inspec · soumyo13 · Mar 12, 2022 · Dec 13, 2021 · Dec 13, 2021 · Dec 13, 2021
@@ -410,6 +410,8 @@ The following is a list of static resources.
 - [azure_security_center_policies](docs/resources/azure_security_center_policies.md)
 - [azure_sentinel_alert_rule_template](docs/resources/azure_sentinel_alert_rule_template.md)
 - [azure_sentinel_alert_rule_templates](docs/resources/azure_sentinel_alert_rule_templates.md)
+- [azure_service_fabric_mesh_service](docs/resources/azure_service_fabric_mesh_service.md)
+- [azure_service_fabric_mesh_services](docs/resources/azure_service_fabric_mesh_services.md)
 - [azure_service_fabric_mesh_replica](docs/resources/azure_service_fabric_mesh_replica.md)
 - [azure_service_fabric_mesh_replicas](docs/resources/azure_service_fabric_mesh_replicas.md)
 - [azure_service_fabric_mesh_volume](docs/resources/azure_service_fabric_mesh_volume.md)

@@ -0,0 +1,105 @@
++++
+title = "azure_service_fabric_mesh_service Resource"
+platform = "azure"
+draft = false
+gh_repo = "inspec-azure"
+
+[menu.inspec]
+title = "azure_service_fabric_mesh_service"
+identifier = "inspec/resources/azure/azure_service_fabric_mesh_service Resource"
+parent = "inspec/resources/azure"
++++
+
+Use the `azure_service_fabric_mesh_service` InSpec audit resource to test properties of an Azure Service Fabric Mesh service.
+
+## Azure REST API Version, Endpoint, and HTTP Client Parameters
+
+{{% inspec_azure_common_parameters %}}
+
+## Installation
+
+{{% inspec_azure_install %}}
+
+## Syntax
+
+```ruby
+describe azure_service_fabric_mesh_service(resource_group: 'RESOURCE_GROUP', name: 'SERVICE_FABRIC_MESH_SERVICE_NAME') do
+  it                                      { should exist }
+  its('type')                             { should eq 'Microsoft.ServiceFabricMesh/applications' }
+end
+```
+
+```ruby
+describe azure_service_fabric_mesh_service(resource_group: 'RESOURCE_GROUP', name: 'SERVICE_FABRIC_MESH_SERVICE_NAME') do
+  it  { should exist }
+end
+```
+
+## Parameters
+
+`name` _(required)_
+: Name of the Azure Service Fabric Mesh service to test.
+
+`resource_group` _(required)_
+: Azure resource group that the targeted resource resides in.
+
+## Properties
+
+`id`
+: Resource Id.
+
+`name`
+: Resource name.
+
+`type`
+: Resource type. `Microsoft.ServiceFabricMesh/services`.
+
+`properties`
+: The properties of the SERVICE FABRIC MESH SERVICE.
+
+`properties.osType`
+: The Operating system type required by the code in service.
+
+`properties.replicaCount`
+: The number of replicas of the service to create. Defaults to 1 if not specified.
+
+`properties.healthState`
+: Describes the health state of an services resource.
+
+
+For properties applicable to all resources, such as `type`, `name`, `id`, `properties`, refer to [`azure_generic_resource`]({{< relref "azure_generic_resource.md#properties" >}}).
+
+Also, refer to [Azure documentation](https://docs.microsoft.com/en-us/rest/api/servicefabric/sfmeshrp-api-service_get) for other properties available.
