Skip to content

Latest commit

 

History

History
80 lines (61 loc) · 3.31 KB

azure_subnets.md

File metadata and controls

80 lines (61 loc) · 3.31 KB
Raw
title platform
About the azure_subnets Resource
azure

azure_subnets

Use the azure_subnets InSpec audit resource to test properties related to subnets of a virtual network.

Azure REST API version, endpoint and http client parameters

This resource interacts with api versions supported by the resource provider. The api_version can be defined as a resource parameter. If not provided, the latest version will be used. For more information, refer to azure_generic_resource.

Unless defined, azure_cloud global endpoint, and default values for the http client will be used. For more information, refer to the resource pack README.

Availability

Installation

This resource is available in the InSpec Azure resource pack. For an example inspec.yml file and how to set up your Azure credentials, refer to resource pack README.

Syntax

The resource_group and vnet must be given as a parameter.

describe azure_subnets(resource_group: 'MyResourceGroup', vnet: 'MyVnetName') do
  #...
end

Parameters

Name Description
resource_group Azure resource group that the targeted resource resides in. MyResourceGroup
vnet The virtual network that the subnet that you wish to test is a part of.

Properties

Property Description Filter Criteria*
ids A list of the unique resource ids. id
names A list of all the resources being interrogated. name
etags A list of etags defined on the resources. etag

* For information on how to use filter criteria on plural resources refer to FilterTable usage.

Examples

Exists if Any Subnets Exist for a Given Virtual Network in the Resource Group

describe azure_subnets(resource_group: 'MyResourceGroup', vnet: 'MyVnetName') do
  it { should exist }
end

Filters the Results to Only Those that Match the Given Name

describe azure_subnets(resource_group: 'MyResourceGroup', vnet: 'MyVnetName')
  .where(name: 'MySubnet') do
  it { should exist }
end

Matchers

This InSpec audit resource has the following special matchers. For a full list of available matchers, please visit our Universal Matchers page.

exists

# Should not exist if no subnets are in the virtual network
describe azure_subnets(resource_group: 'MyResourceGroup', vnet: 'MyVnetName') do
  it { should_not exist }
end

Azure Permissions

Your Service Principal must be setup with a contributor role on the subscription you wish to test.