diff --git a/docs/resources/google_compute_regions.md b/docs/resources/google_compute_regions.md index 36dff5b1a..626a01a24 100644 --- a/docs/resources/google_compute_regions.md +++ b/docs/resources/google_compute_regions.md @@ -12,7 +12,7 @@ describe google_compute_regions(project: 'chef-gcp-inspec') do its('count') { should be >= 1 } its('region_names') { should include "#{gcp_location}" } its('region_statuses') { should_not include "DOWN" } - its('region_ids') { should include gcp_region_id } + its('region_ids') { should include "1290" } end ``` diff --git a/docs/resources/google_compute_subnetwork_iam_policy.md b/docs/resources/google_compute_subnetwork_iam_policy.md index 38aba9d0c..64da00441 100644 --- a/docs/resources/google_compute_subnetwork_iam_policy.md +++ b/docs/resources/google_compute_subnetwork_iam_policy.md @@ -35,6 +35,10 @@ Properties that can be accessed from the `google_compute_subnetwork_iam_policy` * `audit_log_configs`: The configuration for logging of each type of permission. + * `log_type`: The log type that this config enables. For example, ADMIN_READ, DATA_WRITE or DATA_READ + + * `exempted_members`: Specifies the identities that do not cause logging for this type of permission. + ## GCP Permissions diff --git a/docs/resources/google_container_regional_cluster.md b/docs/resources/google_container_regional_cluster.md index 163d98bea..fcfe55c94 100644 --- a/docs/resources/google_container_regional_cluster.md +++ b/docs/resources/google_container_regional_cluster.md @@ -98,6 +98,8 @@ Properties that can be accessed from the `google_container_regional_cluster` res * `horizontal_pod_autoscaling`: Configuration for the horizontal pod autoscaling feature, which increases or decreases the number of replica pods a replication controller has based on the resource usage of the existing pods. + * `kubernetes_dashboard`: Configuration for the Kubernetes Dashboard. This addon is deprecated, and will be disabled in 1.15. It is recommended to use the Cloud Console to manage and monitor your Kubernetes clusters, workloads and applications. + * `network_policy_config`: Configuration for NetworkPolicy. This only tracks whether the addon is enabled or not on the Master, it does not track whether network policy is enabled for the nodes. * `subnetwork`: The name of the Google Compute Engine subnetwork to which the cluster is connected. @@ -174,6 +176,12 @@ Properties that can be accessed from the `google_container_regional_cluster` res * `message`: Human-friendly representation of the condition + * `master_authorized_networks_config`: Configuration for controlling how IPs are allocated in the cluster + + * `enabled`: Whether or not master authorized networks is enabled. + + * `cidr_blocks`: Define up to 50 external networks that could access Kubernetes master through HTTPS. + * `location`: The location where the cluster is deployed diff --git a/docs/resources/google_container_regional_clusters.md b/docs/resources/google_container_regional_clusters.md index b1127be64..3917f4432 100644 --- a/docs/resources/google_container_regional_clusters.md +++ b/docs/resources/google_container_regional_clusters.md @@ -52,6 +52,7 @@ See [google_container_regional_cluster.md](google_container_regional_cluster.md) * `enable_tpus`: an array of `google_container_regional_cluster` enable_tpu * `tpu_ipv4_cidr_blocks`: an array of `google_container_regional_cluster` tpu_ipv4_cidr_block * `conditions`: an array of `google_container_regional_cluster` conditions + * `master_authorized_networks_configs`: an array of `google_container_regional_cluster` master_authorized_networks_config * `locations`: an array of `google_container_regional_cluster` location ## Filter Criteria diff --git a/docs/resources/google_pubsub_subscription_iam_policy.md b/docs/resources/google_pubsub_subscription_iam_policy.md index 35a192094..a403d34a4 100644 --- a/docs/resources/google_pubsub_subscription_iam_policy.md +++ b/docs/resources/google_pubsub_subscription_iam_policy.md @@ -35,6 +35,10 @@ Properties that can be accessed from the `google_pubsub_subscription_iam_policy` * `audit_log_configs`: The configuration for logging of each type of permission. + * `log_type`: The log type that this config enables. For example, ADMIN_READ, DATA_WRITE or DATA_READ + + * `exempted_members`: Specifies the identities that do not cause logging for this type of permission. + ## GCP Permissions diff --git a/docs/resources/google_pubsub_topic_iam_policy.md b/docs/resources/google_pubsub_topic_iam_policy.md index 1b9d839c8..36ec4bc25 100644 --- a/docs/resources/google_pubsub_topic_iam_policy.md +++ b/docs/resources/google_pubsub_topic_iam_policy.md @@ -35,6 +35,10 @@ Properties that can be accessed from the `google_pubsub_topic_iam_policy` resour * `audit_log_configs`: The configuration for logging of each type of permission. + * `log_type`: The log type that this config enables. For example, ADMIN_READ, DATA_WRITE or DATA_READ + + * `exempted_members`: Specifies the identities that do not cause logging for this type of permission. + ## GCP Permissions diff --git a/docs/resources/google_resourcemanager_project_iam_policy.md b/docs/resources/google_resourcemanager_project_iam_policy.md new file mode 100644 index 000000000..65970c3a0 --- /dev/null +++ b/docs/resources/google_resourcemanager_project_iam_policy.md @@ -0,0 +1,46 @@ +--- +title: About the google_resourcemanager_project_iam_policy resource +platform: gcp +--- + +## Syntax +A `google_resourcemanager_project_iam_policy` is used to test a Google Project Iam Policy resource + +## Examples +``` +describe google_resourcemanager_project_iam_policy(project_id: "projectId") do + it { should exist } +end + +google_resourcemanager_project_iam_policy(project_id: "projectId").bindings.each do |binding| + describe binding do + its('role') { should eq 'roles/editor'} + its('members') { should include 'user:testuser@example.com'} + end +end +``` + +## Properties +Properties that can be accessed from the `google_resourcemanager_project_iam_policy` resource: + + * `bindings`: Associates a list of members to a role. + + * `role`: Role that is assigned to members. For example, roles/viewer, roles/editor, or roles/owner. + + * `members`: Specifies the identities requesting access for a Cloud Platform resource. + + * `audit_configs`: Specifies cloud audit logging configuration for this policy. + + * `service`: Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services. + + * `audit_log_configs`: The configuration for logging of each type of permission. + + * `log_type`: The log type that this config enables. For example, ADMIN_READ, DATA_WRITE or DATA_READ + + * `exempted_members`: Specifies the identities that do not cause logging for this type of permission. + + + +## GCP Permissions + +Ensure the [Cloud Resource Manager API](https://console.cloud.google.com/apis/library/cloudresourcemanager.googleapis.com/) is enabled for the current project. diff --git a/libraries/gcp_backend.rb b/libraries/gcp_backend.rb index 29dd6d88a..389f2b650 100644 --- a/libraries/gcp_backend.rb +++ b/libraries/gcp_backend.rb @@ -207,19 +207,20 @@ def fetch_auth Network::Authorization.new.from_application_default! end - def fetch(base_url, template, var_data) + def fetch(base_url, template, var_data, request_type = 'Get') get_request = Network::Base.new( build_uri(base_url, template, var_data), fetch_auth, + request_type, ) return_if_object get_request.send end - def fetch_all(base_url, template, var_data) - next_page(build_uri(base_url, template, var_data)) + def fetch_all(base_url, template, var_data, request_type = 'Get') + next_page(build_uri(base_url, template, var_data), request_type) end - def next_page(uri, token = nil) + def next_page(uri, request_type, token = nil) next_hash = {} next_hash['pageToken'] = token unless token.nil? current_params = Hash[URI.decode_www_form(uri.query || '')].merge(next_hash) @@ -227,12 +228,13 @@ def next_page(uri, token = nil) get_request = Network::Base.new( uri, fetch_auth, + request_type, ) result = JSON.parse(get_request.send.body) next_page_token = result['nextPageToken'] return [result] if next_page_token.nil? - [result] + next_page(uri, next_page_token) + [result] + next_page(uri, request_type, next_page_token) end def return_if_object(response) @@ -294,13 +296,14 @@ def expand_variables(template, var_data) # A handler for authenticated network request module Network class Base - def initialize(link, cred) + def