RESOURCE-150 Support power bi capacities

README.md

@@ -116,6 +116,7 @@ With the generic resources:
 - Azure cloud resources that this resource pack does not include a static InSpec resource for can be tested.
 - Azure resources from different resource providers and resource groups can be tested at the same time.
 - Server side filtering can be used for more efficient tests.
+<<<<<<< HEAD
 
 The following is a list of static resources.
 
@@ -269,6 +270,151 @@ The following is a list of static resources.
 - [azure_web_app_functions](https://docs.chef.io/inspec/resources/azure_web_app_functions/)
 - [azure_webapp](https://docs.chef.io/inspec/resources/azure_webapp/)
 - [azure_webapps](https://docs.chef.io/inspec/resources/azure_webapps/)
+=======
+
+The following is a list of static resources. 
+
+- [azure_active_directory_domain_service](docs/resources/azure_active_directory_domain_service.md)
+- [azure_active_directory_domain_services](docs/resources/azure_active_directory_domain_services.md)
+- [azure_aks_cluster](docs/resources/azure_aks_cluster.md)
+- [azure_aks_clusters](docs/resources/azure_aks_clusters.md)
+- [azure_api_management](docs/resources/azure_api_management.md)
+- [azure_api_managements](docs/resources/azure_api_managements.md)
+- [azure_application_gateway](docs/resources/azure_application_gateway.md)
+- [azure_application_gateways](docs/resources/azure_application_gateways.md)
+- [azure_bastion_hosts_resource](docs/resources/azure_bastion_hosts_resource.md)
+- [azure_bastion_hosts_resources](docs/resources/azure_bastion_hosts_resources.md)
+- [azure_container_group](docs/resources/azure_container_group.md)
+- [azure_container_groups](docs/resources/azure_container_groups.md)
+- [azure_container_registries](docs/resources/azure_container_registries.md)
+- [azure_container_registry](docs/resources/azure_container_registry.md)
+- [azure_cosmosdb_database_account](docs/resources/azure_cosmosdb_database_account.md)
+- [azure_data_factories](docs/resources/azure_data_factories.md)
+- [azure_data_factory](docs/resources/azure_data_factory.md)
+- [azure_data_factory_linked_service](docs/resources/azure_data_factory_linked_service.md)
+- [azure_data_factory_linked_services](docs/resources/azure_data_factory_linked_services.md)
+- [azure_db_migration_service](docs/resources/azure_db_migration_service.md)
+- [azure_db_migration_services](docs/resources/azure_db_migration_services.md)
+- [azure_ddos_protection_resource](docs/resources/azure_ddos_protection_resource.md)
+- [azure_ddos_protection_resources](docs/resources/azure_ddos_protection_resources.md)
+- [azure_dns_zones_resource](docs/resources/azure_dns_zones_resource.md)
+- [azure_dns_zones_resources](docs/resources/azure_dns_zones_resources.md)
+- [azure_event_hub_authorization_rule](docs/resources/azure_event_hub_authorization_rule.md)
+- [azure_event_hub_event_hub](docs/resources/azure_event_hub_event_hub.md)
+- [azure_event_hub_namespace](docs/resources/azure_event_hub_namespace.md)
+- [azure_express_route_providers](docs/resources/azure_express_route_providers.md)
+- [azure_express_route_circuit](docs/resources/azure_express_route_circuit.md)
+- [azure_express_route_circuits](docs/resources/azure_express_route_circuits.md)
+- [azure_generic_resource](docs/resources/azure_generic_resource.md)
+- [azure_generic_resources](docs/resources/azure_generic_resources.md)
+- [azure_graph_generic_resource](docs/resources/azure_graph_generic_resource.md)
+- [azure_graph_generic_resources](docs/resources/azure_graph_generic_resources.md)
+- [azure_graph_user](docs/resources/azure_graph_user.md)
+- [azure_graph_users](docs/resources/azure_graph_users.md)
+- [azure_hdinsight_cluster](docs/resources/azure_hdinsight_cluster.md)
+- [azure_iothub](docs/resources/azure_iothub.md)
