Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add table azure_firewall_policy. closes #554 #598

Merged
merged 2 commits into from
Mar 31, 2023
Merged

Add table azure_firewall_policy. closes #554 #598

merged 2 commits into from
Mar 31, 2023

Conversation

ParthaI
Copy link
Contributor

@ParthaI ParthaI commented Mar 30, 2023

Integration test logs

Logs 
No env file present for the current environment:  staging 
 Falling back to .env config
No env file present for the current environment:  staging
customEnv TURBOT_TEST_EXPECTED_TIMEOUT undefined

SETUP: tests/azure_firewall_policy []

PRETEST: tests/azure_firewall_policy

TEST: tests/azure_firewall_policy
Running terraform
data.azurerm_client_config.current: Reading...
data.azurerm_client_config.current: Read complete after 0s [id=Y2xpZW50Q29uZmlncy9jbGllbnRJZD0wNGIwNzc5NS04ZGRiLTQ2MWEtYmJlZS0wMmY5ZTFiZjdiNDY7b2JqZWN0SWQ9MDZmZDQ2YjAtYTg2Ny00OWExLWE0ZjEtZjc3Njg0NjVjYWJhO3N1YnNjcmlwdGlvbklkPWQ0NmQ3NDE2LWY5NWYtNDc3MS1iYmI1LTUyOWQ0Yzc2NjU5Yzt0ZW5hbnRJZD1jZGZmZDcwOC03ZGEwLTRjZWEtYWJlYi0wYTRjMzM0ZDdmNjQ=]
data.null_data_source.resource: Reading...
data.null_data_source.resource: Read complete after 0s [id=static]

Terraform used the selected providers to generate the following execution
plan. Resource actions are indicated with the following symbols:
  + create

Terraform will perform the following actions:

  # azurerm_firewall_policy.named_test_resource will be created
  + resource "azurerm_firewall_policy" "named_test_resource" {
      + child_policies           = (known after apply)
      + firewalls                = (known after apply)
      + id                       = (known after apply)
      + location                 = "westus"
      + name                     = "turbottest52142"
      + resource_group_name      = "turbottest52142"
      + rule_collection_groups   = (known after apply)
      + sku                      = (known after apply)
      + tags                     = {
          + "name" = "turbottest52142"
        }
      + threat_intelligence_mode = "Alert"
    }

  # azurerm_resource_group.named_test_resource will be created
  + resource "azurerm_resource_group" "named_test_resource" {
      + id       = (known after apply)
      + location = "westus"
      + name     = "turbottest52142"
    }

Plan: 2 to add, 0 to change, 0 to destroy.

Changes to Outputs:
  + resource_aka       = (known after apply)
  + resource_aka_lower = (known after apply)
  + resource_id        = (known after apply)
  + resource_name      = "turbottest52142"
  + subscription_id    = "783ur395-f95f-4771-bbb5-529d4c73hrit"
azurerm_resource_group.named_test_resource: Creating...
azurerm_resource_group.named_test_resource: Creation complete after 2s [id=/subscriptions/783ur395-f95f-4771-bbb5-529d4c73hrit/resourceGroups/turbottest52142]
azurerm_firewall_policy.named_test_resource: Creating...
azurerm_firewall_policy.named_test_resource: Still creating... [10s elapsed]
azurerm_firewall_policy.named_test_resource: Creation complete after 18s [id=/subscriptions/783ur395-f95f-4771-bbb5-529d4c73hrit/resourceGroups/turbottest52142/providers/Microsoft.Network/firewallPolicies/turbottest52142]

Warning: Deprecated

  with data.null_data_source.resource,
  on variables.tf line 30, in data "null_data_source" "resource":
  30: data "null_data_source" "resource" {

The null_data_source was historically used to construct intermediate values
to re-use elsewhere in configuration, the same can now be achieved using
locals

(and one more similar warning elsewhere)

Apply complete! Resources: 2 added, 0 changed, 0 destroyed.