+
+## Examples
+
+**Test that the SERVICE FABRIC MESH SERVICE is healthy.**
+
+```ruby
+describe azure_service_fabric_mesh_service(resource_group: 'RESOURCE_GROUP', name: 'SERVICE_FABRIC_MESH_SERVICE_NAME') do
+  its('properties.healthState') { should eq 'Ok' }
+end
+```
+
+## Matchers
+
+{{% inspec_matchers_link %}}
+
+### exists
+
+```ruby
+# If a SERVICE FABRIC MESH SERVICE is found it will exist
+
+describe azure_service_fabric_mesh_service(resource_group: 'RESOURCE_GROUP', name: 'SERVICE_FABRIC_MESH_SERVICE_NAME') do
+  it { should exist }
+end
+# if SERVICE FABRIC MESH SERVICE is not found it will not exist
+
+describe azure_service_fabric_mesh_service(resource_group: 'RESOURCE_GROUP', name: 'SERVICE_FABRIC_MESH_SERVICE_NAME') do
+  it { should_not exist }
+end
+```
+
+## Azure Permissions
+
+{{% azure_permissions_service_principal role="reader" %}}
@@ -0,0 +1,118 @@
++++
+title = "azure_service_fabric_mesh_services Resource"
+platform = "azure"
+draft = false
+gh_repo = "inspec-azure"
+
+[menu.inspec]
+title = "azure_service_fabric_mesh_services"
+identifier = "inspec/resources/azure/azure_service_fabric_mesh_services Resource"
+parent = "inspec/resources/azure"
++++
+
+Use the `azure_service_fabric_mesh_services` InSpec audit resource to test properties of all Azure service Fabric Mesh services within a project.
+
+## Azure REST API Version, Endpoint, and HTTP Client Parameters
+
+{{% inspec_azure_common_parameters %}}
+
+## Installation
+
+{{% inspec_azure_install %}}
+
+## Syntax
+
+An `azure_service_fabric_mesh_services` resource block returns all Azure service Fabric Mesh services within a project.
+
+```ruby
+describe azure_service_fabric_mesh_services do
+  #...
+end
+```
+
+## Parameters
+
+`resource_group` _(optional)_
+: Azure resource group that the targeted resource resides in.
+
+## Properties
+
+`ids`
+: A list of resource IDs.
+
+: **Field**: `id`
+
+`names`
+: A list of resource Names.
+
+: **Field**: `name`
+
+`types`
+: A list of the resource types.
+
+: **Field**: `type`
+
+`properties`
+: A list of Properties for all the service Fabric Mesh services.
+
+: **Field**: `properties`
+
+`osTypes`
+: The Operating system type required by the code in services.
+
+: **Field**: `replicaCount`
+
+`replicaCounts`
+: The number of replicas of the service to create. Defaults to 1 if not specified.
+
+: **Field**: `metricId`
+
+`healthStates`
+: health state of an services resource.
+
+: **Field**: `healthState`
+
+{{% inspec_filter_table %}}
+
+## Examples
+
+**Loop through service Fabric Mesh services by their names.**
+
+```ruby
+azure_service_fabric_mesh_services(resource_group: 'RESOURCE_GROUP').names.each do |name|
+  describe azure_service_fabric_mesh_service(resource_group: 'RESOURCE_GROUP', name: name) do
+    it { should exist }
+  end
+end
+```
+
+**Test that there are service Fabric Mesh services that are healthy.**
+
+```ruby
+describe azure_service_fabric_mesh_services(resource_group: 'RESOURCE_GROUP').where(replicaCounts: 2) do
+  it { should exist }
+end
+```
+
+## Matchers
+
+{{% inspec_matchers_link %}}
+
+### exists
+
+```ruby
+# Should not exist if no service Fabric Mesh services are present
+
+describe azure_service_fabric_mesh_services(resource_group: 'RESOURCE_GROUP') do
+  it { should_not exist }
+end
+# Should exist if the filter returns at least one service Fabric Mesh services
+
+describe azure_service_fabric_mesh_services(resource_group: 'RESOURCE_GROUP') do
+  it { should exist }
+end
+```
+
+## Azure Permissions
+
+{{% azure_permissions_service_principal role="reader" %}}
@@ -0,0 +1,23 @@
+require 'azure_generic_resource'
+
+class AzureServiceFabricMeshService < AzureGenericResource
+  name 'azure_service_fabric_mesh_service'
+  desc 'Retrieves and verifies the settings of an Azure Service Fabric Mesh Service.'
