turbot · cbruno10 · May 19, 2021 · May 5, 2021 · May 6, 2021 · May 6, 2021
diff --git a/azure-test/tests/azure_security_center_subscription_pricing/dependencies.txt b/azure-test/tests/azure_security_center_subscription_pricing/dependencies.txt
diff --git a/azure-test/tests/azure_security_center_subscription_pricing/test-get-expected.json b/azure-test/tests/azure_security_center_subscription_pricing/test-get-expected.json
@@ -0,0 +1,7 @@
+[
+  {
+    "id": "{{ output.resource_id.value }}",
+    "name": "{{ output.resource_name.value }}",
+    "type": "Microsoft.Security/pricings"
+  }
+]
diff --git a/azure-test/tests/azure_security_center_subscription_pricing/test-get-query.sql b/azure-test/tests/azure_security_center_subscription_pricing/test-get-query.sql
@@ -0,0 +1,3 @@
+select name, id, type
+from azure.azure_security_center_subscription_pricing
+where name = '{{ output.resource_name.value }}';
diff --git a/azure-test/tests/azure_security_center_subscription_pricing/test-list-expected.json b/azure-test/tests/azure_security_center_subscription_pricing/test-list-expected.json
@@ -0,0 +1,6 @@
+[
+  {
+    "id": "{{ output.resource_id.value }}",
+    "name": "{{ output.resource_name.value }}"
+  }
+]
diff --git a/azure-test/tests/azure_security_center_subscription_pricing/test-list-query.sql b/azure-test/tests/azure_security_center_subscription_pricing/test-list-query.sql
@@ -0,0 +1,3 @@
+select id, name
+from azure.azure_security_center_subscription_pricing
+where id = '{{ output.resource_id.value }}'
diff --git a/azure-test/tests/azure_security_center_subscription_pricing/test-not-found-expected.json b/azure-test/tests/azure_security_center_subscription_pricing/test-not-found-expected.json
@@ -0,0 +1 @@
+null
diff --git a/azure-test/tests/azure_security_center_subscription_pricing/test-not-found-query.sql b/azure-test/tests/azure_security_center_subscription_pricing/test-not-found-query.sql
@@ -0,0 +1,3 @@
+select name, akas, title
+from azure.azure_security_center_subscription_pricing
+where name = 'dummy-{{ output.resource_name.value }}';
diff --git a/azure-test/tests/azure_security_center_subscription_pricing/test-turbot-expected.json b/azure-test/tests/azure_security_center_subscription_pricing/test-turbot-expected.json
@@ -0,0 +1,10 @@
+[
+  {
+    "akas": [
+      "{{ output.resource_aka.value }}",
+      "{{ output.resource_aka_lower.value }}"
+    ],
+    "name": "{{ output.resource_name.value }}",
+    "title": "{{ output.resource_name.value }}"
+  }
+]
diff --git a/azure-test/tests/azure_security_center_subscription_pricing/test-turbot-query.sql b/azure-test/tests/azure_security_center_subscription_pricing/test-turbot-query.sql
@@ -0,0 +1,3 @@
+select name, akas, title
+from azure.azure_security_center_subscription_pricing
+where name = '{{ output.resource_name.value }}';
diff --git a/azure-test/tests/azure_security_center_subscription_pricing/variables.json b/azure-test/tests/azure_security_center_subscription_pricing/variables.json
@@ -0,0 +1 @@
+{}
diff --git a/azure-test/tests/azure_security_center_subscription_pricing/variables.tf b/azure-test/tests/azure_security_center_subscription_pricing/variables.tf
@@ -0,0 +1,58 @@
+variable "resource_name" {
+  type        = string
+  default     = "turbot-test-20200125-create-update"
+  description = "Name of the resource used throughout the test."
+}
+
+variable "azure_environment" {
+  type        = string
+  default     = "public"
+  description = "Azure environment used for the test."
+}
+
+variable "azure_subscription" {
+  type        = string
+  default     = "3510ae4d-530b-497d-8f30-53b9616fc6c1"
+  description = "Azure subscription used for the test."