initialize(link, cred, request_type) @link = link @cred = cred + @request_type = request_type end def builder - Net::HTTP.const_get('Get') + Net::HTTP.const_get(@request_type) end def send diff --git a/libraries/google/container/property/regionalcluster_addons_config.rb b/libraries/google/container/property/regionalcluster_addons_config.rb index 8d691cb0e..19f72e94b 100644 --- a/libraries/google/container/property/regionalcluster_addons_config.rb +++ b/libraries/google/container/property/regionalcluster_addons_config.rb @@ -15,6 +15,7 @@ # ---------------------------------------------------------------------------- require 'google/container/property/regionalcluster_addons_config_horizontal_pod_autoscaling' require 'google/container/property/regionalcluster_addons_config_http_load_balancing' +require 'google/container/property/regionalcluster_addons_config_kubernetes_dashboard' require 'google/container/property/regionalcluster_addons_config_network_policy_config' module GoogleInSpec module Container @@ -24,6 +25,8 @@ class RegionalClusterAddonsConfig attr_reader :horizontal_pod_autoscaling + attr_reader :kubernetes_dashboard + attr_reader :network_policy_config def initialize(args = nil, parent_identifier = nil) @@ -31,6 +34,7 @@ def initialize(args = nil, parent_identifier = nil) @parent_identifier = parent_identifier @http_load_balancing = GoogleInSpec::Container::Property::RegionalClusterAddonsConfigHttpLoadBalancing.new(args['httpLoadBalancing'], to_s) @horizontal_pod_autoscaling = GoogleInSpec::Container::Property::RegionalClusterAddonsConfigHorizontalPodAutoscaling.new(args['horizontalPodAutoscaling'], to_s) + @kubernetes_dashboard = GoogleInSpec::Container::Property::RegionalClusterAddonsConfigKubernetesDashboard.new(args['kubernetesDashboard'], to_s) @network_policy_config = GoogleInSpec::Container::Property::RegionalClusterAddonsConfigNetworkPolicyConfig.new(args['networkPolicyConfig'], to_s) end diff --git a/libraries/google/container/property/regionalcluster_addons_config_kubernetes_dashboard.rb b/libraries/google/container/property/regionalcluster_addons_config_kubernetes_dashboard.rb new file mode 100644 index 000000000..af2ccd01c --- /dev/null +++ b/libraries/google/container/property/regionalcluster_addons_config_kubernetes_dashboard.rb @@ -0,0 +1,34 @@ +# frozen_string_literal: false + +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file in README.md and +# CONTRIBUTING.md located at the root of this package. +# +# ---------------------------------------------------------------------------- +module GoogleInSpec + module Container + module Property + class RegionalClusterAddonsConfigKubernetesDashboard + attr_reader :disabled + + def initialize(args = nil, parent_identifier = nil) + return if args.nil? + @parent_identifier = parent_identifier + @disabled = args['disabled'] + end + + def to_s + "#{@parent_identifier} RegionalClusterAddonsConfigKubernetesDashboard" + end + end + end + end +end diff --git a/libraries/google/container/property/regionalcluster_master_authorized_networks_config.rb b/libraries/google/container/property/regionalcluster_master_authorized_networks_config.rb new file mode 100644 index 000000000..a84d0f462 --- /dev/null +++ b/libraries/google/container/property/regionalcluster_master_authorized_networks_config.rb @@ -0,0 +1,38 @@ +# frozen_string_literal: false + +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file in README.md and +# CONTRIBUTING.md located at the root of this package. +# +# ---------------------------------------------------------------------------- +require 'google/container/property/regionalcluster_master_authorized_networks_config_cidr_blocks' +module GoogleInSpec + module Container + module Property + class RegionalClusterMasterAuthorizedNetworksConfig + attr_reader :enabled + + attr_reader :cidr_blocks + + def initialize(args = nil, parent_identifier = nil) + return if args.nil? + @parent_identifier = parent_identifier + @enabled = args['enabled'] + @cidr_blocks = GoogleInSpec::Container::Property::RegionalClusterMasterAuthorizedNetworksConfigCidrBlocksArray.parse(args['cidrBlocks'], to_s) + end + + def to_s + "#{@parent_identifier} RegionalClusterMasterAuthorizedNetworksConfig" + end + end + end + end +end diff --git a/libraries/google/container/property/regionalcluster_master_authorized_networks_config_cidr_blocks.rb b/libraries/google/container/property/regionalcluster_master_authorized_networks_config_cidr_blocks.rb new file mode 100644 index 000000000..56152446d --- /dev/null +++ b/libraries/google/container/property/regionalcluster_master_authorized_networks_config_cidr_blocks.rb @@ -0,0 +1,45 @@ +# frozen_string_literal: false + +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file in README.md and +# CONTRIBUTING.md located at the root of this package. +# +# ---------------------------------------------------------------------------- +module GoogleInSpec + module Container + module Property + class RegionalClusterMasterAuthorizedNetworksConfigCidrBlocks + attr_reader :display_name + + attr_reader :cidr_block + + def initialize(args = nil, parent_identifier = nil) + return if args.nil? + @parent_identifier = parent_identifier + @display_name = args['displayName'] + @cidr_block = args['cidrBlock'] + end + + def to_s + "#{@parent_identifier} RegionalClusterMasterAuthorizedNetworksConfigCidrBlocks" + end + end + + class RegionalClusterMasterAuthorizedNetworksConfigCidrBlocksArray + def self.parse(value, parent_identifier) + return if value.nil? + return RegionalClusterMasterAuthorizedNetworksConfigCidrBlocks.new(value, parent_identifier) unless value.is_a?(::Array) + value.map { |v| RegionalClusterMasterAuthorizedNetworksConfigCidrBlocks.new(v, parent_identifier) } + end + end + end + end +end diff --git a/libraries/google_bigquery_dataset.rb b/libraries/google_bigquery_dataset.rb index 1d6386fe7..968212a5e 100644 --- a/libraries/google_bigquery_dataset.rb +++ b/libraries/google_bigquery_dataset.rb @@ -40,7 +40,7 @@ class Dataset < GcpResourceBase def initialize(params) super(params.merge({ use_http_transport: true })) @params = params - @fetched = @connection.fetch(product_url, resource_base_url, params) + @fetched = @connection.fetch(product_url, resource_base_url, params, 'Get') parse unless @fetched.nil? end diff --git a/libraries/google_bigquery_datasets.rb b/libraries/google_bigquery_datasets.rb index 60ae1ed8f..1215bfb14 100644 --- a/libraries/google_bigquery_datasets.rb +++ b/libraries/google_bigquery_datasets.rb @@ -41,7 +41,7 @@ def initialize(params = {}) def fetch_wrapped_resource(wrap_path) # fetch_resource returns an array of responses (to handle pagination) - result = @connection.fetch_all(product_url, resource_base_url, @params) + result = @connection.fetch_all(product_url, resource_base_url, @params, 'Get') return if result.nil? # Conversion of string -> object hash to symbol -> object hash that InSpec needs diff --git a/libraries/google_bigquery_table.rb b/libraries/google_bigquery_table.rb index 48124bcac..f8bbb91f0 100644 --- a/libraries/google_bigquery_table.rb +++ b/libraries/google_bigquery_table.rb @@ -64,7 +64,7 @@ class Table < GcpResourceBase def initialize(params) super(params.merge({ use_http_transport: true })) @params = params - @fetched = @connection.fetch(product_url, resource_base_url, params) + @fetched = @connection.fetch(product_url, resource_base_url, params, 'Get') parse unless @fetched.nil? end diff --git a/libraries/google_bigquery_tables.rb b/libraries/google_bigquery_tables.rb index 1442960cb..4fe2efbe1 100644 --- a/libraries/google_bigquery_tables.rb +++ b/libraries/google_bigquery_tables.rb @@ -55,7 +55,7 @@ def initialize(params = {}) def fetch_wrapped_resource(wrap_path) # fetch_resource returns an array of responses (to handle pagination) - result = @connection.fetch_all(product_url, resource_base_url, @params) + result = @connection.fetch_all(product_url, resource_base_url, @params, 'Get') return if result.nil? # Conversion of string -> object hash to symbol -> object hash that InSpec needs diff --git a/libraries/google_cloudbuild_trigger.rb b/libraries/google_cloudbuild_trigger.rb index 0153cd7ff..553efc230 100644 --- a/libraries/google_cloudbuild_trigger.rb +++ b/libraries/google_cloudbuild_trigger.rb @@ -39,7 +39,7 @@ class Trigger < GcpResourceBase def initialize(params) super(params.merge({ use_http_transport: true })) @params = params - @fetched = @connection.fetch(product_url, resource_base_url, params) + @fetched = @connection.fetch(product_url, resource_base_url, params, 'Get') parse unless @fetched.nil? end diff --git a/libraries/google_cloudbuild_triggers.rb b/libraries/google_cloudbuild_triggers.rb index 3a66e2c83..3d89f1192 100644 --- a/libraries/google_cloudbuild_triggers.rb +++ b/libraries/google_cloudbuild_triggers.rb @@ -44,7 +44,7 @@ def initialize(params = {}) def fetch_wrapped_resource(wrap_path) # fetch_resource returns an array of responses (to handle pagination) - result = @connection.fetch_all(product_url, resource_base_url, @params) + result = @connection.fetch_all(product_url, resource_base_url, @params, 'Get') return if result.nil? # Conversion of string -> object hash to symbol -> object hash that InSpec needs diff --git a/libraries/google_cloudfunctions_cloud_function.rb b/libraries/google_cloudfunctions_cloud_function.rb index 78a57e2f5..09a4b890c 100644 --- a/libraries/google_cloudfunctions_cloud_function.rb +++ b/libraries/google_cloudfunctions_cloud_function.rb @@ -47,7 +47,7 @@ class CloudFunction < GcpResourceBase def initialize(params) super(params.merge({ use_http_transport: true })) @params = params - @fetched = @connection.fetch(product_url, resource_base_url, params) + @fetched = @connection.fetch(product_url, resource_base_url, params, 'Get') parse unless @fetched.nil? end diff --git a/libraries/google_cloudfunctions_cloud_functions.rb b/libraries/google_cloudfunctions_cloud_functions.rb index df0928a04..ceb2c8c75 100644 --- a/libraries/google_cloudfunctions_cloud_functions.rb +++ b/libraries/google_cloudfunctions_cloud_functions.rb @@ -52,7 +52,7 @@ def initialize(params = {}) def fetch_wrapped_resource(wrap_path) # fetch_resource returns an array of responses (to handle pagination) - result = @connection.fetch_all(product_url, resource_base_url, @params) + result = @connection.fetch_all(product_url, resource_base_url, @params, 'Get') return if result.nil? # Conversion of string -> object hash to symbol -> object hash that InSpec needs diff --git a/libraries/google_compute_autoscaler.rb b/libraries/google_compute_autoscaler.rb index 38c375f1d..c44e2bc8d 100644 --- a/libraries/google_compute_autoscaler.rb +++ b/libraries/google_compute_autoscaler.rb @@ -37,7 +37,7 @@ class Autoscaler < GcpResourceBase def initialize(params) super(params.merge({ use_http_transport: true })) @params = params - @fetched = @connection.fetch(product_url, resource_base_url, params) + @fetched = @connection.fetch(product_url, resource_base_url, params, 'Get') parse unless @fetched.nil? end diff --git a/libraries/google_compute_autoscalers.rb b/libraries/google_compute_autoscalers.rb index 951e153bf..885f39c6d 100644 --- a/libraries/google_compute_autoscalers.rb +++ b/libraries/google_compute_autoscalers.rb @@ -41,7 +41,7 @@ def initialize(params = {}) def fetch_wrapped_resource(wrap_path) # fetch_resource returns an array of responses (to handle pagination) - result = @connection.fetch_all(product_url, resource_base_url, @params) + result = @connection.fetch_all(product_url, resource_base_url, @params, 'Get') return if result.nil? # Conversion of string -> object hash to symbol -> object hash that InSpec needs diff --git a/libraries/google_compute_backend_bucket.rb b/libraries/google_compute_backend_bucket.rb index 8e58bbc40..f5517e99f 100644 --- a/libraries/google_compute_backend_bucket.rb +++ b/libraries/google_compute_backend_bucket.rb @@ -34,7 +34,7 @@ class BackendBucket < GcpResourceBase def initialize(params) super(params.merge({ use_http_transport: true })) @params = params - @fetched = @connection.fetch(product_url, resource_base_url, params) + @fetched = @connection.fetch(product_url, resource_base_url, params, 'Get') parse unless @fetched.nil? end diff --git a/libraries/google_compute_backend_buckets.rb b/libraries/google_compute_backend_buckets.rb index 5fa1d5c25..1249c0ab2 100644 --- a/libraries/google_compute_backend_buckets.rb +++ b/libraries/google_compute_backend_buckets.rb @@ -41,7 +41,7 @@ def initialize(params = {}) def fetch_wrapped_resource(wrap_path) # fetch_resource returns an array of responses (to handle pagination) - result = @connection.fetch_all(product_url, resource_base_url, @params) + result = @connection.fetch_all(product_url, resource_base_url, @params, 'Get') return if result.nil? # Conversion of string -> object hash to symbol -> object hash that InSpec needs diff --git a/libraries/google_compute_backend_service.rb b/libraries/google_compute_backend_service.rb index 9f884d9ab..f865dd2f3 100644 --- a/libraries/google_compute_backend_service.rb +++ b/libraries/google_compute_backend_service.rb @@ -49,7 +49,7 @@ class BackendService < GcpResourceBase def initialize(params) super(params.merge({ use_http_transport: true })) @params = params - @fetched = @connection.fetch(product_url, resource_base_url, params) + @fetched = @connection.fetch(product_url, resource_base_url, params, 'Get') parse unless @fetched.nil? end diff --git a/libraries/google_compute_backend_services.rb b/libraries/google_compute_backend_services.rb index b8f38b3f6..7682ca7ab 100644 --- a/libraries/google_compute_backend_services.rb +++ b/libraries/google_compute_backend_services.rb @@ -52,7 +52,7 @@ def initialize(params = {}) def fetch_wrapped_resource(wrap_path) # fetch_resource returns an array of responses (to handle pagination) - result = @connection.fetch_all(product_url, resource_base_url, @params) + result = @connection.fetch_all(product_url, resource_base_url, @params, 'Get') return if result.nil? # Conversion of string -> object hash to symbol -> object hash that InSpec needs diff --git a/libraries/google_compute_disk.rb b/libraries/google_compute_disk.rb index 32c268c48..9f5fafce9 100644 --- a/libraries/google_compute_disk.rb +++ b/libraries/google_compute_disk.rb @@ -50,7 +50,7 @@ class Disk < GcpResourceBase def initialize(params) super(params.merge({ use_http_transport: true })) @params = params - @fetched = @connection.fetch(product_url, resource_base_url, params) + @fetched = @connection.fetch(product_url, resource_base_url, params, 'Get') parse unless @fetched.nil? end diff --git a/libraries/google_compute_disks.rb b/libraries/google_compute_disks.rb index fb962254b..9d5f5ae2e 100644 --- a/libraries/google_compute_disks.rb +++ b/libraries/google_compute_disks.rb @@ -55,7 +55,7 @@ def initialize(params = {}) def fetch_wrapped_resource(wrap_path) # fetch_resource returns an array of responses (to handle pagination) - result = @connection.fetch_all(product_url, resource_base_url, @params) + result = @connection.fetch_all(product_url, resource_base_url, @params, 'Get') return if result.nil? # Conversion of string -> object hash to symbol -> object hash that InSpec needs diff --git a/libraries/google_compute_global_address.rb b/libraries/google_compute_global_address.rb index c8f2a005d..8343eb24c 100644 --- a/libraries/google_compute_global_address.rb +++ b/libraries/google_compute_global_address.rb @@ -37,7 +37,7 @@ class GlobalAddress < GcpResourceBase def initialize(params) super(params.merge({ use_http_transport: true })) @params = params - @fetched = @connection.fetch(product_url, resource_base_url, params) + @fetched = @connection.fetch(product_url, resource_base_url, params, 'Get') parse unless @fetched.nil? end diff --git a/libraries/google_compute_global_addresses.rb b/libraries/google_compute_global_addresses.rb index 43edbc236..dca8ebb7e 100644 --- a/libraries/google_compute_global_addresses.rb +++ b/libraries/google_compute_global_addresses.rb @@ -45,7 +45,7 @@ def initialize(params = {}) def fetch_wrapped_resource(wrap_path) # fetch_resource returns an array of responses (to handle pagination) - result = @connection.fetch_all(product_url, resource_base_url, @params) + result = @connection.fetch_all(product_url, resource_base_url, @params, 'Get') return if result.nil? # Conversion of string -> object hash to symbol -> object hash that InSpec needs diff --git a/libraries/google_compute_global_forwarding_rule.rb b/libraries/google_compute_global_forwarding_rule.rb index 44ef3f7ab..4528cecbb 100644 --- a/libraries/google_compute_global_forwarding_rule.rb +++ b/libraries/google_compute_global_forwarding_rule.rb @@ -37,7 +37,7 @@ class GlobalForwardingRule < GcpResourceBase def initialize(params) super(params.merge({ use_http_transport: true })) @params = params - @fetched = @connection.fetch(product_url, resource_base_url, params) + @fetched = @connection.fetch(product_url, resource_base_url, params, 'Get') parse unless @fetched.nil? end diff --git a/libraries/google_compute_global_forwarding_rules.rb b/libraries/google_compute_global_forwarding_rules.rb index 197107f47..b4d3d5c56 100644 --- a/libraries/google_compute_global_forwarding_rules.rb +++ b/libraries/google_compute_global_forwarding_rules.rb @@ -45,7 +45,7 @@ def initialize(params = {}) def fetch_wrapped_resource(wrap_path) # fetch_resource returns an array of responses (to handle pagination) - result = @connection.fetch_all(product_url, resource_base_url, @params) + result = @connection.fetch_all(product_url, resource_base_url, @params, 'Get') return if result.nil? # Conversion of string -> object hash to symbol -> object hash that InSpec needs diff --git a/libraries/google_compute_health_check.rb b/libraries/google_compute_health_check.rb index 106e76996..b72cc5962 100644 --- a/libraries/google_compute_health_check.rb +++ b/libraries/google_compute_health_check.rb @@ -43,7 +43,7 @@ class HealthCheck < GcpResourceBase def initialize(params) super(params.merge({ use_http_transport: true })) @params = params - @fetched = @connection.fetch(product_url, resource_base_url, params) + @fetched = @connection.fetch(product_url, resource_base_url, params, 'Get') parse unless @fetched.nil? end diff --git a/libraries/google_compute_health_checks.rb b/libraries/google_compute_health_checks.rb index f95e5d53c..7e6509402 100644 --- a/libraries/google_compute_health_checks.rb +++ b/libraries/google_compute_health_checks.rb @@ -47,7 +47,7 @@ def initialize(params = {}) def fetch_wrapped_resource(wrap_path) # fetch_resource returns an array of responses (to handle pagination) - result = @connection.fetch_all(product_url, resource_base_url, @params) + result = @connection.fetch_all(product_url, resource_base_url, @params, 'Get') return if result.nil? # Conversion of string -> object hash to symbol -> object hash that InSpec needs diff --git a/libraries/google_compute_http_health_check.rb b/libraries/google_compute_http_health_check.rb index 0eb24f485..f53dae187 100644 --- a/libraries/google_compute_http_health_check.rb +++ b/libraries/google_compute_http_health_check.rb @@ -37,7 +37,7 @@ class HttpHealthCheck < GcpResourceBase def initialize(params) super(params.merge({ use_http_transport: true })) @params = params - @fetched = @connection.fetch(product_url, resource_base_url, params) + @fetched = @connection.fetch(product_url, resource_base_url, params, 'Get') parse unless @fetched.nil? end diff --git a/libraries/google_compute_http_health_checks.rb b/libraries/google_compute_http_health_checks.rb index 64c5a6c81..888634d9a 100644 --- a/libraries/google_compute_http_health_checks.rb +++ b/libraries/google_compute_http_health_checks.rb @@ -45,7 +45,7 @@ def initialize(params = {}) def fetch_wrapped_resource(wrap_path) # fetch_resource returns an array of responses (to handle pagination) - result = @connection.fetch_all(product_url, resource_base_url, @params) + result = @connection.fetch_all(product_url, resource_base_url, @params, 'Get') return if result.nil? # Conversion of string -> object hash to symbol -> object hash that InSpec needs diff --git a/libraries/google_compute_https_health_check.rb b/libraries/google_compute_https_health_check.rb index fd8d76bdc..91326145d 100644 --- a/libraries/google_compute_https_health_check.rb +++ b/libraries/google_compute_https_health_check.rb @@ -37,7 +37,7 @@ class HttpsHealthCheck < GcpResourceBase def initialize(params) super(params.merge({ use_http_transport: true })) @params = params - @fetched = @connection.fetch(product_url, resource_base_url, params) + @fetched = @connection.fetch(product_url, resource_base_url, params, 'Get') parse unless @fetched.nil? end diff --git a/libraries/google_compute_https_health_checks.rb b/libraries/google_compute_https_health_checks.rb index 8576ef71c..5d6ad9c91 100644 --- a/libraries/google_compute_https_health_checks.rb +++ b/libraries/google_compute_https_health_checks.rb @@ -45,7 +45,7 @@ def initialize(params = {}) def fetch_wrapped_resource(wrap_path) # fetch_resource returns an array of responses (to handle pagination) - result = @connection.fetch_all(product_url, resource_base_url, @params) + result = @connection.fetch_all(product_url, resource_base_url, @params, 'Get') return if result.nil? # Conversion of string -> object hash to symbol -> object hash that InSpec needs diff --git a/libraries/google_compute_instance_group_manager.rb b/libraries/google_compute_instance_group_manager.rb index b1797b919..3eb5cb81f 100644 --- a/libraries/google_compute_instance_group_manager.rb +++ b/libraries/google_compute_instance_group_manager.rb @@ -41,7 +41,7 @@ class InstanceGroupManager < GcpResourceBase def initialize(params) super(params.merge({ use_http_transport: true })) @params = params - @fetched = @connection.fetch(product_url, resource_base_url, params) + @fetched = @connection.fetch(product_url, resource_base_url, params, 'Get') parse unless @fetched.nil? end diff --git a/libraries/google_compute_instance_group_managers.rb b/libraries/google_compute_instance_group_managers.rb index 0a4bee4e4..f0f407cc1 100644 --- a/libraries/google_compute_instance_group_managers.rb +++ b/libraries/google_compute_instance_group_managers.rb @@ -47,7 +47,7 @@ def initialize(params = {}) def fetch_wrapped_resource(wrap_path) # fetch_resource returns an array of responses (to handle pagination) - result = @connection.fetch_all(product_url, resource_base_url, @params) + result = @connection.fetch_all(product_url, resource_base_url, @params, 'Get') return if result.nil? # Conversion of string -> object hash to symbol -> object hash that InSpec needs diff --git a/libraries/google_compute_instance_template.rb b/libraries/google_compute_instance_template.rb index 8ad45a23d..23da37294 100644 --- a/libraries/google_compute_instance_template.rb +++ b/libraries/google_compute_instance_template.rb @@ -38,7 +38,7 @@ class InstanceTemplate < GcpResourceBase def initialize(params) super(params.merge({ use_http_transport: true })) @params = params - @fetched = @connection.fetch(product_url, resource_base_url, params) + @fetched = @connection.fetch(product_url, resource_base_url, params, 'Get') parse unless @fetched.nil? end diff --git a/libraries/google_compute_instance_templates.rb b/libraries/google_compute_instance_templates.rb index 53c6cfe26..63156b983 100644 --- a/libraries/google_compute_instance_templates.rb +++ b/libraries/google_compute_instance_templates.rb @@ -39,7 +39,7 @@ def initialize(params = {}) def fetch_wrapped_resource(wrap_path) # fetch_resource returns an array of responses (to handle pagination) - result = @connection.fetch_all(product_url, resource_base_url, @params) + result = @connection.fetch_all(product_url, resource_base_url, @params, 'Get') return if result.nil? # Conversion of string -> object hash to symbol -> object hash that InSpec needs diff --git a/libraries/google_compute_region.rb b/libraries/google_compute_region.rb index 8b2fb8bb8..2f4759bf1 100644 --- a/libraries/google_compute_region.rb +++ b/libraries/google_compute_region.rb @@ -36,7 +36,7 @@ class Region < GcpResourceBase def initialize(params) super(params.merge({ use_http_transport: true })) @params = params - @fetched = @connection.fetch(product_url, resource_base_url, params) + @fetched = @connection.fetch(product_url, resource_base_url, params, 'Get') parse unless @fetched.nil? end diff --git a/libraries/google_compute_region_backend_service.rb b/libraries/google_compute_region_backend_service.rb index 259815db0..5497e9632 100644 --- a/libraries/google_compute_region_backend_service.rb +++ b/libraries/google_compute_region_backend_service.rb @@ -39,7 +39,7 @@ class RegionBackendService < GcpResourceBase def initialize(params) super(params.merge({ use_http_transport: true })) @params = params - @fetched = @connection.fetch(product_url, resource_base_url, params) + @fetched = @connection.fetch(product_url, resource_base_url, params, 'Get') parse unless @fetched.nil? end diff --git a/libraries/google_compute_region_backend_services.rb b/libraries/google_compute_region_backend_services.rb index 740e16bda..a38a73ec2 100644 --- a/libraries/google_compute_region_backend_services.rb +++ b/libraries/google_compute_region_backend_services.rb @@ -45,7 +45,7 @@ def initialize(params = {}) def fetch_wrapped_resource(wrap_path) # fetch_resource returns an array of responses (to handle