Outputs:

resource_aka = "azure:///subscriptions/783ur395-f95f-4771-bbb5-529d4c73hrit/resourceGroups/turbottest52142/providers/Microsoft.Network/firewallPolicies/turbottest52142"
resource_aka_lower = "azure:///subscriptions/783ur395-f95f-4771-bbb5-529d4c73hrit/resourcegroups/turbottest52142/providers/microsoft.network/firewallpolicies/turbottest52142"
resource_id = "/subscriptions/783ur395-f95f-4771-bbb5-529d4c73hrit/resourceGroups/turbottest52142/providers/Microsoft.Network/firewallPolicies/turbottest52142"
resource_name = "turbottest52142"
subscription_id = "783ur395-f95f-4771-bbb5-529d4c73hrit"

Running SQL query: test-get-query.sql
[
  {
    "id": "/subscriptions/783ur395-f95f-4771-bbb5-529d4c73hrit/resourceGroups/turbottest52142/providers/Microsoft.Network/firewallPolicies/turbottest52142",
    "name": "turbottest52142",
    "provisioning_state": "Succeeded",
    "resource_group": "turbottest52142",
    "type": "Microsoft.Network/FirewallPolicies"
  }
]
✔ PASSED

Running SQL query: test-list-query.sql
[
  {
    "id": "/subscriptions/783ur395-f95f-4771-bbb5-529d4c73hrit/resourceGroups/turbottest52142/providers/Microsoft.Network/firewallPolicies/turbottest52142",
    "name": "turbottest52142"
  }
]
✔ PASSED

Running SQL query: test-not-found-query.sql
null
✔ PASSED

Running SQL query: test-turbot-query.sql
[
  {
    "akas": [
      "azure:///subscriptions/783ur395-f95f-4771-bbb5-529d4c73hrit/resourceGroups/turbottest52142/providers/Microsoft.Network/firewallPolicies/turbottest52142",
      "azure:///subscriptions/783ur395-f95f-4771-bbb5-529d4c73hrit/resourcegroups/turbottest52142/providers/microsoft.network/firewallpolicies/turbottest52142"
    ],
    "name": "turbottest52142",
    "tags": {
      "name": "turbottest52142"
    },
    "title": "turbottest52142"
  }
]
✔ PASSED

POSTTEST: tests/azure_firewall_policy

TEARDOWN: tests/azure_firewall_policy

SUMMARY:

1/1 passed.

Example query results

Results 

> select * from azure_firewall_policy
+-----------------+-------------------------------------------------------------------------------------------------------------------------------------------------+--------------------------------------+------------------------------------+--------------------+------->
| name            | id                                                                                                                                              | etag                                 | type                               | provisioning_state | intrus>
+-----------------+-------------------------------------------------------------------------------------------------------------------------------------------------+--------------------------------------+------------------------------------+--------------------+------->
| turbottest72407 | /subscriptions/783ur395-f95f-4771-bbb5-529d4c73hrit/resourceGroups/turbottest72407/providers/Microsoft.Network/firewallPolicies/turbottest72407 | fe12de64-6b76-4f5f-b7eb-6339898b5cf7 | Microsoft.Network/FirewallPolicies | Succeeded          | <null>>
+-----------------+-------------------------------------------------------------------------------------------------------------------------------------------------+--------------------------------------+------------------------------------+--------------------+------->

> select * from azure_firewall_policy where id = '/subscriptions/783ur395-f95f-4771-bbb5-529d4c73hrit/resourceGroups/turbottest72407/providers/Microsoft.Network/firewallPolicies/turbottest72407'
+-----------------+-------------------------------------------------------------------------------------------------------------------------------------------------+--------------------------------------+------------------------------------+--------------------+------->
| name            | id                                                                                                                                              | etag                                 | type                               | provisioning_state | intrus>
+-----------------+-------------------------------------------------------------------------------------------------------------------------------------------------+--------------------------------------+------------------------------------+--------------------+------->
| turbottest72407 | /subscriptions/783ur395-f95f-4771-bbb5-529d4c73hrit/resourceGroups/turbottest72407/providers/Microsoft.Network/firewallPolicies/turbottest72407 | fe12de64-6b76-4f5f-b7eb-6339898b5cf7 | Microsoft.Network/FirewallPolicies | Succeeded          | <null>>
+-----------------+-------------------------------------------------------------------------------------------------------------------------------------------------+--------------------------------------+------------------------------------+--------------------+------->

@ParthaI ParthaI requested a review from misraved March 30, 2023 14:22
@ParthaI ParthaI self-assigned this Mar 30, 2023
@ParthaI ParthaI linked an issue Mar 30, 2023 that may be closed by this pull request
Add table azure_firewall_policy #554
Closed
misraved
misraved reviewed Mar 31, 2023
View reviewed changes
Copy link
Contributor

@misraved misraved left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@ParthaI please take a look at the review comments. Thanks!!