+}
+
+provider "azurerm" {
+  # Cannot be passed as a variable
+  version = "=2.43.0"
+  features {}
+  environment     = var.azure_environment
+  subscription_id = var.azure_subscription
+}
+
+data "azurerm_client_config" "current" {}
+
+data "null_data_source" "resource" {
+  inputs = {
+    scope = "azure:///subscriptions/${data.azurerm_client_config.current.subscription_id}"
+  }
+}
+
+resource "azurerm_security_center_subscription_pricing" "named_test_resource" {
+  tier          = "Free"
+  resource_type = "VirtualMachines"
+}
+
+output "resource_aka" {
+  value = "azure://${azurerm_security_center_subscription_pricing.named_test_resource.id}"
+}
+
+output "resource_aka_lower" {
+  value = "azure://${lower(azurerm_security_center_subscription_pricing.named_test_resource.id)}"
+}
+
+output "resource_id" {
+  value = azurerm_security_center_subscription_pricing.named_test_resource.id
+}
+
+output "resource_name" {
+  value = element(split("/", azurerm_security_center_subscription_pricing.named_test_resource.id), 6)
+}
+
+output "subscription_id" {
+  value = var.azure_subscription
+}
diff --git a/azure/plugin.go b/azure/plugin.go
@@ -22,62 +22,60 @@ func Plugin(ctx context.Context) *plugin.Plugin {
 			Schema:      ConfigSchema,
 		},
 		TableMap: map[string]*plugin.Table{
-			"azure_ad_group":                          tableAzureAdGroup(ctx),
-			"azure_ad_service_principal":              tableAzureAdServicePrincipal(ctx),
-			"azure_ad_user":                           tableAzureAdUser(ctx),
-			"azure_api_management":                    tableAzureAPIManagement(ctx),
-			"azure_app_service_environment":           tableAzureAppServiceEnvironment(ctx),
-			"azure_app_service_function_app":          tableAzureAppServiceFunctionApp(ctx),
-			"azure_app_service_plan":                  tableAzureAppServicePlan(ctx),
-			"azure_app_service_web_app":               tableAzureAppServiceWebApp(ctx),
-			"azure_application_security_group":        tableAzureApplicationSecurityGroup(ctx),
-			"azure_compute_availability_set":          tableAzureComputeAvailabilitySet(ctx),
-			"azure_compute_disk":                      tableAzureComputeDisk(ctx),
-			"azure_compute_disk_encryption_set":       tableAzureComputeDiskEncryptionSet(ctx),
-			"azure_compute_image":                     tableAzureComputeImage(ctx),
-			"azure_compute_resource_sku":              tableAzureResourceSku(ctx),
-			"azure_compute_snapshot":                  tableAzureComputeSnapshot(ctx),
-			"azure_compute_virtual_machine":           tableAzureComputeVirtualMachine(ctx),
-			"azure_cosmosdb_account":                  tableAzureCosmosDBAccount(ctx),
-			"azure_cosmosdb_mongo_database":           tableAzureCosmosDBMongoDatabase(ctx),
-			"azure_cosmosdb_sql_database":             tableAzureCosmosDBSQLDatabase(ctx),
-			"azure_diagnostic_setting":                tableAzureDiagnosticSetting(ctx),
-			"azure_firewall":                          tableAzureFirewall(ctx),
-			"azure_key_vault":                         tableAzureKeyVault(ctx),
-			"azure_key_vault_key":                     tableAzureKeyVaultKey(ctx),
-			"azure_key_vault_secret":                  tableAzureKeyVaultSecret(ctx),
-			"azure_kubernetes_cluster":                tableAzureKubernetesCluster(ctx),
-			"azure_location":                          tableAzureLocation(ctx),
-			"azure_log_alert":                         tableAzureLogAlert(ctx),
-			"azure_log_profile":                       tableAzureLogProfile(ctx),
-			"azure_management_lock":                   tableAzureManagementLock(ctx),
-			"azure_mysql_server":                      tableAzureMySQLServer(ctx),
