inspec · sathish-progress · Sep 16, 2021 · Aug 5, 2021 · Aug 5, 2021 · Aug 5, 2021
@@ -160,6 +160,8 @@ The following is a list of static resources.
 - [azure_management_groups](docs/resources/azure_management_groups.md)
 - [azure_mariadb_server](docs/resources/azure_mariadb_server.md)
 - [azure_mariadb_servers](docs/resources/azure_mariadb_servers.md)
+- [azure_migrate_assessment_project](docs/resources/azure_migrate_assessment_project.md)
+- [azure_migrate_assessment_projects](docs/resources/azure_migrate_assessment_projects.md)
 - [azure_monitor_activity_log_alert](docs/resources/azure_monitor_activity_log_alert.md)
 - [azure_monitor_activity_log_alerts](docs/resources/azure_monitor_activity_log_alerts.md)
 - [azure_monitor_log_profile](docs/resources/azure_monitor_log_profile.md)

diff --git a/docs/resources/azure_migrate_assessment_project.md b/docs/resources/azure_migrate_assessment_project.md
@@ -0,0 +1,102 @@
+---
+title: About the azure_migrate_assessment_project Resource
+platform: azure
+---
+
+# azure_migrate_assessment_project
+
+Use the `azure_migrate_assessment_project` InSpec audit resource to test the properties related to an Azure Migrate assessment project.
+
+## Azure REST API Version, Endpoint, and HTTP Client Parameters
+
+This resource interacts with API versions supported by the resource provider. The `api_version` is defined as a resource parameter.
+If not provided, the latest version is used. For more information, refer to [`azure_generic_resource`](azure_generic_resource.md).
+
+Unless defined, `azure_cloud` global endpoint and default values for the HTTP client is used. For more information, refer to the resource pack [README](../../README.md).
+
+## Availability
+
+### Installation
+
+This resource is available in the [InSpec Azure resource pack](https://github.com/inspec/inspec-azure). For an example, `inspec.yml` file and how to set up your Azure credentials, refer to resource pack [README](../../README.md#Service-Principal).
+
+## Syntax
+
+`name` and `resource_group` are required parameters.
+
+```ruby
+describe azure_migrate_assessment_project(resource_group: 'RESOURCE_GROUP', name: 'ASSESSMENT_PROJECT_NAME') do
+  it                                      { should exist }
+  its('name')                             { should cmp 'ASSESSMENT_PROJECT_NAME' }
+  its('type')                             { should cmp 'Microsoft.Migrate/assessmentprojects' }
+end
+```
+
+```ruby
+describe azure_migrate_assessment_project(resource_group: 'RESOURCE_GROUP', name: 'ASSESSMENT_PROJECT_NAME') do
+  it  { should exist }
+end
+```
+
+## Parameters
+
+| Name           | Description                                                                      |
+|----------------|----------------------------------------------------------------------------------|
+| name           | Name of the Azure Migrate assessment Project to test.                            |
+| resource_group | Azure resource group that the targeted project resides in.                       |
+
+The parameter set should be provided for a valid query:
+
+- `resource_group` and `name`.
+
+## Properties
+
+| Property                      | Description                                                      |
+|-------------------------------|------------------------------------------------------------------|
+| id                            | Path reference to the project.                                   |
+| name                          | Name of the project.                                             |
+| type                          | Type of the object.                                              |
+| eTag                          | For optimistic concurrency control.                              |
+| properties                    | Properties of the project.                                       |
+| location                      | Azure location in which project is created.                      |
+| properties.assessmentSolutionId | Assessment solution ARM id tracked by `Microsoft.Migrate/migrateProjects`.|
+| properties.customerStorageAccountArmId| The ARM ID of the storage account used for interactions when public access is disabled.|
+| properties.privateEndpointConnections | The list of private endpoint connections to the project. |
+| properties.numberOfMachines   | Number of machines in the project.                               |
+| tags                          | Tags provided by Azure Tagging service.                          |
+
+For properties applicable to all resources, such as `type`, `name`, `id`, and `properties`, refer to the [`azure_generic_resource`](azure_generic_resource.md#properties).