Also could you please add a few more examples around the threat_intel_* columns?

azure/table_azure_firewall_policy.go Outdated
},
{
Name: "etag",
Description: "An unique read-only string that changes whenever the resource is updated.",
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
Description: "An unique read-only string that changes whenever the resource is updated.",
Description: "A unique read-only string that changes whenever the resource is updated.",

azure/table_azure_firewall_policy.go Outdated
},
{
Name: "rule_collection_groups",
Description: "List of references to FirewallPolicyRuleCollectionGroups",
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
Description: "List of references to FirewallPolicyRuleCollectionGroups",
Description: "List of references to FirewallPolicyRuleCollectionGroups.",

azure/table_azure_firewall_policy.go Outdated
}
}
}
return nil, err
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
return nil, err
return nil, nil

azure/table_azure_firewall_policy.go Outdated
Comment on lines 248 to 276
//// Transform Functions

// func ipConfigurationData(ctx context.Context, d *transform.TransformData) (interface{}, error) {
// data := d.HydrateItem.(network.AzureFirewall)

// var output []map[string]interface{}
// // Add a check for AzureFirewallPropertiesFormat.IPConfigurations data to ensure that
// // it is not null to avoid panic errors
// if data.AzureFirewallPropertiesFormat.IPConfigurations != nil {
// for _, firewall := range *data.AzureFirewallPropertiesFormat.IPConfigurations {
// objectMap := make(map[string]interface{})
// if firewall.AzureFirewallIPConfigurationPropertiesFormat.PrivateIPAddress != nil {
// objectMap["privateIPAddress"] = firewall.AzureFirewallIPConfigurationPropertiesFormat.PrivateIPAddress
// }
// if firewall.AzureFirewallIPConfigurationPropertiesFormat.PublicIPAddress != nil {
// objectMap["publicIPAddress"] = firewall.AzureFirewallIPConfigurationPropertiesFormat.PublicIPAddress
// }
// if firewall.AzureFirewallIPConfigurationPropertiesFormat.Subnet != nil {
// objectMap["subnet"] = firewall.AzureFirewallIPConfigurationPropertiesFormat.Subnet
// }
// if firewall.AzureFirewallIPConfigurationPropertiesFormat.ProvisioningState != "" {
// objectMap["provisioningState"] = firewall.AzureFirewallIPConfigurationPropertiesFormat.ProvisioningState
// }
// output = append(output, objectMap)
// }
// return output, nil
// }
// return nil, nil
// }
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
//// Transform Functions
// func ipConfigurationData(ctx context.Context, d *transform.TransformData) (interface{}, error) {
// data := d.HydrateItem.(network.AzureFirewall)
// var output []map[string]interface{}
// // Add a check for AzureFirewallPropertiesFormat.IPConfigurations data to ensure that
// // it is not null to avoid panic errors
// if data.AzureFirewallPropertiesFormat.IPConfigurations != nil {
// for _, firewall := range *data.AzureFirewallPropertiesFormat.IPConfigurations {
// objectMap := make(map[string]interface{})
// if firewall.AzureFirewallIPConfigurationPropertiesFormat.PrivateIPAddress != nil {
// objectMap["privateIPAddress"] = firewall.AzureFirewallIPConfigurationPropertiesFormat.PrivateIPAddress
// }
// if firewall.AzureFirewallIPConfigurationPropertiesFormat.PublicIPAddress != nil {
// objectMap["publicIPAddress"] = firewall.AzureFirewallIPConfigurationPropertiesFormat.PublicIPAddress
// }
// if firewall.AzureFirewallIPConfigurationPropertiesFormat.Subnet != nil {
// objectMap["subnet"] = firewall.AzureFirewallIPConfigurationPropertiesFormat.Subnet
// }
// if firewall.AzureFirewallIPConfigurationPropertiesFormat.ProvisioningState != "" {
// objectMap["provisioningState"] = firewall.AzureFirewallIPConfigurationPropertiesFormat.ProvisioningState
// }
// output = append(output, objectMap)
// }
// return output, nil
// }
// return nil, nil
// }

docs/tables/azure_firewall_policy.md Outdated
provisioning_state = 'Failed';
```

### Get firewall details for each policy
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
### Get firewall details for each policy
### Get firewall details of each policy

docs/tables/azure_firewall_policy.md Outdated
f.id = firewall -> 'ID';
```

### Get DNS setting details for each policy
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
### Get DNS setting details for each policy
### Get DNS setting details of each policy

@misraved misraved merged commit 81b9623 into main Mar 31, 2023
@misraved misraved deleted the issue-554 branch March 31, 2023 12:27
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@misraved misraved misraved approved these changes

Assignees

@ParthaI ParthaI

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Add table azure_firewall_policy
2 participants
@ParthaI @misraved