Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Terraform missing rules compared to ARM and vice versa #194

Merged
merged 34 commits into from
Aug 21, 2021
Merged

Terraform missing rules compared to ARM and vice versa #194

merged 34 commits into from
Aug 21, 2021

Conversation

rezoan
Copy link
Contributor

@rezoan rezoan commented Aug 13, 2021
edited
Loading

  • Added PR-AZR-0090-TRF in activitylogalerts.rego
  • Updated PR-AZR-0090-ARM in activitylogalerts.rego
  • Added PR-AZR-0125-TRF in applicationgateways.rego
  • ARM rules at blobservices.rego cannot be replicated for Terraform, as terraform can only change soft delete retention days, it cannot change soft delete enable/disable property. Added a side note in ARM rules for future reference.
  • Added PR-AZR-0105-TRF in databaseaccounts.rego
  • Cannot replicate PR-AZR-0086-ARM for terraform under dbadministrators.rego. SQL Managed Instance resource still not available for Terraform yet. see: Managed SQL database instance hashicorp/terraform-provider-azurerm#1747
    Added a side note to the ARM rules regarding that.
  • Cannot replicate PR-AZR-0084-ARM in dbdataencryption.rego because transparent_data_encryption is enabled by default in sql db and thats why Terraform does not have such resource available for sql db but available for SQL Server. See Support for Enable Transparent Data Encryption on SQL Database  hashicorp/terraform-provider-azurerm#7187
  • Added PR-AZR-0097-ARM to dbsecurityalertpolicy.rego
  • Added PR-AZR-0068-TRF to disks.rego
  • Added PR-AZR-0107-TRF, PR-AZR-0108-TRF, PR-AZR-0109-TRF in KeyVault.rego
  • Update PR-AZR-0107-ARM, PR-AZR-0108-ARM, PR-AZR-0109-ARM in KeyVault.rego
  • Added PR-AZR-0130-TRF in keyvalutkeys.rego
  • Added PR-AZR-0049-TRF, PR-AZR-0050-TRF, PR-AZR-0051-TRF in networkwatchersflowlogs.rego
  • Fixed policy title and error message in ARM networkwatchersflowlogs.rego
  • Added PR-AZR-0115-TRF and PR-AZR-0124-TRF in postgreSQL.rego
  • Added PR-AZR-0131-TRF and PR-AZR-0132-TRF in Redis.rego
  • Added PR-AZR-0104-TRF in registries.rego
  • Added PR-AZR-0129-TRF in sql_alert_policy.rego
  • Added PR-AZR-0140-TRF and PR-AZR-0111-TRF in sql_servers_encryption.rego
  • Added PR-AZR-0128-TRF and PR-AZR-0133-TRF in sql_servers.rego
  • Added PR-AZR-0094-TRF, PR-AZR-0114-TRF, PR-AZR-0122-TRF under storageaccounts.rego
  • Added PR-AZR-0065-TRF under vm.rego
  • Added PR-AZR-0064-TRF under vmextensions.rego
  • Added PR-AZR-0075-TRF under vnetpeering.rego
  • Added PR-AZR-0098-TRF under vpngateways.rego
  • Added PR-AZR-0052-TRF under locks.rego

@rezoan rezoan requested a review from farchide August 13, 2021 10:58
@rezoan rezoan changed the title Terraform missing rules compared to ARM Terraform missing rules compared to ARM and vice versa Aug 14, 2021
rezoan added 18 commits August 14, 2021 03:44
@rezoan
Added PR-AZR-0068-TRF to disks.rego
027c4c8
@rezoan
Merge branch 'master' of https://github.com/prancer-io/prancer-compli…
2228da7 
…ance-test into dev-rezoan
@rezoan
Added keyvault.rego for terraform
61ff468
@rezoan
updated KeyValut.rego for ARM
0ed9bd2
@rezoan
Added keyvalutkeys.rego
384ef7f
@rezoan
Merge branch 'master' of https://github.com/prancer-io/prancer-compli…
ba31df1 
…ance-test into dev-rezoan
@rezoan
added new rules for networkwatcherflowlogs.rego
b0927b7
@rezoan
fixed typo
1a86cf6
@rezoan
added tf rules to postgresSQL.rego
4dbc2b1
@rezoan
added new rules for redis.rego
6741327
@rezoan
Added new rules under registries.rego
7a7b724
@rezoan
Merge branch 'master' of https://github.com/prancer-io/prancer-compli…
cc065f0 
…ance-test into dev-rezoan
@rezoan
added new rule under sql_alert_policy.rego
091671e
@rezoan
Added new rules under dbserverdataencryption.rego
81b9e9d
@rezoan
Added PR-AZR-0134-TRF and PR-AZR-0111-TRF in sql_servers_encryption.rego
af9f11d
@rezoan
added rules to sql_server.rego
2753461
@rezoan
Added new rules under storageaccounts.rego
5986f28
@rezoan
changed the id
6adc2eb
@rezoan rezoan requested a review from farchide August 21, 2021 04:58
farchide
farchide approved these changes Aug 21, 2021
View reviewed changes
azure/iac/Redis.rego Show resolved Hide resolved
@rezoan rezoan merged commit 8675c8c into master Aug 21, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@farchide farchide farchide approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@rezoan @farchide