From 45576c46ebc95dda33db73ca2612830b46dbb078 Mon Sep 17 00:00:00 2001 From: ParthaI Date: Mon, 27 May 2024 11:31:04 +0530 Subject: [PATCH] Fixed the table azure_role_assignment for populating the column value correctly Closes #759 --- azure/table_azure_role_assignment.go | 74 +++++++++++++++++----------- go.mod | 1 + go.sum | 2 + 3 files changed, 49 insertions(+), 28 deletions(-) diff --git a/azure/table_azure_role_assignment.go b/azure/table_azure_role_assignment.go index fea70dd3..f51459ea 100644 --- a/azure/table_azure_role_assignment.go +++ b/azure/table_azure_role_assignment.go @@ -4,7 +4,7 @@ import ( "context" "fmt" - "github.com/Azure/azure-sdk-for-go/profiles/latest/authorization/mgmt/authorization" + "github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v2" "github.com/turbot/steampipe-plugin-sdk/v5/grpc/proto" "github.com/turbot/steampipe-plugin-sdk/v5/plugin/transform" @@ -50,7 +50,7 @@ func tableAzureIamRoleAssignment(_ context.Context) *plugin.Table { Name: "scope", Description: "Current state of the role assignment.", Type: proto.ColumnType_STRING, - Transform: transform.FromField("RoleAssignmentPropertiesWithScope.Scope"), + Transform: transform.FromField("Properties.Scope"), }, { Name: "type", @@ -61,19 +61,31 @@ func tableAzureIamRoleAssignment(_ context.Context) *plugin.Table { Name: "principal_id", Description: "Contains the principal id.", Type: proto.ColumnType_STRING, - Transform: transform.FromField("RoleAssignmentPropertiesWithScope.PrincipalID"), + Transform: transform.FromField("Properties.PrincipalID"), }, { Name: "principal_type", Description: "Principal type of the assigned principal ID.", Type: proto.ColumnType_STRING, - Transform: transform.FromField("RoleAssignmentPropertiesWithScope.PrincipalType").Transform(transform.ToString), + Transform: transform.FromField("Properties.PrincipalType"), + }, + { + Name: "created_on", + Description: "Time it was created.", + Type: proto.ColumnType_TIMESTAMP, + Transform: transform.FromField("Properties.CreatedOn"), + }, + { + Name: "updated_on", + Description: "Time it was updated.", + Type: proto.ColumnType_TIMESTAMP, + Transform: transform.FromField("Properties.UpdatedOn"), }, { Name: "role_definition_id", Description: "Name of the assigned role definition.", Type: proto.ColumnType_STRING, - Transform: transform.FromField("RoleAssignmentPropertiesWithScope.RoleDefinitionID"), + Transform: transform.FromField("Properties.RoleDefinitionID"), }, { Name: "title", @@ -94,39 +106,41 @@ func tableAzureIamRoleAssignment(_ context.Context) *plugin.Table { //// LIST FUNCTION func listIamRoleAssignments(ctx context.Context, d *plugin.QueryData, _ *plugin.HydrateData) (interface{}, error) { - session, err := GetNewSession(ctx, d, "MANAGEMENT") + session, err := GetNewSessionUpdated(ctx, d) if err != nil { + plugin.Logger(ctx).Error("azure_role_assignment.listIamRoleAssignments", "session_error", err) + return nil, err + } + // subscriptionID := session.SubscriptionID + + authorizationClient, err := armauthorization.NewRoleAssignmentsClient(session.SubscriptionID, session.Cred, session.ClientOptions) + if err != nil { + plugin.Logger(ctx).Error("azure_role_assignment.listIamRoleAssignments", "client_error", err) return nil, err } - subscriptionID := session.SubscriptionID - authorizationClient := authorization.NewRoleAssignmentsClientWithBaseURI(session.ResourceManagerEndpoint, subscriptionID) - authorizationClient.Authorizer = session.Authorizer + option := &armauthorization.RoleAssignmentsClientListForSubscriptionOptions{ + TenantID: &session.TenantID, + } var filter string if d.EqualsQuals["principal_id"] != nil { filter = fmt.Sprintf("principalId eq '%s'", d.EqualsQuals["principal_id"].GetStringValue()) } - result, err := authorizationClient.List(ctx, filter) - if err != nil { - return nil, err - } - for _, roleAssignment := range result.Values() { - d.StreamListItem(ctx, roleAssignment) - // Check if context has been cancelled or if the limit has been hit (if specified) - // if