Skip to content

Latest commit

 

History

History
143 lines (93 loc) · 3.93 KB

azurerm_application_gateways.md

File metadata and controls

143 lines (93 loc) · 3.93 KB
Raw
title platform
About the azurerm_application_gateways Resource
azure

WARNING This resource will be deprecated in InSpec Azure Resource Pack version 2. Please start using fully backward compatible azure_application_gateways InSpec audit resource.

azurerm_Load_balancers

Use the azurerm_application_gateways InSpec audit resource to test properties and configuration of Azure Application Gateways.

Azure REST API version

This resource interacts with version 2019-12-01 of the Azure Management API. For more information see the Official Azure Documentation.

At the moment, there doesn't appear to be a way to select the version of the Azure API docs. If you notice a newer version being referenced in the official documentation please open an issue or submit a pull request using the updated version.

Availability

Installation

This resource is available in the inspec-azure resource pack. To use it, add the following to your inspec.yml in your top-level profile:

depends:
  inspec-azure:
    git: https://github.com/inspec/inspec-azure.git

You'll also need to setup your Azure credentials; see the resource pack README.

Version

This resource first became available in 1.16.0 of the inspec-azure resource pack.

Syntax

An azurerm_application_gateways resource block returns all Azure Application Gateways, either within a Resource Group (if provided), or within an entire Subscription.

describe azurerm_application_gateways do
  ...
end

or

describe azurerm_application_gateways(resource_group: 'my-rg') do
  ...
end

Examples

The following examples show how to use this InSpec audit resource.

Check Application Gateways are present

describe azurerm_application_gateways do
  it            { should exist }
  its('names')  { should include 'my-appgw' }
end

Filter Criteria

  • names

names

Filters the results to include only those Application Gateways which match the given name. This is a string value.

describe azurerm_application_gateways.where{ name.eql?('production-appgw-5') } do
  it { should exist }
end
  • location

location

Filters the results to include only those Application Gateways which reside in a given location. This is a string value.

describe azurerm_application_gateways.where{ location.eql?('eastus') } do
  it { should exist }
end

Attributes

  • id
  • name
  • location
  • properties
  • type

ids

Azure resource ID.

names

Application Gateway name, e.g. my-appgw.

its('names') { should include 'my-appgw' }

SKU

SKU of Application Gateway. This is metadata used for the Azure portal experience.

locations

Resource location, e.g. eastus.

its('locations') { should_not include 'eastus' }

properties

A collection of additional configuration properties related to the Application Gateway, e.g. frontendIPConfigurations.

tag

Resource tags applied to the Application Gateway.

type

The type of Resource, typically Microsoft.Network/applicationGateways.

Matchers

This InSpec audit resource has the following special matchers. For a full list of available matchers, please visit our Universal Matchers page.

exists

The control will pass if the filter returns at least one result. Use should_not if you expect zero matches.

describe azurerm_application_gateways do
  it { should exist }
end

Azure Permissions

Your Service Principal must be setup with a contributor role on the subscription you wish to test.