Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add table azure_security_center_auto_provisioning. Closes #116 #117

Merged
merged 12 commits into from
May 13, 2021
Merged
Show file tree
Hide file tree
Changes from 9 commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Original file line number Diff line number Diff line change
@@ -0,0 +1,7 @@
[
{
"id": "{{ output.resource_id.value }}",
"name": "{{ output.resource_name.value }}",
"type": "Microsoft.Security/autoProvisioningSettings"
}
]
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
select name, id, type
from azure.azure_security_center_auto_provisioning
where name = '{{ output.resource_name.value }}';
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@
[
{
"id": "{{ output.resource_id.value }}",
"name": "{{ output.resource_name.value }}"
}
]
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
select id, name
from azure.azure_security_center_auto_provisioning
where id = '{{ output.resource_id.value }}'
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
null
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
select name, akas, title
from azure.azure_security_center_auto_provisioning
where name = 'dummy-{{ output.resource_name.value }}';
Original file line number Diff line number Diff line change
@@ -0,0 +1,10 @@
[
{
"akas": [
"{{ output.resource_aka.value }}",
"{{ output.resource_aka_lower.value }}"
],
"name": "{{ output.resource_name.value }}",
"title": "{{ output.resource_name.value }}"
}
]
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
select name, akas, title
from azure.azure_security_center_auto_provisioning
where name = '{{ output.resource_name.value }}';
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
{}
Original file line number Diff line number Diff line change
@@ -0,0 +1,57 @@

variable "resource_name" {
type = string
default = "turbot-test-20200125-create-update"
description = "Name of the resource used throughout the test."
}

variable "azure_environment" {
type = string
default = "public"
description = "Azure environment used for the test."
}

variable "azure_subscription" {
type = string
description = "Azure subscription used for the test."
}

provider "azurerm" {
# Cannot be passed as a variable
version = "=2.43.0"
features {}
environment = var.azure_environment
subscription_id = var.azure_subscription
}

data "azurerm_client_config" "current" {}

data "null_data_source" "resource" {
inputs = {
scope = "azure:///subscriptions/${data.azurerm_client_config.current.subscription_id}"
}
}

resource "azurerm_security_center_auto_provisioning" "named_test_resource" {
auto_provision = "On"
}

output "resource_aka" {
value = "azure://${azurerm_security_center_auto_provisioning.named_test_resource.id}"
}

output "resource_aka_lower" {
value = "azure://${lower(azurerm_security_center_auto_provisioning.named_test_resource.id)}"
}

output "resource_id" {
value = azurerm_security_center_auto_provisioning.named_test_resource.id
}

output "resource_name" {
value = element(split("/", azurerm_security_center_auto_provisioning.named_test_resource.id), 6)
}