there is a limit, it will return the number of rows required to reach this limit - if d.RowsRemaining(ctx) == 0 { - return nil, nil - } + if filter != "" { + option.Filter = &filter } - for result.NotDone() { - err = result.NextWithContext(ctx) + result := authorizationClient.NewListForSubscriptionPager(option) + + for result.More() { + res, err := result.NextPage(ctx) if err != nil { + plugin.Logger(ctx).Error("azure_role_assignment.listIamRoleAssignments", "api_error", err) return nil, err } - for _, roleAssignment := range result.Values() { + for _, roleAssignment := range res.Value { d.StreamListItem(ctx, roleAssignment) // Check if context has been cancelled or if the limit has been hit (if specified) // if there is a limit, it will return the number of rows required to reach this limit @@ -142,20 +156,24 @@ func listIamRoleAssignments(ctx context.Context, d *plugin.QueryData, _ *plugin. //// HYDRATE FUNCTIONS func getIamRoleAssignment(ctx context.Context, d *plugin.QueryData, h *plugin.HydrateData) (interface{}, error) { - plugin.Logger(ctx).Trace("getIamRoleAssignment") - session, err := GetNewSession(ctx, d, "MANAGEMENT") + session, err := GetNewSessionUpdated(ctx, d) if err != nil { + plugin.Logger(ctx).Error("azure_role_assignment.getIamRoleAssignment", "session_error", err) return nil, err } subscriptionID := session.SubscriptionID roleAssignmentID := d.EqualsQuals["id"].GetStringValue() - authorizationClient := authorization.NewRoleAssignmentsClientWithBaseURI(session.ResourceManagerEndpoint, subscriptionID) - authorizationClient.Authorizer = session.Authorizer + authorizationClient, err := armauthorization.NewRoleAssignmentsClient(subscriptionID, session.Cred, session.ClientOptions) + if err != nil { + plugin.Logger(ctx).Error("azure_role_assignment.getIamRoleAssignment", "client_error", err) + return nil, err + } - op, err := authorizationClient.GetByID(ctx, roleAssignmentID) + op, err := authorizationClient.GetByID(ctx, roleAssignmentID, nil) if err != nil { + plugin.Logger(ctx).Error("azure_role_assignment.getIamRoleAssignment", "api_error", err) return nil, err } diff --git a/go.mod b/go.mod index d125d4c1..9c217f2f 100644 --- a/go.mod +++ b/go.mod @@ -9,6 +9,7 @@ require ( github.com/Azure/azure-sdk-for-go/sdk/azcore v1.11.0 github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.5.2 github.com/Azure/azure-sdk-for-go/sdk/data/aztables v1.2.0 + github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v2 v2.2.0 github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/containerservice/armcontainerservice/v4 v4.8.0 github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/recoveryservices/armrecoveryservicesbackup/v3 v3.0.0 github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/sql/armsql v1.2.0 diff --git a/go.sum b/go.sum index 4d930193..eb1ea958 100644 --- a/go.sum +++ b/go.sum @@ -199,6 +199,8 @@ github.com/Azure/azure-sdk-for-go/sdk/data/aztables v1.2.0 h1:aJG+Jxd9/rrLwf8R1K github.com/Azure/azure-sdk-for-go/sdk/data/aztables v1.2.0/go.mod h1:41ONblJrPxDcnVr+voS+3xXWy/KnZLh+7zY5s6woAlQ= github.com/Azure/azure-sdk-for-go/sdk/internal v1.5.2 h1:LqbJ/WzJUwBf8UiaSzgX7aMclParm9/5Vgp+TY51uBQ= github.com/Azure/azure-sdk-for-go/sdk/internal v1.5.2/go.mod h1:yInRyqWXAuaPrgI7p70+lDDgh3mlBohis29jGMISnmc= +github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v2 v2.2.0 h1:Hp+EScFOu9HeCbeW8WU2yQPJd4gGwhMgKxWe+G6jNzw= +github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/authorization/armauthorization/v2 v2.2.0/go.mod h1:/pz8dyNQe+Ey3yBp/XuYz7oqX8YDNWVpPB0hH3XWfbc= github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/containerservice/armcontainerservice/v4 v4.8.0 h1:0nGmzwBv5ougvzfGPCO2ljFRHvun57KpNrVCMrlk0ns= github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/containerservice/armcontainerservice/v4 v4.8.0/go.mod h1:gYq8wyDgv6JLhGbAU6gg8amCPgQWRE+aCvrV2gyzdfs= github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/internal/v2 v2.0.0 h1:PTFGRSlMKCQelWwxUyYVEUqseBJVemLyqWJjvMyt0do=