pagination) - result = @connection.fetch_all(product_url, resource_base_url, @params) + result = @connection.fetch_all(product_url, resource_base_url, @params, 'Get') return if result.nil? # Conversion of string -> object hash to symbol -> object hash that InSpec needs diff --git a/libraries/google_compute_regions.rb b/libraries/google_compute_regions.rb index feceb6469..71fe28b35 100644 --- a/libraries/google_compute_regions.rb +++ b/libraries/google_compute_regions.rb @@ -42,7 +42,7 @@ def initialize(params = {}) def fetch_wrapped_resource(wrap_path) # fetch_resource returns an array of responses (to handle pagination) - result = @connection.fetch_all(product_url, resource_base_url, @params) + result = @connection.fetch_all(product_url, resource_base_url, @params, 'Get') return if result.nil? # Conversion of string -> object hash to symbol -> object hash that InSpec needs diff --git a/libraries/google_compute_route.rb b/libraries/google_compute_route.rb index 0e28ff37e..25d89b426 100644 --- a/libraries/google_compute_route.rb +++ b/libraries/google_compute_route.rb @@ -37,7 +37,7 @@ class Route < GcpResourceBase def initialize(params) super(params.merge({ use_http_transport: true })) @params = params - @fetched = @connection.fetch(product_url, resource_base_url, params) + @fetched = @connection.fetch(product_url, resource_base_url, params, 'Get') parse unless @fetched.nil? end diff --git a/libraries/google_compute_router.rb b/libraries/google_compute_router.rb index 6f7a2f069..480bd7f81 100644 --- a/libraries/google_compute_router.rb +++ b/libraries/google_compute_router.rb @@ -35,7 +35,7 @@ class Router < GcpResourceBase def initialize(params) super(params.merge({ use_http_transport: true })) @params = params - @fetched = @connection.fetch(product_url, resource_base_url, params) + @fetched = @connection.fetch(product_url, resource_base_url, params, 'Get') parse unless @fetched.nil? end diff --git a/libraries/google_compute_routers.rb b/libraries/google_compute_routers.rb index 26ce1710b..e88612b54 100644 --- a/libraries/google_compute_routers.rb +++ b/libraries/google_compute_routers.rb @@ -41,7 +41,7 @@ def initialize(params = {}) def fetch_wrapped_resource(wrap_path) # fetch_resource returns an array of responses (to handle pagination) - result = @connection.fetch_all(product_url, resource_base_url, @params) + result = @connection.fetch_all(product_url, resource_base_url, @params, 'Get') return if result.nil? # Conversion of string -> object hash to symbol -> object hash that InSpec needs diff --git a/libraries/google_compute_routes.rb b/libraries/google_compute_routes.rb index 34446a7d4..22f18c6bb 100644 --- a/libraries/google_compute_routes.rb +++ b/libraries/google_compute_routes.rb @@ -45,7 +45,7 @@ def initialize(params = {}) def fetch_wrapped_resource(wrap_path) # fetch_resource returns an array of responses (to handle pagination) - result = @connection.fetch_all(product_url, resource_base_url, @params) + result = @connection.fetch_all(product_url, resource_base_url, @params, 'Get') return if result.nil? # Conversion of string -> object hash to symbol -> object hash that InSpec needs diff --git a/libraries/google_compute_snapshot.rb b/libraries/google_compute_snapshot.rb index 4244fb18a..2ae95d3d0 100644 --- a/libraries/google_compute_snapshot.rb +++ b/libraries/google_compute_snapshot.rb @@ -41,7 +41,7 @@ class Snapshot < GcpResourceBase def initialize(params) super(params.merge({ use_http_transport: true })) @params = params - @fetched = @connection.fetch(product_url, resource_base_url, params) + @fetched = @connection.fetch(product_url, resource_base_url, params, 'Get') parse unless @fetched.nil? end diff --git a/libraries/google_compute_snapshots.rb b/libraries/google_compute_snapshots.rb index 907dd4345..4e2892bca 100644 --- a/libraries/google_compute_snapshots.rb +++ b/libraries/google_compute_snapshots.rb @@ -47,7 +47,7 @@ def initialize(params = {}) def fetch_wrapped_resource(wrap_path) # fetch_resource returns an array of responses (to handle pagination) - result = @connection.fetch_all(product_url, resource_base_url, @params) + result = @connection.fetch_all(product_url, resource_base_url, @params, 'Get') return if result.nil? # Conversion of string -> object hash to symbol -> object hash that InSpec needs diff --git a/libraries/google_compute_ssl_certificate.rb b/libraries/google_compute_ssl_certificate.rb index 1fe030795..ce29978d8 100644 --- a/libraries/google_compute_ssl_certificate.rb +++ b/libraries/google_compute_ssl_certificate.rb @@ -32,7 +32,7 @@ class SslCertificate < GcpResourceBase def initialize(params) super(params.merge({ use_http_transport: true })) @params = params - @fetched = @connection.fetch(product_url, resource_base_url, params) + @fetched = @connection.fetch(product_url, resource_base_url, params, 'Get') parse unless @fetched.nil? end diff --git a/libraries/google_compute_ssl_certificates.rb b/libraries/google_compute_ssl_certificates.rb index ba3d09b9c..275fea69d 100644 --- a/libraries/google_compute_ssl_certificates.rb +++ b/libraries/google_compute_ssl_certificates.rb @@ -40,7 +40,7 @@ def initialize(params = {}) def fetch_wrapped_resource(wrap_path) # fetch_resource returns an array of responses (to handle pagination) - result = @connection.fetch_all(product_url, resource_base_url, @params) + result = @connection.fetch_all(product_url, resource_base_url, @params, 'Get') return if result.nil? # Conversion of string -> object hash to symbol -> object hash that InSpec needs diff --git a/libraries/google_compute_ssl_policies.rb b/libraries/google_compute_ssl_policies.rb index 85a02d748..8e5c79aa8 100644 --- a/libraries/google_compute_ssl_policies.rb +++ b/libraries/google_compute_ssl_policies.rb @@ -44,7 +44,7 @@ def initialize(params = {}) def fetch_wrapped_resource(wrap_path) # fetch_resource returns an array of responses (to handle pagination) - result = @connection.fetch_all(product_url, resource_base_url, @params) + result = @connection.fetch_all(product_url, resource_base_url, @params, 'Get') return if result.nil? # Conversion of string -> object hash to symbol -> object hash that InSpec needs diff --git a/libraries/google_compute_ssl_policy.rb b/libraries/google_compute_ssl_policy.rb index 59febb9f7..afddeaeac 100644 --- a/libraries/google_compute_ssl_policy.rb +++ b/libraries/google_compute_ssl_policy.rb @@ -37,7 +37,7 @@ class SslPolicy < GcpResourceBase def initialize(params) super(params.merge({ use_http_transport: true })) @params = params - @fetched = @connection.fetch(product_url, resource_base_url, params) + @fetched = @connection.fetch(product_url, resource_base_url, params, 'Get') parse unless @fetched.nil? end diff --git a/libraries/google_compute_subnetwork_iam_policy.rb b/libraries/google_compute_subnetwork_iam_policy.rb index cfdaf8443..f5c70fe93 100644 --- a/libraries/google_compute_subnetwork_iam_policy.rb +++ b/libraries/google_compute_subnetwork_iam_policy.rb @@ -30,7 +30,7 @@ class SubnetworkIamPolicy < GcpResourceBase def initialize(params) super(params.merge({ use_http_transport: true })) @params = params - @fetched = @connection.fetch(product_url, resource_base_url, params) + @fetched = @connection.fetch(product_url, resource_base_url, params, 'Get') parse unless @fetched.nil? end diff --git a/libraries/google_compute_target_http_proxies.rb b/libraries/google_compute_target_http_proxies.rb index 4e10faf98..3663c1780 100644 --- a/libraries/google_compute_target_http_proxies.rb +++ b/libraries/google_compute_target_http_proxies.rb @@ -39,7 +39,7 @@ def initialize(params = {}) def fetch_wrapped_resource(wrap_path) # fetch_resource returns an array of responses (to handle pagination) - result = @connection.fetch_all(product_url, resource_base_url, @params) + result = @connection.fetch_all(product_url, resource_base_url, @params, 'Get') return if result.nil? # Conversion of string -> object hash to symbol -> object hash that InSpec needs diff --git a/libraries/google_compute_target_http_proxy.rb b/libraries/google_compute_target_http_proxy.rb index eacc4dd74..9eb7206a4 100644 --- a/libraries/google_compute_target_http_proxy.rb +++ b/libraries/google_compute_target_http_proxy.rb @@ -31,7 +31,7 @@ class TargetHttpProxy < GcpResourceBase def initialize(params) super(params.merge({ use_http_transport: true })) @params = params - @fetched = @connection.fetch(product_url, resource_base_url, params) + @fetched = @connection.fetch(product_url, resource_base_url, params, 