+- [azure_iothub_event_hub_consumer_group](docs/resources/azure_iothub_event_hub_consumer_group.md)
+- [azure_iothub_event_hub_consumer_groups](docs/resources/azure_iothub_event_hub_consumer_groups.md)
+- [azure_key_vault](docs/resources/azure_key_vault.md)
+- [azure_key_vaults](docs/resources/azure_key_vaults.md)
+- [azure_key_vault_key](docs/resources/azure_key_vault_key.md)
+- [azure_key_vault_keys](docs/resources/azure_key_vault_keys.md)
+- [azure_key_vault_secret](docs/resources/azure_key_vault_secret.md)
+- [azure_key_vault_secrets](docs/resources/azure_key_vault_secrets.md)
+- [azure_load_balancer](docs/resources/azure_load_balancer.md)
+- [azure_load_balancers](docs/resources/azure_load_balancers.md)
+- [azure_lock](docs/resources/azure_lock.md)
+- [azure_locks](docs/resources/azure_locks.md)
+- [azure_management_group](docs/resources/azure_management_group.md)
+- [azure_management_groups](docs/resources/azure_management_groups.md)
+- [azure_mariadb_server](docs/resources/azure_mariadb_server.md)
+- [azure_mariadb_servers](docs/resources/azure_mariadb_servers.md)
+- [azure_migrate_assessment](docs/resources/azure_migrate_assessment.md)
+- [azure_migrate_assessments](docs/resources/azure_migrate_assessments.md)
+- [azure_migrate_assessment_project](docs/resources/azure_migrate_assessment_project.md)
+- [azure_migrate_assessment_projects](docs/resources/azure_migrate_assessment_projects.md)
+- [azure_migrate_assessment_group](docs/resources/azure_migrate_assessment_group.md)
+- [azure_migrate_assessment_groups](docs/resources/azure_migrate_assessment_groups.md)
+- [azure_migrate_project_database](docs/resources/azure_migrate_project_database.md)
+- [azure_migrate_project_databases](docs/resources/azure_migrate_project_databases.md)
+- [azure_migrate_project_event](docs/resources/azure_migrate_project_event.md)
+- [azure_migrate_project_events](docs/resources/azure_migrate_project_events.md)
+- [azure_migrate_project_machine](docs/resources/azure_migrate_project_machine.md)
+- [azure_migrate_project_machines](docs/resources/azure_migrate_project_machines.md)
+- [azure_migrate_project_solution](docs/resources/azure_migrate_project_solution.md)
+- [azure_migrate_project_solutions](docs/resources/azure_migrate_project_solutions.md)
+- [azure_monitor_activity_log_alert](docs/resources/azure_monitor_activity_log_alert.md)
+- [azure_monitor_activity_log_alerts](docs/resources/azure_monitor_activity_log_alerts.md)
+- [azure_monitor_log_profile](docs/resources/azure_monitor_log_profile.md)
+- [azure_monitor_log_profiles](docs/resources/azure_monitor_log_profiles.md)
+- [azure_mysql_database](docs/resources/azure_mysql_database.md)
+- [azure_mysql_databases](docs/resources/azure_mysql_databases.md)
+- [azure_mysql_server](docs/resources/azure_mysql_server.md)
+- [azure_mysql_servers](docs/resources/azure_mysql_servers.md)
+- [azure_network_interface](docs/resources/azure_network_interface.md)
+- [azure_network_interfaces](docs/resources/azure_network_interfaces.md)
+- [azure_network_security_group](docs/resources/azure_network_security_group.md)
+- [azure_network_security_groups](docs/resources/azure_network_security_groups.md)
+- [azure_network_watcher](docs/resources/azure_network_watcher.md)
+- [azure_network_watchers](docs/resources/azure_network_watchers.md)
+- [azure_policy_assignments](docs/resources/azure_policy_assignments.md)
+- [azure_policy_definition](docs/resources/azure_policy_definition.md)
+- [azure_policy_definitions](docs/resources/azure_policy_definitions.md)
+- [azure_policy_exemption](docs/resources/azure_policy_exemption.md)
+- [azure_policy_exemptions](docs/resources/azure_policy_exemptions.md)
+- [azure_policy_insights_query_result](docs/resources/azure_policy_insights_query_result.md)