+
+Refer to the [Azure documentation](https://docs.microsoft.com/en-us/rest/api/migrate/assessment/projects/get) for other properties available. Access any attribute in the response by separating the key names with a period (`.`).
+
+## Examples
+
+### Test that the migrate assessment project has a minimum scaling factor
+
+```ruby
+describe azure_migrate_assessment_project(resource_group: 'RESOURCE_GROUP', name: 'ASSESSMENT_PROJECT_NAME') do
+  its('properties.numberOfGroups') { should eq 2 }
+end
+```
+
+## Matchers
+
+This InSpec audit resource has the following special matchers. For a full list of available matchers, please visit our [Universal Matchers page](/inspec/matchers/).
+
+### exists
+
+```ruby
+# If a Migrate Assessment Project is found, it will exist
+describe azure_migrate_assessment_project(resource_group: 'RESOURCE_GROUP', name: 'ASSESSMENT_PROJECT_NAME') do
+  it { should exist }
+end
+
+# if Migrate Assessment Project is not found, it will not exist
+describe azure_migrate_assessment_project(resource_group: 'RESOURCE_GROUP', name: 'ASSESSMENT_PROJECT_NAME') do
+  it { should_not exist }
+end
+```
+
+## Azure Permissions
+
+Your [Service Principal](https://docs.microsoft.com/en-us/azure/azure-resource-manager/resource-group-create-service-principal-portal) must be set up with a `contributor` role on the subscription you wish to test.
@@ -0,0 +1,102 @@
+---
+title: About the azure_migrate_assessment_projects Resource
+platform: azure
+---
+
+# azure_migrate_assessment_projects
+
+Use the `azure_migrate_assessment_projects` InSpec audit resource to test the properties related to all Azure Migrate assessment projects within a subscription.
+
+## Azure REST API Version, Endpoint, and HTTP Client Parameters
+
+This resource interacts with API versions supported by the resource provider. The `api_version` is defined as a resource parameter.
+If not provided, the latest version is used. For more information, refer to [`azure_generic_resource`](azure_generic_resource.md).
+
+Unless defined, `azure_cloud` global endpoint and default values for the HTTP client are used. For more information, refer to the resource pack [README](../../README.md).
+
+## Availability
+
+### Installation
+
+This resource is available in the [InSpec Azure resource pack](https://github.com/inspec/inspec-azure). For an example, `inspec.yml` file and how to set up your Azure credentials, refer to resource pack [README](../../README.md#Service-Principal).
+
+## Syntax
+
+An `azure_migrate_assessment_projects` resource block returns all Azure Migrate projects within a subscription.
+
+```ruby
+describe azure_migrate_assessment_projects do
+  #...
