Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add table azure_key_vault_key. Closes #72 #73

Merged
merged 9 commits into from
Apr 29, 2021
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Empty file.
19 changes: 19 additions & 0 deletions azure-test/tests/azure_key_vault_key/test-get-expected.json
Original file line number Diff line number Diff line change
@@ -0,0 +1,19 @@
[
{
"curve_name": "",
"enabled": true,
"id": "/subscriptions/{{ output.subscription_id.value }}/resourceGroups/{{ resourceName }}/providers/Microsoft.KeyVault/vaults/{{ resourceName }}/keys/{{ resourceName }}",
"key_ops": ["decrypt", "encrypt", "sign", "unwrapKey", "verify", "wrapKey"],
"key_size": 2048,
"key_type": "RSA",
"key_uri": "{{ output.key_uri_without_version.value }}",
"key_uri_with_version": "{{ output.key_uri_without_version.value }}/{{ output.key_version.value }}",
"location": "{{ output.location.value }}",
"name": "{{ resourceName }}",
"region": "{{ output.location_lower.value }}",
"resource_group": "{{ resourceName }}",
"subscription_id": "{{ output.subscription_id.value }}",
"type": "Microsoft.KeyVault/vaults/keys",
"vault_name": "{{ resourceName }}"
}
]
22 changes: 22 additions & 0 deletions azure-test/tests/azure_key_vault_key/test-get-query.sql
Original file line number Diff line number Diff line change
@@ -0,0 +1,22 @@
select
name,
id,
vault_name,
enabled,
key_type,
curve_name,
key_size,
key_uri,
key_uri_with_version,
location,
type,
key_ops,
region,
resource_group,
subscription_id
from
azure.azure_key_vault_key
where
name = '{{ resourceName }}'
and vault_name = '{{ resourceName }}'
and resource_group = '{{ resourceName }}';
6 changes: 6 additions & 0 deletions azure-test/tests/azure_key_vault_key/test-list-expected.json
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@
[
{
"id": "/subscriptions/{{ output.subscription_id.value }}/resourceGroups/{{ resourceName }}/providers/Microsoft.KeyVault/vaults/{{ resourceName }}/keys/{{ resourceName }}",
"name": "{{ resourceName }}"
}
]
7 changes: 7 additions & 0 deletions azure-test/tests/azure_key_vault_key/test-list-query.sql
Original file line number Diff line number Diff line change
@@ -0,0 +1,7 @@
select
id,
name
from
azure.azure_key_vault_key
where
name = '{{ resourceName }}';
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
null
11 changes: 11 additions & 0 deletions azure-test/tests/azure_key_vault_key/test-not-found-query.sql
Original file line number Diff line number Diff line change
@@ -0,0 +1,11 @@
select
name,
akas,
tags,
title
from
azure.azure_key_vault_key
where
name = 'dummy-{{ resourceName }}'
and resource_group = '{{ resourceName }}'
and vault_name = '{{ resourceName }}';
13 changes: 13 additions & 0 deletions azure-test/tests/azure_key_vault_key/test-turbot-expected.json
Original file line number Diff line number Diff line change
@@ -0,0 +1,13 @@
[
{
"akas": [
"azure:///subscriptions/{{ output.subscription_id.value }}/resourceGroups/{{ resourceName }}/providers/Microsoft.KeyVault/vaults/{{ resourceName }}/keys/{{ resourceName }}",
"azure:///subscriptions/{{ output.subscription_id.value }}/resourcegroups/{{ resourceName }}/providers/microsoft.keyvault/vaults/{{ resourceName }}/keys/{{ resourceName }}"
],
"name": "{{ resourceName }}",
"tags": {
"name": "{{ resourceName }}"
},
"title": "{{ resourceName }}"
}
]
11 changes: 11 additions & 0 deletions azure-test/tests/azure_key_vault_key/test-turbot-query.sql
Original file line number Diff line number Diff line change
@@ -0,0 +1,11 @@
select
name,
akas,
title,
tags
from
azure.azure_key_vault_key
where
name = '{{ resourceName }}'
and resource_group = '{{ resourceName }}'
and vault_name = '{{ resourceName }}';
1 change: 1 addition & 0 deletions azure-test/tests/azure_key_vault_key/variables.json
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
{}
123 changes: 123 additions & 0 deletions azure-test/tests/azure_key_vault_key/variables.tf
Original file line number Diff line number Diff line change
@@ -0,0 +1,123 @@