'Get') parse unless @fetched.nil? end diff --git a/libraries/google_compute_target_https_proxies.rb b/libraries/google_compute_target_https_proxies.rb index beb420b38..b3d4394a8 100644 --- a/libraries/google_compute_target_https_proxies.rb +++ b/libraries/google_compute_target_https_proxies.rb @@ -42,7 +42,7 @@ def initialize(params = {}) def fetch_wrapped_resource(wrap_path) # fetch_resource returns an array of responses (to handle pagination) - result = @connection.fetch_all(product_url, resource_base_url, @params) + result = @connection.fetch_all(product_url, resource_base_url, @params, 'Get') return if result.nil? # Conversion of string -> object hash to symbol -> object hash that InSpec needs diff --git a/libraries/google_compute_target_https_proxy.rb b/libraries/google_compute_target_https_proxy.rb index 59b497734..6c450e84a 100644 --- a/libraries/google_compute_target_https_proxy.rb +++ b/libraries/google_compute_target_https_proxy.rb @@ -34,7 +34,7 @@ class TargetHttpsProxy < GcpResourceBase def initialize(params) super(params.merge({ use_http_transport: true })) @params = params - @fetched = @connection.fetch(product_url, resource_base_url, params) + @fetched = @connection.fetch(product_url, resource_base_url, params, 'Get') parse unless @fetched.nil? end diff --git a/libraries/google_compute_target_pool.rb b/libraries/google_compute_target_pool.rb index 3b8ebb509..f84b061b4 100644 --- a/libraries/google_compute_target_pool.rb +++ b/libraries/google_compute_target_pool.rb @@ -36,7 +36,7 @@ class TargetPool < GcpResourceBase def initialize(params) super(params.merge({ use_http_transport: true })) @params = params - @fetched = @connection.fetch(product_url, resource_base_url, params) + @fetched = @connection.fetch(product_url, resource_base_url, params, 'Get') parse unless @fetched.nil? end diff --git a/libraries/google_compute_target_pools.rb b/libraries/google_compute_target_pools.rb index f0bef0ba0..e92d20149 100644 --- a/libraries/google_compute_target_pools.rb +++ b/libraries/google_compute_target_pools.rb @@ -44,7 +44,7 @@ def initialize(params = {}) def fetch_wrapped_resource(wrap_path) # fetch_resource returns an array of responses (to handle pagination) - result = @connection.fetch_all(product_url, resource_base_url, @params) + result = @connection.fetch_all(product_url, resource_base_url, @params, 'Get') return if result.nil? # Conversion of string -> object hash to symbol -> object hash that InSpec needs diff --git a/libraries/google_compute_target_tcp_proxies.rb b/libraries/google_compute_target_tcp_proxies.rb index a07c8108b..3d2fd64d9 100644 --- a/libraries/google_compute_target_tcp_proxies.rb +++ b/libraries/google_compute_target_tcp_proxies.rb @@ -40,7 +40,7 @@ def initialize(params = {}) def fetch_wrapped_resource(wrap_path) # fetch_resource returns an array of responses (to handle pagination) - result = @connection.fetch_all(product_url, resource_base_url, @params) + result = @connection.fetch_all(product_url, resource_base_url, @params, 'Get') return if result.nil? # Conversion of string -> object hash to symbol -> object hash that InSpec needs diff --git a/libraries/google_compute_target_tcp_proxy.rb b/libraries/google_compute_target_tcp_proxy.rb index c0049ec9b..aa9fcb749 100644 --- a/libraries/google_compute_target_tcp_proxy.rb +++ b/libraries/google_compute_target_tcp_proxy.rb @@ -32,7 +32,7 @@ class TargetTcpProxy < GcpResourceBase def initialize(params) super(params.merge({ use_http_transport: true })) @params = params - @fetched = @connection.fetch(product_url, resource_base_url, params) + @fetched = @connection.fetch(product_url, resource_base_url, params, 'Get') parse unless @fetched.nil? end diff --git a/libraries/google_compute_url_map.rb b/libraries/google_compute_url_map.rb index 79ace5f17..83b0374a8 100644 --- a/libraries/google_compute_url_map.rb +++ b/libraries/google_compute_url_map.rb @@ -38,7 +38,7 @@ class UrlMap < GcpResourceBase def initialize(params) super(params.merge({ use_http_transport: true })) @params = params - @fetched = @connection.fetch(product_url, resource_base_url, params) + @fetched = @connection.fetch(product_url, resource_base_url, params, 'Get') parse unless @fetched.nil? end diff --git a/libraries/google_compute_url_maps.rb b/libraries/google_compute_url_maps.rb index 407362fab..04965071c 100644 --- a/libraries/google_compute_url_maps.rb +++ b/libraries/google_compute_url_maps.rb @@ -43,7 +43,7 @@ def initialize(params = {}) def fetch_wrapped_resource(wrap_path) # fetch_resource returns an array of responses (to handle pagination) - result = @connection.fetch_all(product_url, resource_base_url, @params) + result = @connection.fetch_all(product_url, resource_base_url, @params, 'Get') return if result.nil? # Conversion of string -> object hash to symbol -> object hash that InSpec needs diff --git a/libraries/google_container_regional_cluster.rb b/libraries/google_container_regional_cluster.rb index 06ab4001f..97eba5dc9 100644 --- a/libraries/google_container_regional_cluster.rb +++ b/libraries/google_container_regional_cluster.rb @@ -17,6 +17,7 @@ require 'google/container/property/regionalcluster_addons_config' require 'google/container/property/regionalcluster_addons_config_horizontal_pod_autoscaling' require 'google/container/property/regionalcluster_addons_config_http_load_balancing' +require 'google/container/property/regionalcluster_addons_config_kubernetes_dashboard' require 'google/container/property/regionalcluster_addons_config_network_policy_config' require 'google/container/property/regionalcluster_conditions' require 'google/container/property/regionalcluster_default_max_pods_constraint' @@ -24,6 +25,8 @@ require 'google/container/property/regionalcluster_legacy_abac' require 'google/container/property/regionalcluster_master_auth' require 'google/container/property/regionalcluster_master_auth_client_certificate_config' +require 'google/container/property/regionalcluster_master_authorized_networks_config' +require 'google/container/property/regionalcluster_master_authorized_networks_config_cidr_blocks' require 'google/container/property/regionalcluster_network_policy' require 'google/container/property/regionalcluster_node_config' require 'google/container/property/regionalcluster_node_config_accelerators' @@ -70,12 +73,13 @@ class RegionalCluster < GcpResourceBase attr_reader :enable_tpu attr_reader :tpu_ipv4_cidr_block attr_reader :conditions + attr_reader :master_authorized_networks_config attr_reader :location def initialize(params) super(params.merge({ use_http_transport: true })) @params = params - @fetched = @connection.fetch(product_url, resource_base_url, params) + @fetched = @connection.fetch(product_url, resource_base_url, params, 'Get') parse unless @fetched.nil? end @@ -113,6 +117,7 @@ def parse @enable_tpu = @fetched['enableTpu'] @tpu_ipv4_cidr_block = @fetched['tpuIpv4CidrBlock'] @conditions = GoogleInSpec::Container::Property::RegionalClusterConditionsArray.parse(@fetched['conditions'], to_s) + @master_authorized_networks_config = GoogleInSpec::Container::Property::RegionalClusterMasterAuthorizedNetworksConfig.new(@fetched['masterAuthorizedNetworksConfig'], to_s) @location = @fetched['location'] end diff --git a/libraries/google_container_regional_clusters.rb b/libraries/google_container_regional_clusters.rb index c42f0ec1f..69a162879 100644 --- a/libraries/google_container_regional_clusters.rb +++ b/libraries/google_container_regional_clusters.rb @@ -56,6 +56,7 @@ class RegionalClusters < GcpResourceBase filter_table_config.add(:enable_tpus, field: :enable_tpu) filter_table_config.add(:tpu_ipv4_cidr_blocks, field: :tpu_ipv4_cidr_block) filter_table_config.add(:conditions, field: :conditions) + filter_table_config.add(:master_authorized_networks_configs, field: :master_authorized_networks_config) filter_table_config.add(:locations, field: :location) filter_table_config.connect(self, :table) @@ -68,7 +69,7 @@ def initialize(params = {}) def fetch_wrapped_resource(wrap_path) # fetch_resource returns an array of responses (to handle pagination) - result = @connection.fetch_all(product_url, resource_base_url, @params) + result = @connection.fetch_all(product_url, resource_base_url, @params, 'Get') return if result.nil? # Conversion of string -> object hash to symbol -> object hash that InSpec needs @@ -129,6 +130,7 @@ def transformers 'enableTpu' => ->(obj) { return :enable_tpu, obj['enableTpu'] }, 'tpuIpv4CidrBlock' => ->(obj) { return :tpu_ipv4_cidr_block, obj['tpuIpv4CidrBlock'] }, 'conditions' => ->(obj) { return :conditions, GoogleInSpec::Container::Property::RegionalClusterConditionsArray.parse(obj['conditions'], to_s) }, + 'masterAuthorizedNetworksConfig' => ->(obj) { return :master_authorized_networks_config, GoogleInSpec::Container::Property::RegionalClusterMasterAuthorizedNetworksConfig.new(obj['masterAuthorizedNetworksConfig'], to_s) }, 'location' => ->(obj) { return :location, obj['location'] }, } end diff --git a/libraries/google_container_regional_node_pool.rb b/libraries/google_container_regional_node_pool.rb index 18efe534a..ee6815c15 100644 --- a/libraries/google_container_regional_node_pool.rb +++ b/libraries/google_container_regional_node_pool.rb @@ -47,7 +47,7 @@ class RegionalNodePool < GcpResourceBase def initialize(params) super(params.merge({ use_http_transport: true })) @params = params - @fetched = @connection.fetch(product_url, resource_base_url, params) + @fetched = @connection.fetch(product_url, resource_base_url, params, 'Get') parse unless @fetched.nil? end diff --git a/libraries/google_container_regional_node_pools.rb b/libraries/google_container_regional_node_pools.rb index bc5108f0c..740a3f95f 100644 --- a/libraries/google_container_regional_node_pools.rb +++ b/libraries/google_container_regional_node_pools.rb @@ -47,7 +47,7 @@ def initialize(params = {}) def fetch_wrapped_resource(wrap_path) # fetch_resource returns an array of responses (to handle pagination) - result = @connection.fetch_all(product_url, resource_base_url, @params) + result = @connection.fetch_all(product_url, resource_base_url, @params, 'Get') return if result.nil? # Conversion of string -> object hash to symbol -> object hash that InSpec needs diff --git a/libraries/google_dns_resource_record_set.rb b/libraries/google_dns_resource_record_set.rb index 93a26067c..c4532a568 100644 --- a/libraries/google_dns_resource_record_set.rb +++ b/libraries/google_dns_resource_record_set.rb @@ -31,7 +31,7 @@ class ResourceRecordSet < GcpResourceBase def initialize(params) super(params.merge({ use_http_transport: true })) @params = params - fetched = @connection.fetch(product_url, resource_base_url, params) + fetched = @connection.fetch(product_url, resource_base_url, params, 'Get') @fetched = unwrap(fetched, params) parse unless @fetched.nil? end diff --git a/libraries/google_dns_resource_record_sets.rb b/libraries/google_dns_resource_record_sets.rb index ce288e71b..31bf32133 100644 --- a/libraries/google_dns_resource_record_sets.rb +++ b/libraries/google_dns_resource_record_sets.rb @@ -39,7 +39,7 @@ def initialize(params = {}) def fetch_wrapped_resource(wrap_path) # fetch_resource returns an array of responses (to handle pagination) - result = @connection.fetch_all(product_url, resource_base_url, @params) + result = @connection.fetch_all(product_url, resource_base_url, @params, 'Get') return if result.nil? # Conversion of string -> object hash to symbol -> object hash that InSpec needs diff --git a/libraries/google_logging_organization_log_sink.rb b/libraries/google_logging_organization_log_sink.rb index 4066a904a..ac4632e79 100644 --- a/libraries/google_logging_organization_log_sink.rb +++ b/libraries/google_logging_organization_log_sink.rb @@ -32,7 +32,7 @@ class OrganizationLogSink < GcpResourceBase def initialize(params) super(params.merge({ use_http_transport: true })) @params = params - @fetched = @connection.fetch(product_url, resource_base_url, params) + @fetched = @connection.fetch(product_url, resource_base_url, params, 'Get') parse unless @fetched.nil? end diff --git a/libraries/google_logging_organization_log_sinks.rb b/libraries/google_logging_organization_log_sinks.rb index 8d0a07538..28a5d7207 100644 --- a/libraries/google_logging_organization_log_sinks.rb +++ b/libraries/google_logging_organization_log_sinks.rb @@ -40,7 +40,7 @@ def initialize(params = {}) def fetch_wrapped_resource(wrap_path) # fetch_resource returns an array of responses (to handle pagination) - result = @connection.fetch_all(product_url, resource_base_url, @params) + result = @connection.fetch_all(product_url, resource_base_url, @params, 'Get') return if result.nil? # Conversion of string -> object hash to symbol -> object hash that InSpec needs diff --git a/libraries/google_pubsub_subscription.rb b/libraries/google_pubsub_subscription.rb index 6975ba247..2fadd60b5 100644 --- a/libraries/google_pubsub_subscription.rb +++ b/libraries/google_pubsub_subscription.rb @@ -36,7 +36,7 @@ class Subscription < GcpResourceBase def initialize(params) super(params.merge({ use_http_transport: true })) @params = params - @fetched = @connection.fetch(product_url, resource_base_url, params) + @fetched = @connection.fetch(product_url, resource_base_url, params, 'Get') parse unless @fetched.nil? end diff --git a/libraries/google_pubsub_subscription_iam_policy.rb b/libraries/google_pubsub_subscription_iam_policy.rb index 0b69b262a..73467b1cf 100644 --- a/libraries/google_pubsub_subscription_iam_policy.rb +++ b/libraries/google_pubsub_subscription_iam_policy.rb @@ -30,7 +30,7 @@ class SubscriptionIamPolicy < GcpResourceBase def initialize(params) super(params.merge({ use_http_transport: true })) @params = params - @fetched = @connection.fetch(product_url, resource_base_url, params) + @fetched = @connection.fetch(product_url, resource_base_url, params, 'Get') parse unless @fetched.nil? end diff --git a/libraries/google_pubsub_subscriptions.rb b/libraries/google_pubsub_subscriptions.rb index a07e976dd..818cad157 100644 --- a/libraries/google_pubsub_subscriptions.rb +++ b/libraries/google_pubsub_subscriptions.rb @@ -42,7 +42,7 @@ def initialize(params = {}) def fetch_wrapped_resource(wrap_path) # fetch_resource returns an array of responses (to handle pagination) - result = @connection.fetch_all(product_url, resource_base_url, @params) + result = @connection.fetch_all(product_url, resource_base_url, @params, 'Get') return if result.nil? # Conversion of string -> object hash to symbol -> object hash that InSpec needs diff --git a/libraries/google_pubsub_topic.rb b/libraries/google_pubsub_topic.rb index 26e9ed488..1e82242de 100644 --- a/libraries/google_pubsub_topic.rb +++ b/libraries/google_pubsub_topic.rb @@ -31,7 +31,7 @@ class Topic < GcpResourceBase def initialize(params) super(params.merge({ use_http_transport: true })) @params = params - @fetched = @connection.fetch(product_url, resource_base_url, params) + @fetched = @connection.fetch(product_url, resource_base_url, params, 'Get') parse unless @fetched.nil? end diff --git a/libraries/google_pubsub_topic_iam_policy.rb b/libraries/google_pubsub_topic_iam_policy.rb index 14571848f..cbc14d1d1 100644 --- a/libraries/google_pubsub_topic_iam_policy.rb +++ b/libraries/google_pubsub_topic_iam_policy.rb @@ -30,7 +30,7 @@ class TopicIamPolicy < GcpResourceBase def initialize(params) super(params.merge({ use_http_transport: true })) @params = params - @fetched = @connection.fetch(product_url, resource_base_url, params) + @fetched = @connection.fetch(product_url, resource_base_url, params, 'Get') parse unless @fetched.nil? end diff --git a/libraries/google_pubsub_topics.rb b/libraries/google_pubsub_topics.rb index de9c9b45a..8d39d4c77 100644 --- a/libraries/google_pubsub_topics.rb +++ b/libraries/google_pubsub_topics.rb @@ -38,7 +38,7 @@ def initialize(params = {}) def fetch_wrapped_resource(wrap_path) # fetch_resource returns an array of responses (to handle pagination) - result = @connection.fetch_all(product_url, resource_base_url, @params) + result = @connection.fetch_all(product_url, resource_base_url, @params, 'Get') return if result.nil? # Conversion of string -> object hash to symbol -> object hash that InSpec needs diff --git a/libraries/google_resourcemanager_folder.rb b/libraries/google_resourcemanager_folder.rb index e206d2cb9..7e9770858 100644 --- a/libraries/google_resourcemanager_folder.rb +++ b/libraries/google_resourcemanager_folder.rb @@ -31,7 +31,7 @@ class Folder < GcpResourceBase def initialize(params) super(params.merge({ use_http_transport: true })) @params = params - @fetched = @connection.fetch(product_url, resource_base_url, params) + @fetched = @connection.fetch(product_url, resource_base_url, params, 'Get') parse unless @fetched.nil? end diff --git a/libraries/google_resourcemanager_folders.rb b/libraries/google_resourcemanager_folders.rb index 9e46d9bcb..6ee2583f5 100644 --- a/libraries/google_resourcemanager_folders.rb +++ b/libraries/google_resourcemanager_folders.rb @@ -39,7 +39,7 @@ def initialize(params = {}) def fetch_wrapped_resource(wrap_path) # fetch_resource returns an array of responses (to handle pagination) - result = @connection.fetch_all(product_url, resource_base_url, @params) + result = @connection.fetch_all(product_url, resource_base_url, @params, 'Get') return if result.nil? # Conversion of string -> object hash to symbol -> object hash that InSpec needs diff --git a/libraries/google_resourcemanager_project_iam_policy.rb b/libraries/google_resourcemanager_project_iam_policy.rb new file mode 100644 index 000000000..5001739d6 --- /dev/null +++ b/libraries/google_resourcemanager_project_iam_policy.rb @@ -0,0 +1,59 @@ +# frozen_string_literal: false + +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** AUTO GENERATED CODE *** +# +# ---------------------------------------------------------------------------- +# +# This file is automatically generated by Magic Modules and manual +# changes will be clobbered when the file is regenerated. +# +# Please read more about how to change this file in README.md and +# CONTRIBUTING.md located at the root of this package. +# +# ---------------------------------------------------------------------------- +require 'gcp_backend' +require 'google/iam/property/iam_policy_audit_configs' +require 'google/iam/property/iam_policy_bindings' + +# A provider to manage Resource Manager IAM Policy resources. +class ProjectIamPolicy < GcpResourceBase + name 'google_resourcemanager_project_iam_policy' + desc 'Project Iam Policy' + supports platform: 'gcp' + + attr_reader :params + attr_reader :bindings + attr_reader :audit_configs + + def initialize(params) + super(params.merge({ use_http_transport: true })) + @params = params + @fetched = @connection.fetch(product_url, resource_base_url, params, 'Post') + parse unless @fetched.nil? + end + + def parse + @bindings = GoogleInSpec::Iam::Property::IamPolicyBindingsArray.parse(@fetched['bindings'], to_s) + @audit_configs = GoogleInSpec::Iam::Property::IamPolicyAuditConfigsArray.parse(@fetched['auditConfigs'], to_s) + end + + def exists? + !@fetched.nil? + end + + def to_s + "Project IamPolicy #{@params[:project_id]}" + end + + private + + def product_url + 'https://cloudresourcemanager.googleapis.com/v1/' + end + + def resource_base_url + 'projects/{{project_id}}:getIamPolicy' + end +end diff --git a/libraries/google_sourcerepo_repositories.rb b/libraries/google_sourcerepo_repositories.rb index 20cd31324..5d0e96e1d 100644 --- a/libraries/google_sourcerepo_repositories.rb +++ b/libraries/google_sourcerepo_repositories.rb @@ -37,7 +37,7 @@ def initialize(params = {}) def fetch_wrapped_resource(wrap_path) # fetch_resource returns an array of responses (to handle pagination) - result = @connection.fetch_all(product_url, resource_base_url, @params) + result = @connection.fetch_all(product_url, resource_base_url, @params, 'Get') return if result.nil? # Conversion of string -> object hash to symbol -> object hash that InSpec needs diff --git a/libraries/google_sourcerepo_repository.rb b/libraries/google_sourcerepo_repository.rb index a5b6740a2..8f11c1875 100644 --- a/libraries/google_sourcerepo_repository.rb +++ b/libraries/google_sourcerepo_repository.rb @@ -29,7 +29,7 @@ class Repository < GcpResourceBase def initialize(params) super(params.merge({ use_http_transport: true })) @params = params - @fetched = @connection.fetch(product_url, resource_base_url, params) + @fetched = @connection.fetch(product_url, resource_base_url, params, 'Get') parse unless @fetched.nil? end diff --git a/test/integration/build/gcp.tf b/test/integration/build/gcp.tf index c7bffae92..efc4e2b74 100644 --- a/test/integration/build/gcp.tf +++ b/test/integration/build/gcp.tf @@ -99,7 +99,7 @@ variable "gcp_enable_privileged_resources" {} provider "google" { region = "${var.gcp_location}" - version = "~> 2.13.0" + version = "~> 2.14.0" } resource "google_service_account" "generic_service_account_object_viewer" { @@ -337,10 +337,10 @@ resource "google_compute_region_instance_group_manager" "appserver" { resource "google_container_cluster" "primary" { project = "${var.gcp_project_id}" name = "${var.gcp_kube_cluster_name}" - zone = "${var.gcp_kube_cluster_zone}" + location = "${var.gcp_kube_cluster_zone}" initial_node_count = "${var.gcp_kube_cluster_size}" - additional_zones = [ + node_locations = [ "${var.gcp_kube_cluster_zone_extra1}", "${var.gcp_kube_cluster_zone_extra2}", ] diff --git a/test/integration/configuration/gcp_inspec_config.rb b/test/integration/configuration/gcp_inspec_config.rb index b61d781d6..cca8eddb0 100644 --- a/test/integration/configuration/gcp_inspec_config.rb +++ b/test/integration/configuration/gcp_inspec_config.rb @@ -24,8 +24,6 @@ def self.add_random_string(length = 25) # Determine the storage account name and the admin password :gcp_location => "europe-west2", :gcp_zone => "europe-west2-a", - :gcp_zone_id => "2290", - :gcp_region_id => "1290", # Cloud functions are only available in certain regions :gcp_cloud_function_region => "us-central1", :gcp_int_vm_name => "gcp-inspec-int-linux-vm", @@ -77,7 +75,6 @@ def self.add_random_string(length = 25) :gcp_kube_cluster_master_user => "gcp-inspec-kube-admin", :gcp_kube_cluster_master_pass => (("a".."z").to_a + ("A".."Z").to_a + ("0".."9").to_a + %w{! @ # $ % & / ( ) + ? *}).sample(20).join, :gcp_kube_nodepool_name => "default-pool", - :gcp_inspec_user_email => "user:chef@example.com", :gcp_kms_key_ring_policy_name => "gcp-inspec-kms-key-ring-#{add_random_string}", :gcp_kms_key_ring_binding_member_name => "gcp-inspec-kms-key-ring-#{add_random_string}", :gcp_kms_crypto_key_name_policy => "gcp-inspec-kms-crypto-key-policy-#{add_random_string}", diff --git a/test/integration/verify/controls/google_compute_region.rb b/test/integration/verify/controls/google_compute_region.rb index a438352aa..eaaf8fb22 100644 --- a/test/integration/verify/controls/google_compute_region.rb +++ b/test/integration/verify/controls/google_compute_region.rb @@ -16,7 +16,6 @@ gcp_project_id = attribute(:gcp_project_id, default: 'gcp_project_id', description: 'The GCP project identifier.') gcp_location = attribute(:gcp_location, default: 'gcp_location', description: 'The GCP project region.') -gcp_region_id = attribute(:gcp_region_id, default: 'gcp_region_id', description: 'A sample GCP region identifier to test for.') control 'google_compute_region-1.0' do impact 1.0 title 'google_compute_region resource test' diff --git a/test/integration/verify/controls/google_compute_regions.rb b/test/integration/verify/controls/google_compute_regions.rb index bcd584d9e..129f3fe84 100644 --- a/test/integration/verify/controls/google_compute_regions.rb +++ b/test/integration/verify/controls/google_compute_regions.rb @@ -16,7 +16,6 @@ gcp_project_id = attribute(:gcp_project_id, default: 'gcp_project_id', description: 'The GCP project identifier.') gcp_location = attribute(:gcp_location, default: 'gcp_location', description: 'The GCP project region.') -gcp_region_id = attribute(:gcp_region_id, default: 'gcp_region_id', description: 'A sample GCP region identifier to test for.') control 'google_compute_regions-1.0' do impact 1.0 title 'google_compute_regions resource test' @@ -25,6 +24,6 @@ its('count') { should be >= 1 } its('region_names') { should include "#{gcp_location}" } its('region_statuses') { should_not include "DOWN" } - its('region_ids') { should include gcp_region_id } + its('region_ids') { should include "1290" } end end diff --git a/test/integration/verify/controls/google_compute_zones.rb b/test/integration/verify/controls/google_compute_zones.rb index e1f357054..b6f06d34d 100644 --- a/test/integration/verify/controls/google_compute_zones.rb +++ b/test/integration/verify/controls/google_compute_zones.rb @@ -2,7 +2,6 @@ gcp_project_id = attribute(:gcp_project_id, default: '', description: 'The GCP project identifier.') gcp_zone = attribute(:gcp_zone, default: '', description: 'The GCP zone being used.') -gcp_zone_id = attribute(:gcp_zone_id, default: '', description: 'A sample zone identifier to test for.') control 'gcp-zones-1.0' do @@ -14,7 +13,7 @@ its('count') { should be <= 100} # 46 at the time of writing its('zone_names') { should include gcp_zone } its('zone_statuses') { should_not include "DOWN" } - its('zone_ids') { should include gcp_zone_id.to_i } + its('zone_ids') { should include 2290 } end end \ No newline at end of file