-			"azure_network_interface":                 tableAzureNetworkInterface(ctx),
-			"azure_network_security_group":            tableAzureNetworkSecurityGroup(ctx),
-			"azure_network_watcher":                   tableAzureNetworkWatcher(ctx),
-			"azure_network_watcher_flow_log":          tableAzureNetworkWatcherFlowLog(ctx),
-			"azure_policy_assignment":                 tableAzurePolicyAssignment(ctx),
-			"azure_postgresql_server":                 tableAzurePostgreSqlServer(ctx),
-			"azure_provider":                          tableAzureProvider(ctx),
-			"azure_public_ip":                         tableAzurePublicIP(ctx),
-			"azure_resource_group":                    tableAzureResourceGroup(ctx),
-			"azure_role_assignment":                   tableAzureIamRoleAssignment(ctx),
-			"azure_role_definition":                   tableAzureIamRoleDefinition(ctx),
-			"azure_route_table":                       tableAzureRouteTable(ctx),
-			"azure_security_center_auto_provisioning": tableAzureSecurityCenterAutoProvisioning(ctx),
-			"azure_security_center_contact":           tableAzureSecurityCenterContact(ctx),
-			"azure_sql_database":                      tableAzureSqlDatabase(ctx),
-			"azure_sql_server":                        tableAzureSQLServer(ctx),
-			"azure_storage_account":                   tableAzureStorageAccount(ctx),
-			"azure_storage_blob_service":              tableAzureStorageBlobService(ctx),
-			"azure_storage_container":                 tableAzureStorageContainer(ctx),
-			"azure_storage_queue":                     tableAzureStorageQueue(ctx),
-			"azure_storage_table":                     tableAzureStorageTable(ctx),
-			"azure_storage_table_service":             tableAzureStorageTableService(ctx),
-			"azure_subnet":                            tableAzureSubnet(ctx),
-			"azure_virtual_network":                   tableAzureVirtualNetwork(ctx),
-			// "azure_storage_blob":                   tableAzureStorageBlob(ctx),
-			// "azure_storage_table":                  tableAzureStorageTable(ctx),
+			"azure_ad_group":                             tableAzureAdGroup(ctx),
+			"azure_ad_service_principal":                 tableAzureAdServicePrincipal(ctx),
+			"azure_ad_user":                              tableAzureAdUser(ctx),
+			"azure_api_management":                       tableAzureAPIManagement(ctx),
+			"azure_app_service_environment":              tableAzureAppServiceEnvironment(ctx),
+			"azure_app_service_function_app":             tableAzureAppServiceFunctionApp(ctx),
+			"azure_app_service_plan":                     tableAzureAppServicePlan(ctx),
+			"azure_app_service_web_app":                  tableAzureAppServiceWebApp(ctx),
+			"azure_application_security_group":           tableAzureApplicationSecurityGroup(ctx),
+			"azure_compute_availability_set":             tableAzureComputeAvailabilitySet(ctx),
+			"azure_compute_disk":                         tableAzureComputeDisk(ctx),
+			"azure_compute_disk_encryption_set":          tableAzureComputeDiskEncryptionSet(ctx),
+			"azure_compute_image":                        tableAzureComputeImage(ctx),
+			"azure_compute_resource_sku":                 tableAzureResourceSku(ctx),
+			"azure_compute_snapshot":                     tableAzureComputeSnapshot(ctx),
+			"azure_compute_virtual_machine":              tableAzureComputeVirtualMachine(ctx),
+			"azure_cosmosdb_account":                     tableAzureCosmosDBAccount(ctx),
+			"azure_cosmosdb_mongo_database":              tableAzureCosmosDBMongoDatabase(ctx),
+			"azure_cosmosdb_sql_database":                tableAzureCosmosDBSQLDatabase(ctx),
+			"azure_diagnostic_setting":                   tableAzureDiagnosticSetting(ctx),