+end
+```
+
+## Properties
+
+|Property                        | Description                                                            | Filter Criteria<superscript>*</superscript> |
+|--------------------------------|------------------------------------------------------------------------|------------------|
+| ids                            | Path reference to the projects.                                        | `id`             |
+| names                          | Name of the projects.                                                  | `name`           |
+| types                          | Type of the project.                                                   | `type`           |
+| eTags                          | A list of eTags for all the assessments.                               | `eTag`           |
+| locations                      | Azure locations in which project is created.                           | `location`       |
+| tags                           | A list of Tags provided by Azure Tagging service.                      | `tags`           |
+| properties                     | A list of Properties for all the projects.                             | `properties`     |
+| assessmentSolutionIds          | Assessment solution ARM ids tracked by `Microsoft.Migrate/migrateProjects`.| `assessmentSolutionId`  |
+| createdTimestamps              | Times when this project was created. Date-Time represented in ISO-8601 format.| `createdTimestamp`|
+| customerStorageAccountArmIds   | The ARM ids of the storage account used for interactions when public access is disabled.| `customerStorageAccountArmId` |
+| customerWorkspaceIds           | The ARM ids of service map workspace created by customer.              | `customerWorkspaceId` |
+| customerWorkspaceLocations     | Locations of service map workspace created by customer.                | `customerWorkspaceLocation`|
+| lastAssessmentTimestamps       | Times when last assessment is created.                                 | `lastAssessmentTimestamp` |
+| numberOfAssessments            | Number of assessments created in the project.                          | `numberOfAssessments`|
+| numberOfGroups                 | Number of groups created in all the projects.                          | `numberOfGroups`  |
+| numberOfMachines               | Number of machines in all the projects.                                | `numberOfMachines`|
+| privateEndpointConnections     | The list of private endpoint connections to the projects.              | `privateEndpointConnections` |
+| projectStatuses                | Assessment project statuses.                                           | `projectStatus`   |
+| provisioningStates             | Provisioning states of all the projects.                               | `provisioningState`|
+| publicNetworkAccesses          | Public Network Access for all the projects.                            | `publicNetworkAccess`|
+| serviceEndpoints               | Service Endpoints of all the projects.                                 | `serviceEndpoint` |
+| updatedTimestamps              | Times when this project is last updated.                               | `updatedTimestamp`|
+
+<superscript>*</superscript> For information on how to use filter criteria on plural resources refer to [FilterTable usage](https://github.com/inspec/inspec/blob/master/dev-docs/filtertable-usage.md).
+
+## Examples
+
+### Loop through migrate assessment projects by their names
+
+```ruby
+azure_migrate_assessment_projects.names.each do |name|
+  describe azure_migrate_assessment_project(resource_group: 'RESOURCE_GROUP', name: name) do
+    it { should exist }
+  end
+end
+```
+
+### Test to ensure that migrate assessment projects in West Europe location
+
+```ruby
+describe azure_migrate_assessment_projects.where(location: 'westeurope') do
+  it { should exist }
+end
+```
+
+## Matchers
+
+This InSpec audit resource has the following special matchers. For a full list of available matchers, please visit our [Universal Matchers page](https://www.inspec.io/docs/reference/matchers/).
+
+### exists
+
+```ruby
+# Should not exist if no Migrate Assessment Projects are present in the subscription
+describe azure_migrate_assessment_projects do
+  it { should_not exist }
+end
+
+# Should exist if the filter returns at least one Migrate Assessment Projects in the subscription
+describe azure_migrate_assessment_projects do
+  it { should exist }
+end
+```
+
+## Azure Permissions
+
+Your [Service Principal](https://docs.microsoft.com/en-us/azure/azure-resource-manager/resource-group-create-service-principal-portal) must be set up with a `contributor` role on the subscription you wish to test.
@@ -0,0 +1,22 @@
+require 'azure_generic_resource'
+
+class AzureMigrateAssessmentProject < AzureGenericResource
+  name 'azure_migrate_assessment_project'
+  desc 'Retrieves and verifies the settings of a Azure Migrate Assessment Project'
+  example <<-EXAMPLE
+    describe azure_migrate_assessment(resource_group: 'migrated_vms', name: 'zoneA_migrate_assessment_project') do
+      it { should exist }
+    end
+  EXAMPLE
+
+  def initialize(opts = {})
+    raise ArgumentError, 'Parameters must be provided in an Hash object.' unless opts.is_a?(Hash)
+
+    opts[:resource_provider] = specific_resource_constraint('Microsoft.Migrate/assessmentProjects', opts)
+    super(opts, true)
+  end
+
+  def to_s
+    super(AzureMigrateAssessmentProject)
+  end
+end
@@ -0,0 +1,33 @@
+require 'azure_generic_resources'
+
+class AzureMigrateAssessmentProjects < AzureGenericResources
+  name 'azure_migrate_assessment_projects'
+  desc 'Verifies settings for a collection of Azure Migrate Assessment Projects in a subscription'
+  example <<-EXAMPLE
+    describe azure_migrate_assessment_projects do
+        it { should exist }
+    end
+  EXAMPLE
+
+  def initialize(opts = {})
+    raise ArgumentError, 'Parameters must be provided in an Hash object.' unless opts.is_a?(Hash)
+
+    opts[:resource_provider] = specific_resource_constraint('Microsoft.Migrate/assessmentProjects', opts)
+    super(opts, true)
+    return if failed_resource?