+- [azure_policy_insights_query_results](docs/resources/azure_policy_insights_query_results.md)
+- [azure_postgresql_database](docs/resources/azure_postgresql_database.md)
+- [azure_postgresql_databases](docs/resources/azure_postgresql_databases.md)
+- [azure_postgresql_server](docs/resources/azure_postgresql_server.md)
+- [azure_postgresql_servers](docs/resources/azure_postgresql_servers.md)
+- [azure_power_bi_capacities](docs/resources/azure_power_bi_capacities.md)
+- [azure_public_ip](docs/resources/azure_public_ip.md)
+- [azure_redis_cache](docs/resources/azure_redis_cache.md)
+- [azure_redis_caches](docs/resources/azure_redis_caches.md)
+- [azure_resource_group](docs/resources/azure_resource_group.md)
+- [azure_resource_groups](docs/resources/azure_resource_groups.md)
+- [azure_resource_health_availability_status](docs/resources/azure_resource_health_availability_status.md)
+- [azure_resource_health_availability_statuses](docs/resources/azure_resource_health_availability_statuses.md)
+- [azure_resource_health_emerging_issue](docs/resources/azure_resource_health_emerging_issue.md)
+- [azure_resource_health_emerging_issues](docs/resources/azure_resource_health_emerging_issues.md)
+- [azure_resource_health_events](docs/resources/azure_resource_health_events.md)
+- [azure_role_definition](docs/resources/azure_role_definition.md)
+- [azure_role_definitions](docs/resources/azure_role_definitions.md)
+- [azure_security_center_policy](docs/resources/azure_security_center_policy.md)
+- [azure_security_center_policies](docs/resources/azure_security_center_policies.md)
+- [azure_sql_database](docs/resources/azure_sql_database.md)
+- [azure_sql_databases](docs/resources/azure_sql_databases.md)
+- [azure_sql_server](docs/resources/azure_sql_server.md)
+- [azure_sql_servers](docs/resources/azure_sql_servers.md)
+- [azure_storage_account](docs/resources/azure_storage_account.md)
+- [azure_storage_accounts](docs/resources/azure_storage_accounts.md)
+- [azure_storage_account_blob_container](docs/resources/azure_storage_account_blob_container.md)
+- [azure_storage_account_blob_containers](docs/resources/azure_storage_account_blob_containers.md)
+- [azure_streaming_analytics_function](docs/resources/azure_streaming_analytics_function.md)
+- [azure_streaming_analytics_functions](docs/resources/azure_streaming_analytics_functions.md)
+- [azure_subnet](docs/resources/azure_subnet.md)
+- [azure_subnets](docs/resources/azure_subnets.md)
+- [azure_subscription](docs/resources/azure_subscription.md)
+- [azure_subscriptions](docs/resources/azure_subscriptions.md)
+- [azure_synapse_notebook](docs/resources/azure_synapse_notebook.md)
+- [azure_synapse_notebooks](docs/resources/azure_synapse_notebooks.md)
+- [azure_virtual_machine](docs/resources/azure_virtual_machine.md)
+- [azure_virtual_machines](docs/resources/azure_virtual_machines.md)
+- [azure_virtual_machine_disk](docs/resources/azure_virtual_machine_disk.md)
+- [azure_virtual_machine_disks](docs/resources/azure_virtual_machine_disks.md)
+- [azure_virtual_network](docs/resources/azure_virtual_network.md)
+- [azure_virtual_network_gateways](docs/resources/azure_virtual_network_gateways.md)
+- [azure_virtual_network_peering](docs/resources/azure_virtual_network_peering.md)
+- [azure_virtual_network_peerings](docs/resources/azure_virtual_network_peerings.md)
+- [azure_virtual_networks](docs/resources/azure_virtual_networks.md)
+- [azure_virtual_wan](docs/resources/azure_virtual_wan.md)
+- [azure_virtual_wans](docs/resources/azure_virtual_wans.md)
+- [azure_web_app_function](docs/resources/azure_web_app_function.md)
+- [azure_web_app_functions](docs/resources/azure_web_app_functions.md)
+- [azure_webapp](docs/resources/azure_webapp.md)
+- [azure_webapps](docs/resources/azure_webapps.md)
+>>>>>>> update readme for azure power bi capacities
 
