up your Azure credentials, refer to resource pack [README](../../README.md#Service-Principal).

## Syntax

This resource requires the `resource_group` and ExpressRoute circuit `circuit_name` parameters, or the `resource_id` parameter for a valid query.

```ruby
describe azure_express_route_circuit(resource_group: 'RESOURCE_GROUP', circuit_name: 'EXPRESS_CIRCUIT_NAME') do
it { should exist }
end
```

or

```ruby
describe azure_express_route_circuit(resource_id: 'RESOURCE_ID') do
it { should exist }
end
```

## Parameters

| Name | Description |
|--------------------------------|----------------------------------------------------------------------------------|
| resource_group | The Azure resource group that the targeted resource resides in. |
| circuit_name | The name of the ExpressRoute circuit. |
| resource_id | The resource ID of the ExpressRoute circuit. |

Provide the `resource_group` and `name` parameters, or the `resource_id` for a valid query.

## Properties

| Name | Description |
|--------------------------------|------------------------------------------------------------------------------------|
| resource_group | The name of the resource group that the ExpressRoute circuit resource resides in. |
| name | The name of the ExpressRoute circuit. |
| type | The ExpressRoute circuit type. |
| provisioning_state | The provisioning state of ExpressRoute circuit resource. |
| location | The location of the ExpressRoute circuit resource. |
| service_provider_properties_bandwidth_in_mbps | The bandwidth in Mbps of the circuit when the circuit is provisioned on an ExpressRoutePort resource. |
| service_provider_properties_peering_location | The ExpressRoute circuit resource service provider peering location. |
| service_provider_properties_name | The name of the ExpressRoute circuit service provider name. |
| service_provider_provisioning_state | The service provider provisioning state of the ExpressRoute circuit resource. Possible values are, `NotProvisioned`, `Provisioning`, `Provisioned`, and `Deprovisioning`. |
| service_key | The ServiceKey. |
| stag | The identifier of the circuit traffic. Outer tag for QinQ encapsulation. |
| global_reach_enabled | Flag denoting global reach status. `boolean` |
| allow_global_reach | Flag to enable Global Reach on the ExpressRoute circuit. `boolean` |
| gateway_manager_etag | The GatewayManager Etag. |
| allow_classic_operations | Whether "Allow Classic Operations" is set to `true` or `false`. |
| circuit_provisioning_state | The CircuitProvisioningState state of the resource. |
| sku_name | The name of the SKU. |
| sku_tier | The tier of the SKU. Possible values are `Basic`, `Local`, `Standard`, or `Premium`. |
| sku_family | The family of the SKU. Possible values are: `UnlimitedData` and `MeteredData`. |

Also, refer to [Azure documentation](https://docs.microsoft.com/en-us/rest/api/expressroute/express-route-circuits/get) for other properties available.
Any attribute in the response may be accessed with the key names separated by dots (`.`).

## Examples

### Test the an ExpressRoute circuit resource has the correct type

```ruby
describe azure_express_route_circuit(resource_group: 'RESOURCE_GROUP', circuit_name: 'EXPRESS_CIRCUIT_NAME') do
its('type') { should eq 'Microsoft.Network/expressRouteCircuits' }
end
```
### Test the an ExpressRoute circuit resource is in successful state

```ruby
describe azure_express_route_circuit(resource_group: 'RESOURCE_GROUP', circuit_name: 'EXPRESS_CIRCUIT_NAME') do
its('provisioning_state') { should eq 'Succeeded' }
end
```

### Test the location of an ExpressRoute circuit resource

```ruby
describe azure_express_route_circuit(resource_group: 'RESOURCE_GROUP', circuit_name: 'EXPRESS_CIRCUIT_NAME') do
its('location') { should eq 'RESOURCE_LOCATION' }
end
```
## Matchers

This InSpec audit resource has the following special matchers. For a full list of available matchers, please visit our [Universal Matchers page](/inspec/matchers/).
### exists

```ruby
# If a express circuit resource is found it will exist
describe azure_express_route_circuit(resource_group: 'MyResourceGroup', circuit_name: 'mycircuit_name') do
it { should exist }
end

# express circuit resources that aren't found will not exist
describe azure_express_route_circuit(resource_group: 'MyResourceGroup', circuit_name: 'DoesNotExist') do
it { should_not exist }
end
```

## Azure Permissions

Your [Service Principal](https://docs.microsoft.com/en-us/azure/azure-resource-manager/resource-group-create-service-principal-portal) must be setup with a `contributor` role on the subscription you wish to test.
106 changes: 106 additions & 0 deletions docs/resources/azure_express_route_circuits.md
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,106 @@
---
title: About the azure_express_route_circuits Resource
platform: azure
---

# azure_express_route_circuits

Use the `azure_express_route_circuits` InSpec audit resource to test properties of Azure ExpressRoute circuits for a resource group.