+
+    populate_filter_table_from_response
+  end
+
+  def to_s
+    super(AzureMigrateAssessmentProjects)
+  end
+
+  private
+
+  def populate_table
+    @resources.each do |resource|
+      @table << resource.merge(resource[:properties])
+    end
+  end
+end
@@ -0,0 +1,17 @@
+location = input(:location, value: '')
+resource_group = input(:resource_group, value: '')
+project_name = input(:inspec_migrate_project_name, value: '')
+
+control 'Verifies the settings of a Azure Migrate Assessment Project' do
+  describe azure_migrate_assessment_project(resource_group: resource_group, name: project_name) do
+    it { should exist }
+    its('location') { should eq location }
+    its('publicNetworkAccess') { should eq 'Enabled' }
+    its('numberOfGroups') { should eq '1' }
+    its('numberOfMachines') { should eq 10 }
+    its('numberOfImportMachines') { should eq 10 }
+    its('numberOfAssessments') { should eq 2 }
+    its('projectStatus') { should eq 'Active' }
+    its('provisioningState') { should eq 'Succeeded' }
+  end
+end
@@ -0,0 +1,15 @@
+location = input(:location, value: '')
+
+control 'Verifies settings for a collection of Azure Migrate Assessment Projects' do
+  describe azure_migrate_assessment_projects do
+    it { should exist }
+    its('locations') { should include location }
+    its('publicNetworkAccesses') { should include 'Enabled' }
+    its('numberOfGroups') { should include '1' }
+    its('numberOfMachines') { should include 10 }
+    its('numberOfImportMachines') { should include 10 }
+    its('numberOfAssessments') { should include 2 }
+    its('projectStatuses') { should include 'Active' }
+    its('provisioningStates') { should include 'Succeeded' }
+  end
+end
@@ -0,0 +1,17 @@
+require_relative 'helper'
+require 'azure_migrate_assessment_project'
+
+class AzureMigrateAssessmentProjectConstructorTest < Minitest::Test
+  def test_empty_param_not_ok
+    assert_raises(ArgumentError) { AzureMigrateAssessmentProject.new }
+  end
+
+  # resource_provider should not be allowed.
+  def test_resource_provider_not_ok
+    assert_raises(ArgumentError) { AzureMigrateAssessmentProject.new(resource_provider: 'some_type') }
+  end
+
+  def test_name_alone_ok
+    assert_raises(ArgumentError) { AzureMigrateAssessmentProject.new(name: 'my-name') }
+  end
+end
@@ -0,0 +1,21 @@
+require_relative 'helper'
+require 'azure_migrate_assessment_projects'
+
+class AzureMigrateAssessmentProjectsConstructorTest < Minitest::Test
+  # resource_type should not be allowed.
+  def test_resource_type_not_ok
+    assert_raises(ArgumentError) { AzureMigrateAssessmentProjects.new(resource_provider: 'some_type') }
+  end
+
+  def tag_value_not_ok
+    assert_raises(ArgumentError) { AzureMigrateAssessmentProjects.new(tag_value: 'some_tag_value') }
+  end
+
+  def tag_name_not_ok
+    assert_raises(ArgumentError) { AzureMigrateAssessmentProjects.new(tag_name: 'some_tag_name') }
+  end
+
+  def test_name_not_ok
+    assert_raises(ArgumentError) { AzureMigrateAssessmentProjects.new(name: 'some_name') }
+  end
+end