+  example <<-EXAMPLE
+    describe azure_service_fabric_mesh_service(application_name: 'fabric-svc', name: 'svc') do
+      it { should exist }
+    end
+  EXAMPLE
+
+  def initialize(opts = {})
+    raise ArgumentError, 'Parameters must be provided in an Hash object.' unless opts.is_a?(Hash)
+
+    opts[:resource_provider] = specific_resource_constraint('Microsoft.ServiceFabricMesh/applications', opts)
+    opts[:resource_path] = [opts[:application_name], 'services'].join('/')
+    super(opts, true)
+  end
+
+  def to_s
+    super(AzureServiceFabricMeshService)
+  end
+end
@@ -0,0 +1,35 @@
+require 'azure_generic_resources'
+
+class AzureServiceFabricMeshServices < AzureGenericResources
+  name 'azure_service_fabric_mesh_services'
+  desc 'Verifies settings for a collection of Azure Service Fabric Mesh Services'
+  example <<-EXAMPLE
+    describe azure_service_fabric_mesh_services(application_name: 'fabric-svc') do
+        it { should exist }
+    end
+  EXAMPLE
+
+  def initialize(opts = {})
+    raise ArgumentError, 'Parameters must be provided in an Hash object.' unless opts.is_a?(Hash)
+
+    opts[:resource_provider] = specific_resource_constraint('Microsoft.ServiceFabricMesh/applications', opts)
+    opts[:resource_path] = [opts[:application_name], 'services'].join('/')
+    super(opts, true)
+    return if failed_resource?
+
+    populate_filter_table_from_response
+  end
+
+  def to_s
+    super(AzureServiceFabricMeshServices)
+  end
+
+  private
+
+  def populate_table
+    @resources.each do |resource|
+      resource = resource.merge(resource[:properties])
+      @table << resource.merge(resource[:codePackages]).merge(resource[:networkRefs])
+    end
+  end
+end
@@ -0,0 +1,11 @@
+resource_group = input(:resource_group, value: '')
+
+control 'test the properties of an Azure Service Fabric Mesh Service' do
+  describe azure_service_fabric_mesh_service(resource_group: resource_group, name: 'fabric-svc') do
+    it { should exist }
+    its('name') { should eq 'fabric-svc' }
+    its('replicaCount') { should eq '2' }
+    its('type') { should eq 'Microsoft.ServiceFabricMesh/services' }
+    its('healthState') { should eq 'Ok' }
+  end
+end
@@ -0,0 +1,11 @@
+resource_group = input(:resource_group, value: '')
+
+control 'test the properties of all Azure Service Fabric Mesh Services' do
+  describe azure_service_fabric_mesh_services(resource_group: resource_group) do
+    it { should exist }
+    its('names') { should include 'fabric-svc' }
+    its('replicaCounts') { should include '2' }
+    its('types') { should include 'Microsoft.ServiceFabricMesh/services' }
+    its('healthStates') { should include 'Ok' }
+  end
+end
@@ -0,0 +1,17 @@
+require_relative 'helper'
+require 'azure_service_fabric_mesh_service'
+
+class AzureServiceFabricMeshServiceConstructorTest < Minitest::Test
+  def test_empty_param_not_ok
+    assert_raises(ArgumentError) { AzureServiceFabricMeshService.new }
+  end
+
+  # resource_provider should not be allowed.
+  def test_resource_provider_not_ok
+    assert_raises(ArgumentError) { AzureServiceFabricMeshService.new(resource_provider: 'some_type') }
+  end
+
+  def test_resource_group_name_alone_not_ok
+    assert_raises(ArgumentError) { AzureServiceFabricMeshService.new(resource_group: 'test') }
+  end
+end
@@ -0,0 +1,21 @@
+require_relative 'helper'
+require 'azure_service_fabric_mesh_services'
+
+class AzureServiceFabricMeshServicesConstructorTest < Minitest::Test
+  # resource_type should not be allowed.
+  def test_resource_type_not_ok
+    assert_raises(ArgumentError) { AzureServiceFabricMeshServices.new(resource_provider: 'some_type') }
+  end
+
+  def tag_value_not_ok
+    assert_raises(ArgumentError) { AzureServiceFabricMeshServices.new(tag_value: 'some_tag_value') }
+  end
+
+  def tag_name_not_ok
+    assert_raises(ArgumentError) { AzureServiceFabricMeshServices.new(tag_name: 'some_tag_name') }
+  end
+
+  def test_name_not_ok
+    assert_raises(ArgumentError) { AzureServiceFabricMeshServices.new(name: 'some_name') }
+  end
+end