## Azure Rest API Version, Endpoint, And HTTP Client Parameters

This resource interacts with API versions supported by the resource provider.
The `api_version` can be defined as a resource parameter.
If not provided, the latest version will be used.
For more information, refer to [`azure_generic_resource`](azure_generic_resource.md).

Unless defined, `azure_cloud` global endpoint, and default values for the HTTP client will be used.
For more information, refer to the resource pack [README](../../README.md).

## Availability

### Installation

This resource is available in the [InSpec Azure resource pack](https://github.com/inspec/inspec-azure).
For an example `inspec.yml` file and how to set up your Azure credentials, refer to resource pack [README](../../README.md#Service-Principal).

Also, refer to [Azure documentation](https://docs.microsoft.com/en-us/rest/api/expressroute/express-route-circuits/list) for the available properties.
Any attribute in the response may be accessed with the key names separated by dots (`.`).

## Syntax

An `azure_express_route_circuits` resource block returns all Azure ExpressRoute circuits within a resource group.

```ruby
describe azure_express_route_circuits(resource_group: 'RESOURCE_GROUP') do
#...
end
```
## Parameters

|Property | Description |
|----------------|--------------------------------------------------------------------------------------|
| resource_group | The Azure resource group that the targeted resources reside in. |

## Properties

|Property | Description | Filter Criteria<superscript>*</superscript> |
|---------------|--------------------------------------------------------------------------------------|-----------------|
| names | A list of name the resource group in which to create the ExpressRoute circuit. | `name` |
| ids | A list of the ExpressRoute circuit IDs. | `id` |
| tags | A list of `tag:value` pairs of the ExpressRoute circuit resources. | `tags` |
| provisioning_states | The provisioning states of the ExpressRoute circuit resources. | `provisioning_state` |
| types | The types of all the ExpressRoute circuit resources. | `type` |
| locations | The locations of the ExpressRoute circuit resources. | `location` |
| service_provider_bandwidth_in_mbps | A list of the bandwidths in Mbps of the circuits when a circuit is provisioned on an ExpressRoutePort resource. | `service_provider_bandwidth_in_mbps` |
| service_provider_peering_locations | A list of The name of the peering location and not the Azure resource location. | `service_provider_peering_location` |
| service_provider_names | The name of the ExpressRoute Service Provider. | `service_provider_name` |
| service_keys | The ServiceKeys of the ExpressRoute circuit resources. | `service_key` |
| stags | The identifiers of the circuit traffic. Outer tag for QinQ encapsulation. | `stag` |
| global_reach_enabled | A list of The ExpressRoute circuit allowGlobalReachEnable | `global_reach_enabled` |
| gateway_manager_etags | A list of The GatewayManager Etags in the ExpressRoute circuit resources. | `gateway_manager_etag` |
| allow_classic_operations | A list of indicating whether "Allow Classic Operations" in the ExpressRoute circuit resources is set to `true` or `false`. | `allow_classic_operation`|
| circuit_provisioning_states | A list of State of express circuitHostName creation. Valid values are: `Enabled` or `Disabled`. | `circuit_provisioning_state` |
| sku_names | A list of the SKU names of the ExpressRoute circuits. | `sku_name` |
| sku_tiers | A list of the SKU tiers of the ExpressRoute circuits. Possible values are `Basic`, `Local`, `Standard`, or `Premium`. | `sku_tier` |
| sku_family | A list of the SKU families of the ExpressRoute circuits. Possible values are: `UnlimitedData` and `MeteredData`. | `sku_family` |

<superscript>*</superscript> For information on how to use filter criteria on plural resources refer to [FilterTable usage](https://github.com/inspec/inspec/blob/master/dev-docs/filtertable-usage.md).