variable "resource_name" {
type = string
default = "turbot-test-20200125-create-update"
description = "Name of the resource used throughout the test."
}

variable "azure_environment" {
type = string
default = "public"
description = "Azure environment used for the test."
}

variable "azure_subscription" {
type = string
default = "3510ae4d-530b-497d-8f30-53b9616fc6c1"
description = "Azure subscription used for the test."
}

provider "azurerm" {
features {}
environment = var.azure_environment
subscription_id = var.azure_subscription
}

data "azurerm_client_config" "current" {}

data "null_data_source" "resource" {
inputs = {
scope = "azure:///subscriptions/${data.azurerm_client_config.current.subscription_id}"
}
}

resource "azurerm_resource_group" "named_test_resource" {
name = var.resource_name
location = "West US"
}

resource "azurerm_key_vault" "named_test_resource" {
name = var.resource_name
location = azurerm_resource_group.named_test_resource.location
resource_group_name = azurerm_resource_group.named_test_resource.name
sku_name = "standard"
soft_delete_retention_days = 7
tenant_id = data.azurerm_client_config.current.tenant_id

access_policy {
tenant_id = data.azurerm_client_config.current.tenant_id
object_id = data.azurerm_client_config.current.object_id

key_permissions = [
"create",
"delete",
"get",
"purge",
"recover"
]

secret_permissions = [
"set",
]
}

tags = {
name = var.resource_name
}
}

resource "azurerm_key_vault_key" "named_test_resource" {
name = var.resource_name
key_vault_id = azurerm_key_vault.named_test_resource.id
key_type = "RSA"
key_size = 2048

key_opts = [
"decrypt",
"encrypt",
"sign",
"unwrapKey",
"verify",
"wrapKey",
]

tags = {
name = var.resource_name
}
}

output "resource_aka" {
value = "azure://${azurerm_key_vault_key.named_test_resource.id}"
}

output "resource_aka_lower" {
value = "azure://${lower(azurerm_key_vault_key.named_test_resource.id)}"
}

output "resource_name" {
value = var.resource_name
}

output "location" {
value = azurerm_resource_group.named_test_resource.location
}

output "location_lower" {
value = lower(azurerm_resource_group.named_test_resource.location)
}

output "resource_id" {
value = azurerm_key_vault_key.named_test_resource.id
}

output "key_version" {
value = azurerm_key_vault_key.named_test_resource.version
}

output "key_uri_without_version" {
value = azurerm_key_vault_key.named_test_resource.versionless_id
}

output "subscription_id" {
value = var.azure_subscription
}
3 changes: 2 additions & 1 deletion azure/plugin.go
Original file line number Diff line number Diff line change
Expand Up @@ -44,6 +44,7 @@ func Plugin(ctx context.Context) *plugin.Plugin {
"azure_diagnostic_setting": tableAzureDiagnosticSetting(ctx),
"azure_firewall": tableAzureFirewall(ctx),
"azure_key_vault": tableAzureKeyVault(ctx),
"azure_key_vault_key": tableAzureKeyVaultKey(ctx),
"azure_key_vault_secret": tableAzureKeyVaultSecret(ctx),
"azure_location": tableAzureLocation(ctx),
"azure_log_alert": tableAzureLogAlert(ctx),
Expand All @@ -61,8 +62,8 @@ func Plugin(ctx context.Context) *plugin.Plugin {
"azure_role_assignment": tableAzureIamRoleAssignment(ctx),
"azure_role_definition": tableAzureIamRoleDefinition(ctx),
"azure_route_table": tableAzureRouteTable(ctx),
"azure_sql_server": tableAzureSQLServer(ctx),
"azure_sql_database": tableAzureSqlDatabase(ctx),
"azure_sql_server": tableAzureSQLServer(ctx),
"azure_storage_account": tableAzureStorageAccount(ctx),
"azure_storage_blob_service": tableAzureStorageBlobService(ctx),
"azure_storage_container": tableAzureStorageContainer(ctx),
Expand Down
Loading