+			"azure_firewall":                             tableAzureFirewall(ctx),
+			"azure_key_vault":                            tableAzureKeyVault(ctx),
+			"azure_key_vault_key":                        tableAzureKeyVaultKey(ctx),
+			"azure_key_vault_secret":                     tableAzureKeyVaultSecret(ctx),
+			"azure_kubernetes_cluster":                   tableAzureKubernetesCluster(ctx),
+			"azure_location":                             tableAzureLocation(ctx),
+			"azure_log_alert":                            tableAzureLogAlert(ctx),
+			"azure_log_profile":                          tableAzureLogProfile(ctx),
+			"azure_management_lock":                      tableAzureManagementLock(ctx),
+			"azure_mysql_server":                         tableAzureMySQLServer(ctx),
+			"azure_network_interface":                    tableAzureNetworkInterface(ctx),
+			"azure_network_security_group":               tableAzureNetworkSecurityGroup(ctx),
+			"azure_network_watcher":                      tableAzureNetworkWatcher(ctx),
+			"azure_network_watcher_flow_log":             tableAzureNetworkWatcherFlowLog(ctx),
+			"azure_postgresql_server":                    tableAzurePostgreSqlServer(ctx),
+			"azure_provider":                             tableAzureProvider(ctx),
+			"azure_public_ip":                            tableAzurePublicIP(ctx),
+			"azure_resource_group":                       tableAzureResourceGroup(ctx),
+			"azure_role_assignment":                      tableAzureIamRoleAssignment(ctx),
+			"azure_role_definition":                      tableAzureIamRoleDefinition(ctx),
+			"azure_route_table":                          tableAzureRouteTable(ctx),
+			"azure_security_center_subscription_pricing": tableAzureSecurityCenterPricing(ctx),
+			"azure_sql_database":                         tableAzureSqlDatabase(ctx),
+			"azure_sql_server":                           tableAzureSQLServer(ctx),
+			"azure_storage_account":                      tableAzureStorageAccount(ctx),
+			"azure_storage_blob_service":                 tableAzureStorageBlobService(ctx),
+			"azure_storage_container":                    tableAzureStorageContainer(ctx),
+			"azure_storage_queue":                        tableAzureStorageQueue(ctx),
+			"azure_storage_table":                        tableAzureStorageTable(ctx),
+			"azure_storage_table_service":                tableAzureStorageTableService(ctx),
+			"azure_subnet":                               tableAzureSubnet(ctx),
+			"azure_virtual_network":                      tableAzureVirtualNetwork(ctx),
+			// "azure_storage_blob":                tableAzureStorageBlob(ctx),
+			// "azure_storage_table":               tableAzureStorageTable(ctx),
 		},
 	}
 

diff --git a/azure/table_azure_security_center_subscription_pricing.go b/azure/table_azure_security_center_subscription_pricing.go
@@ -0,0 +1,130 @@
+package azure
+
+import (
+	"context"
+
+	"github.com/Azure/azure-sdk-for-go/services/preview/security/mgmt/v3.0/security"
+	"github.com/turbot/steampipe-plugin-sdk/grpc/proto"
+	"github.com/turbot/steampipe-plugin-sdk/plugin/transform"
+
+	"github.com/turbot/steampipe-plugin-sdk/plugin"
+)
+
+//// TABLE DEFINITION
+
+func tableAzureSecurityCenterPricing(_ context.Context) *plugin.Table {
+	return &plugin.Table{
+		Name:        "azure_security_center_subscription_pricing",
+		Description: "Azure Security Center Subscription Pricing",
+		Get: &plugin.GetConfig{
+			KeyColumns: plugin.SingleColumn("name"),
+			Hydrate:    getSecurityCenterPricing,
+		},
+		List: &plugin.ListConfig{
+			Hydrate: listSecurityCenterPricings,
+		},
+		Columns: []*plugin.Column{
+			{
+				Name:        "id",