output "subscription_id" {
value = var.azure_subscription
}
103 changes: 52 additions & 51 deletions azure/plugin.go
Original file line number Diff line number Diff line change
Expand Up @@ -22,57 +22,58 @@ func Plugin(ctx context.Context) *plugin.Plugin {
Schema: ConfigSchema,
},
TableMap: map[string]*plugin.Table{
"azure_ad_group": tableAzureAdGroup(ctx),
"azure_ad_service_principal": tableAzureAdServicePrincipal(ctx),
"azure_ad_user": tableAzureAdUser(ctx),
"azure_api_management": tableAzureAPIManagement(ctx),
"azure_app_service_environment": tableAzureAppServiceEnvironment(ctx),
"azure_app_service_function_app": tableAzureAppServiceFunctionApp(ctx),
"azure_app_service_plan": tableAzureAppServicePlan(ctx),
"azure_app_service_web_app": tableAzureAppServiceWebApp(ctx),
"azure_application_security_group": tableAzureApplicationSecurityGroup(ctx),
"azure_compute_availability_set": tableAzureComputeAvailabilitySet(ctx),
"azure_compute_disk": tableAzureComputeDisk(ctx),
"azure_compute_disk_encryption_set": tableAzureComputeDiskEncryptionSet(ctx),
"azure_compute_image": tableAzureComputeImage(ctx),
"azure_compute_resource_sku": tableAzureResourceSku(ctx),
"azure_compute_snapshot": tableAzureComputeSnapshot(ctx),
"azure_compute_virtual_machine": tableAzureComputeVirtualMachine(ctx),
"azure_cosmosdb_account": tableAzureCosmosDBAccount(ctx),
"azure_cosmosdb_mongo_database": tableAzureCosmosDBMongoDatabase(ctx),
"azure_cosmosdb_sql_database": tableAzureCosmosDBSQLDatabase(ctx),
"azure_diagnostic_setting": tableAzureDiagnosticSetting(ctx),
"azure_firewall": tableAzureFirewall(ctx),
"azure_key_vault": tableAzureKeyVault(ctx),
"azure_key_vault_key": tableAzureKeyVaultKey(ctx),
"azure_key_vault_secret": tableAzureKeyVaultSecret(ctx),
"azure_kubernetes_cluster": tableAzureKubernetesCluster(ctx),
"azure_location": tableAzureLocation(ctx),
"azure_log_alert": tableAzureLogAlert(ctx),
"azure_log_profile": tableAzureLogProfile(ctx),
"azure_management_lock": tableAzureManagementLock(ctx),
"azure_mysql_server": tableAzureMySQLServer(ctx),
"azure_network_interface": tableAzureNetworkInterface(ctx),
"azure_network_security_group": tableAzureNetworkSecurityGroup(ctx),
"azure_network_watcher": tableAzureNetworkWatcher(ctx),
"azure_network_watcher_flow_log": tableAzureNetworkWatcherFlowLog(ctx),
"azure_postgresql_server": tableAzurePostgreSqlServer(ctx),
"azure_provider": tableAzureProvider(ctx),
"azure_public_ip": tableAzurePublicIP(ctx),
"azure_resource_group": tableAzureResourceGroup(ctx),
"azure_role_assignment": tableAzureIamRoleAssignment(ctx),
"azure_role_definition": tableAzureIamRoleDefinition(ctx),
"azure_route_table": tableAzureRouteTable(ctx),
"azure_sql_database": tableAzureSqlDatabase(ctx),
"azure_sql_server": tableAzureSQLServer(ctx),
"azure_storage_account": tableAzureStorageAccount(ctx),
"azure_storage_blob_service": tableAzureStorageBlobService(ctx),
"azure_storage_container": tableAzureStorageContainer(ctx),
"azure_storage_queue": tableAzureStorageQueue(ctx),
"azure_storage_table": tableAzureStorageTable(ctx),
"azure_storage_table_service": tableAzureStorageTableService(ctx),
"azure_subnet": tableAzureSubnet(ctx),
"azure_virtual_network": tableAzureVirtualNetwork(ctx),
"azure_ad_group": tableAzureAdGroup(ctx),
"azure_ad_service_principal": tableAzureAdServicePrincipal(ctx),
"azure_ad_user": tableAzureAdUser(ctx),
"azure_api_management": tableAzureAPIManagement(ctx),
"azure_app_service_environment": tableAzureAppServiceEnvironment(ctx),
"azure_app_service_function_app": tableAzureAppServiceFunctionApp(ctx),
"azure_app_service_plan": tableAzureAppServicePlan(ctx),
"azure_app_service_web_app": tableAzureAppServiceWebApp(ctx),
"azure_application_security_group": tableAzureApplicationSecurityGroup(ctx),
"azure_compute_availability_set": tableAzureComputeAvailabilitySet(ctx),
"azure_compute_disk": tableAzureComputeDisk(ctx),
"azure_compute_disk_encryption_set": tableAzureComputeDiskEncryptionSet(ctx),
"azure_compute_image": tableAzureComputeImage(ctx),
"azure_compute_resource_sku": tableAzureResourceSku(ctx),
"azure_compute_snapshot": tableAzureComputeSnapshot(ctx),
"azure_compute_virtual_machine": tableAzureComputeVirtualMachine(ctx),
"azure_cosmosdb_account": tableAzureCosmosDBAccount(ctx),
"azure_cosmosdb_mongo_database": tableAzureCosmosDBMongoDatabase(ctx),
"azure_cosmosdb_sql_database": tableAzureCosmosDBSQLDatabase(ctx),
"azure_diagnostic_setting": tableAzureDiagnosticSetting(ctx),
"azure_firewall": tableAzureFirewall(ctx),
"azure_key_vault": tableAzureKeyVault(ctx),
"azure_key_vault_key": tableAzureKeyVaultKey(ctx),
"azure_key_vault_secret": tableAzureKeyVaultSecret(ctx),
"azure_kubernetes_cluster": tableAzureKubernetesCluster(ctx),
"azure_location": tableAzureLocation(ctx),
"azure_log_alert": tableAzureLogAlert(ctx),
"azure_log_profile": tableAzureLogProfile(ctx),
"azure_management_lock": tableAzureManagementLock(ctx),
"azure_mysql_server": tableAzureMySQLServer(ctx),
"azure_network_interface": tableAzureNetworkInterface(ctx),
"azure_network_security_group": tableAzureNetworkSecurityGroup(ctx),
"azure_network_watcher": tableAzureNetworkWatcher(ctx),
"azure_network_watcher_flow_log": tableAzureNetworkWatcherFlowLog(ctx),
"azure_postgresql_server": tableAzurePostgreSqlServer(ctx),
"azure_provider": tableAzureProvider(ctx),
"azure_public_ip": tableAzurePublicIP(ctx),
"azure_resource_group": tableAzureResourceGroup(ctx),
"azure_role_assignment": tableAzureIamRoleAssignment(ctx),
"azure_role_definition": tableAzureIamRoleDefinition(ctx),
"azure_route_table": tableAzureRouteTable(ctx),
"azure_security_center_auto_provisioning": tableAzureSecurityCenterAutoProvisioning(ctx),
"azure_sql_database": tableAzureSqlDatabase(ctx),
"azure_sql_server": tableAzureSQLServer(ctx),
"azure_storage_account": tableAzureStorageAccount(ctx),
"azure_storage_blob_service": tableAzureStorageBlobService(ctx),
"azure_storage_container": tableAzureStorageContainer(ctx),
"azure_storage_queue": tableAzureStorageQueue(ctx),
"azure_storage_table": tableAzureStorageTable(ctx),
"azure_storage_table_service": tableAzureStorageTableService(ctx),
"azure_subnet": tableAzureSubnet(ctx),
"azure_virtual_network": tableAzureVirtualNetwork(ctx),
// "azure_storage_blob": tableAzureStorageBlob(ctx),
// "azure_storage_table": tableAzureStorageTable(ctx),
},
Expand Down
117 changes: 117 additions & 0 deletions azure/table_azure_security_center_auto_provisioning.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,117 @@
package azure