## Examples

### Ensure that an ExpressRoute circuit has a `Succeeded` provisioning state

```ruby
describe azure_express_route_circuits(resource_group: 'RESOURCE_GROUP') do
its('provisioning_states') { should include 'Succeeded' }
end
```

### Test than an ExpressRoute circuit has a specific location

```ruby
describe azure_express_route_circuits(resource_group: 'RESOURCE_GROUP') do
its('location') { should include 'EXPRESS_ROUTE_CIRCUIT_LOCATION' }
end
```

## Matchers

This InSpec audit resource has the following special matchers. For a full list of available matchers, please visit our [Universal Matchers page](https://www.inspec.io/docs/reference/matchers/).

### exists

```ruby
# Should exist if express_route_circuits are in the resource group
describe azure_express_route_circuits(resource_group: 'RESOURCE_GROUP') do
it { should exist }
end
# Should not exist if no express_route_circuits are in the resource group
describe azure_express_route_circuits(resource_group: 'RESOURCE_GROUP') do
it { should_not exist }
end
```
## Azure Permissions

Your [Service Principal](https://docs.microsoft.com/en-us/azure/azure-resource-manager/resource-group-create-service-principal-portal) must be setup with a `contributor` role on the subscription you wish to test.
112 changes: 112 additions & 0 deletions libraries/azure_express_route_circuit.rb
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,112 @@
require 'azure_generic_resource'

class AzureExpressRouteCircuit < AzureGenericResource
name 'azure_express_route_circuit'
desc 'ExpressRoute circuit connect your on-premises infrastructure to Microsoft through a connectivity provider'
example <<-EXAMPLE
describe azure_express_route_circuit(resource_group: 'example', circuit_name: 'circuitName') do
it { should exist }
end
EXAMPLE

def initialize(opts = {})
# Options should be Hash type. Otherwise Ruby will raise an error when we try to access the keys.
raise ArgumentError, 'Parameters must be provided in an Hash object.' unless opts.is_a?(Hash)

# Azure REST API endpoint URL format for the resource:
# GET https://management.azure.com/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/
# providers/Microsoft.Network/expressRouteCircuits/{circuitName}?api-version=2020-11-01
#
# The dynamic part that has to be created in this resource:
# Microsoft.Network/expressRouteCircuits/{circuitName}?api-version=2019-12-01
#
# Parameters acquired from environment variables:
# - {subscriptionId} => Required parameter. It will be acquired by the backend from environment variables.
#
# User supplied parameters:
# - resource_group => Required parameter unless `resource_id` is provided. {resourceGroupName}
# - name => Required parameter unless `resource_id` is provided. ExpressRouteCircuit name. {vmName}
# - resource_id => Optional parameter. If exists, `resource_group` and `name` must not be provided.
# In the following format:
# /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/
# Microsoft.Network/expressRouteCircuits/{circuitName}
# - api_version => Optional parameter. The latest version will be used unless provided. api-version
#
# **`resource_group` and (resource) `name` or `resource_id` will be validated in the backend appropriately.
# We don't have to do anything here.
#
# Following resource parameters have to be defined here.
# - resource_provider => Microsoft.Network/expressRouteCircuits
# The `specific_resource_constraint` method will validate the user input
# not to accept a different `resource_provider`.
#
opts[:resource_provider] = specific_resource_constraint('Microsoft.Network/expressRouteCircuits', opts)
opts[:resource_identifiers] = %i(circuit_name)
# static_resource parameter must be true for setting the resource_provider in the backend.
super(opts, true)
end

def to_s
super(AzureExpressRouteCircuit)
end

def provisioning_state
properties.provisioningState if exists?
end

def sku_name
sku.name if exists?
end

def sku_tier
sku.tier if exists?
end

def sku_family
sku.family if exists?
end

def circuit_provisioning_state
properties.circuitProvisioningState if exists?
end

def allow_classic_operations
properties.allowClassicOperations if exists?
end

def gateway_manager_etag
properties.gatewayManagerEtag if exists?
end

def allow_global_reach
properties.allowGlobalReach if exists?
end

def global_reach_enabled
properties.globalReachEnabled if exists?
end

def stag
properties.stag if exists?
end

def service_key
properties.serviceKey if exists?
end

def service_provider_properties_name
properties.serviceProviderProperties.serviceProviderName if exists?
end

def service_provider_properties_peering_location
properties.serviceProviderProperties.peeringLocation if exists?
end

def service_provider_properties_bandwidth_in_mbps
properties.serviceProviderProperties.bandwidthInMbps if exists?
end

def service_provider_provisioning_state
properties.serviceProviderProperties.provisioningState if exists?
end
end
Loading

0 comments on commit 9e2ff52

Please sign in to comment.