+				Description: "The pricing id.",
+				Type:        proto.ColumnType_STRING,
+				Transform:   transform.FromGo(),
+			},
+			{
+				Name:        "name",
+				Description: "Name of the pricing.",
+				Type:        proto.ColumnType_STRING,
+				Transform:   transform.FromGo(),
+			},
+			{
+				Name:        "pricing_tier",
+				Type:        proto.ColumnType_STRING,
+				Description: "The pricing tier value. Azure Security Center is provided in two pricing tiers: free and standard, with the standard tier available with a trial period. The standard tier offers advanced security capabilities, while the free tier offers basic security features.",
+				Transform:   transform.FromField("PricingProperties.PricingTier"),
+			},
+			{
+				Name:        "free_trial_remaining_time",
+				Description: "The duration left for the subscriptions free trial period.",
+				Type:        proto.ColumnType_STRING,
+				Transform:   transform.FromField("PricingProperties.FreeTrialRemainingTime"),
+			},
+			{
+				Name:        "type",
+				Type:        proto.ColumnType_STRING,
+				Description: "Type of the pricing.",
+				Transform:   transform.FromGo(),
+			},
+
+			// Steampipe standard columns
+			{
+				Name:        "title",
+				Description: ColumnDescriptionTitle,
+				Type:        proto.ColumnType_STRING,
+				Transform:   transform.FromField("Name"),
+			},
+			{
+				Name:        "akas",
+				Description: ColumnDescriptionAkas,
+				Type:        proto.ColumnType_JSON,
+				Transform:   transform.FromField("ID").Transform(idToAkas),
+			},
+
+			// Azure standard columns
+			{
+				Name:        "subscription_id",
+				Description: ColumnDescriptionSubscription,
+				Type:        proto.ColumnType_STRING,
+				Transform:   transform.FromField("ID").Transform(idToSubscriptionID),
+			},
+		},
+	}
+}
+
+//// LIST FUNCTION
+
+func listSecurityCenterPricings(ctx context.Context, d *plugin.QueryData, _ *plugin.HydrateData) (interface{}, error) {
+	session, err := GetNewSession(ctx, d, "MANAGEMENT")
+	if err != nil {
+		return nil, err
+	}
+
+	subscriptionID := session.SubscriptionID
+	settingClient := security.NewPricingsClient(subscriptionID, "")
+	settingClient.Authorizer = session.Authorizer
+
+	pricingList, err := settingClient.List(ctx)
+	if err != nil {
+		return err, nil
+	}
+
+	for _, pricing := range *pricingList.Value {
+		d.StreamListItem(ctx, pricing)
+	}
+	return nil, nil
+}
+
+//// HYDRATE FUNCTIONS
+
+func getSecurityCenterPricing(ctx context.Context, d *plugin.QueryData, _ *plugin.HydrateData) (interface{}, error) {
+	session, err := GetNewSession(ctx, d, "MANAGEMENT")
+	if err != nil {
+		return nil, err
+	}
+	name := d.KeyColumnQuals["name"].GetStringValue()
+
+	// Handle empty input for get call
+	if name == "" {
+		return nil, nil
+	}
+
+	subscriptionID := session.SubscriptionID
+	settingClient := security.NewPricingsClient(subscriptionID, name)
+	settingClient.Authorizer = session.Authorizer
+
+	setting, err := settingClient.Get(ctx, name)
+	if err != nil {
+		return err, nil
+	}
+
+	return setting, nil
+}
diff --git a/docs/tables/azure_security_center_subscription_pricing.md b/docs/tables/azure_security_center_subscription_pricing.md
@@ -0,0 +1,29 @@
+# Table: azure_security_center_subscription_pricing
+
+Azure security center pricing configurations for the subscription.
+
+## Examples
+
+### Basic info
+
+```sql
+select
+  id,
+  name,
+  pricing_tier
+from
+  azure_security_center_subscription_pricing;
+```
+
+### List pricing information for virtual machines
+
+```sql
+select
+  id,
+  name,
+  pricing_tier
+from
+  azure_security_center_subscription_pricing
+where
+  name = 'VirtualMachines';
+```