 For more details and different use cases, please refer to the specific resource pages.
 

docs/resources/azure_power_bi_capacities.md

@@ -0,0 +1,87 @@
+---
+title: About the azure_power_bi_app_capacities Resource
+platform: azure
+---
+
+# azure_power_bi_app_capacities
+
+Use the `azure_power_bi_app_capacities` InSpec audit resource to test the properties related to all Azure Power BI capacities.
+
+## Azure REST API Version, Endpoint, and HTTP Client Parameters
+
+This resource interacts with API versions supported by the resource provider. The `api_version` is defined as a resource parameter.
+If not provided, the latest version is used. For more information, refer to [`azure_generic_resource`](azure_generic_resource.md).
+
+Unless defined, `azure_cloud` global endpoint and default values for the HTTP client is used. For more information, refer to the resource pack [README](../../README.md).
+
+## Availability
+
+### Installation
+
+This resource is available in the [InSpec Azure resource pack](https://github.com/inspec/inspec-azure). For an example, `inspec.yml` file and how to set up your Azure credentials, refer to resource pack [README](../../README.md#Service-Principal).
+
+## Syntax
+
+An `azure_power_bi_app_capacities` resource block returns all Azure Power BI capacities.
+
+```ruby
+describe azure_power_bi_app_capacities do
+  #...
+end
+```
+
+## Parameters
+
+This resource does not require any parameters.
+
+## Properties
+
+|Property                   | Description                                                            | Filter Criteria<superscript>*</superscript> |
+|---------------------------|------------------------------------------------------------------------|------------------|
+| ids                       | List of all Power BI capacity IDs.                                     | `id`             |
+| displayNames              | List of all the Power BI capacity names.                               | `displayName`    |
+| admins                    | An array of capacity admins.                                           | `admin`          |
+| skus                      | List of all capacity SKUs.                                             | `sku`            |
+| states                    | List of the capacity states.                                           | `state`          |
+| regions                   | List of the Azure regions where the capacity is provisioned.           | `region`         |
+| capacityUserAccessRights  | List of access rights user has on the capacity.                        | `capacityUserAccessRight`|
+
+<superscript>*</superscript> For information on how to use filter criteria on plural resources refer to [FilterTable usage](https://github.com/inspec/inspec/blob/master/dev-docs/filtertable-usage.md).
+Also, refer to [Azure documentation](https://docs.microsoft.com/en-us/rest/api/power-bi/capacities/get-capacities) for other properties available.
+
+## Examples
+
+### Test to ensure Power BI capacities are active
+
+```ruby
+describe azure_power_bi_app_capacities.where(state: 'Active') do
+  it { should exist }
+end
+```
+
+## Matchers
+
+This InSpec audit resource has the following special matchers. For a full list of available matchers, please visit our [Universal Matchers page](https://www.inspec.io/docs/reference/matchers/).
+
+### exists
+
+Use `should` to test that the entity exists.
+
+```ruby
+describe azure_power_bi_app_capacities do
+  it { should exist }
+end
+```
+
+Use `should_not` to test that the entity does not exist.
+
+```ruby
+describe azure_power_bi_app_capacities do
+  it { should_not exist }
+end
+```
+
+## Azure Permissions
+
+This API does not support service principal authentication. Instead, use an Active Directory account access token to access this resource.
+Your Active Directory account must be set up with a `Capacity.Read.All` role on the Azure Power BI workspace that you wish to test.

libraries/azure_power_bi_capacities.rb

@@ -0,0 +1,31 @@
+require 'azure_generic_resources'
+
+class AzurePowerBICapacities < AzureGenericResources
+  name 'azure_power_bi_capacities'
+  desc 'Retrieves and verifies the settings of all Azure Power BI Capacities.'
+  example <<-EXAMPLE
+    describe azure_power_bi_capacities do
+      it { should exist }
+    end
+  EXAMPLE
+
+  AUDIENCE = 'https://analysis.windows.net/powerbi/api'.freeze
+
+  def initialize(opts = {})
+    raise ArgumentError, 'Parameters must be provided in an Hash object.' unless opts.is_a?(Hash)
+
+    opts[:resource_uri] = 'https://api.powerbi.com/v1.0/myorg/capacities'
+    opts[:audience] = AUDIENCE
+    opts[:add_subscription_id] = false
+    opts[:is_uri_a_url] = true
+    opts[:api_version] = 'v1.0'
+    super
+    return if failed_resource?
+
+    populate_filter_table_from_response
+  end
+
+  def to_s
+    super(AzurePowerBICapacities)
+  end
+end

test/integration/verify/controls/azure_power_bi_capacities.rb

@@ -0,0 +1,9 @@
+control 'Verify the settings of all Power BI App Capacities' do
+  describe azure_power_bi_app_capacities do
+    it { should exist }
+    its('skus') { should include 'A1' }
+    its('states') { should include 'Active' }
+    its('regions') { should include 'West Central US' }
+    its('capacityUserAccessRights') { should include 'Admin' }
+  end
+end

test/unit/resources/azure_power_bi_capacities_test.rb

@@ -0,0 +1,22 @@
+require_relative 'helper'
+require 'azure_power_bi_capacities'
+
+class AzurePowerBICapacitiesConstructorTest < Minitest::Test
+  # resource_type should not be allowed.
+
+  def test_resource_type_not_ok
+    assert_raises(ArgumentError) { AzurePowerBICapacities.new(resource_provider: 'some_type') }
+  end
+
+  def tag_value_not_ok
+    assert_raises(ArgumentError) { AzurePowerBICapacities.new(tag_value: 'some_tag_value') }
+  end
+
+  def tag_name_not_ok
+    assert_raises(ArgumentError) { AzurePowerBICapacities.new(tag_name: 'some_tag_name') }
+  end
+
+  def test_name_not_ok
+    assert_raises(ArgumentError) { AzurePowerBICapacities.new(name: 'some_name') }
+  end
+end