import (
"context"

"github.com/Azure/azure-sdk-for-go/services/preview/security/mgmt/v1.0/security"
"github.com/turbot/steampipe-plugin-sdk/grpc/proto"
"github.com/turbot/steampipe-plugin-sdk/plugin/transform"

"github.com/turbot/steampipe-plugin-sdk/plugin"
)

//// TABLE DEFINITION

func tableAzureSecurityCenterAutoProvisioning(_ context.Context) *plugin.Table {
return &plugin.Table{
Name: "azure_security_center_auto_provisioning",
Description: "Azure Security Center Auto Provisioning",
Get: &plugin.GetConfig{
KeyColumns: plugin.SingleColumn("name"),
Hydrate: getSecurityCenterAutoProvisioning,
},
List: &plugin.ListConfig{
Hydrate: listSecurityCenterAutoProvisioning,
},
Columns: []*plugin.Column{
{
Name: "id",
Type: proto.ColumnType_STRING,
Description: "The resource id.",
Transform: transform.FromGo(),
},
{
Name: "name",
Description: "The resource name.",
Type: proto.ColumnType_STRING,
},
{
Name: "type",
Description: "The resource type.",
Type: proto.ColumnType_STRING,
},
{
Name: "auto_provision",
Description: "Describes what kind of security agent provisioning action to take. Possible values include: AutoProvisionOn, AutoProvisionOff",
bigdatasourav marked this conversation as resolved.
Show resolved Hide resolved
Type: proto.ColumnType_STRING,
Transform: transform.FromField("AutoProvisioningSettingProperties.AutoProvision"),
},

// Steampipe standard columns
{
Name: "title",
Description: ColumnDescriptionTitle,
Type: proto.ColumnType_STRING,
Transform: transform.FromField("Name"),
},
{
Name: "akas",
Description: ColumnDescriptionAkas,
Type: proto.ColumnType_JSON,
Transform: transform.FromField("ID").Transform(idToAkas),
},

// Azure standard columns
{
Name: "subscription_id",
Description: ColumnDescriptionSubscription,
Type: proto.ColumnType_STRING,
Transform: transform.FromField("ID").Transform(idToSubscriptionID),
},
},
}
}

//// LIST FUNCTION

func listSecurityCenterAutoProvisioning(ctx context.Context, d *plugin.QueryData, _ *plugin.HydrateData) (interface{}, error) {
session, err := GetNewSession(ctx, d, "MANAGEMENT")
if err != nil {
return nil, err
}

subscriptionID := session.SubscriptionID
autoProvisioningClient := security.NewAutoProvisioningSettingsClient(subscriptionID, "")
autoProvisioningClient.Authorizer = session.Authorizer

autoProvisioningList, err := autoProvisioningClient.List(ctx)
if err != nil {
return err, nil
}

for _, autoProvisioning := range autoProvisioningList.Values() {
d.StreamListItem(ctx, autoProvisioning)
}
return nil, nil
}

//// HYDRATE FUNCTIONS

func getSecurityCenterAutoProvisioning(ctx context.Context, d *plugin.QueryData, _ *plugin.HydrateData) (interface{}, error) {
session, err := GetNewSession(ctx, d, "MANAGEMENT")
if err != nil {
return nil, err
}
name := d.KeyColumnQuals["name"].GetStringValue()

subscriptionID := session.SubscriptionID
autoProvisioningClient := security.NewAutoProvisioningSettingsClient(subscriptionID, "")
autoProvisioningClient.Authorizer = session.Authorizer

bigdatasourav marked this conversation as resolved.
Show resolved Hide resolved
autoProvisioning, err := autoProvisioningClient.Get(ctx, name)
if err != nil {
return err, nil
}

return autoProvisioning, nil
}
31 changes: 31 additions & 0 deletions docs/tables/azure_security_center_auto_provisioning.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,31 @@
# Table: azure_security_center_auto_provisioning

Azure security center auto provisioning settings exposes the auto provisioning settings of the subscriptions.

## Examples

### Basic info

```sql
select
id,
name,
type,
auto_provision
from
azure_security_center_auto_provisioning;
```

### Ensure that Automatic provisioning of monitoring agent is set to On

```sql
select
id,
name,
type,
auto_provision
from
azure_security_center_auto_provisioning
where
auto_provision = 'On';
```