From 447c6bcfa282dc2ee082acf4bc396b7837730140 Mon Sep 17 00:00:00 2001 From: ParthaI Date: Mon, 3 Jun 2024 18:31:54 +0530 Subject: [PATCH 1/2] Fixed missing web_application_firewall_configuration details in table azure_application_gateway Closes #765 --- azure/table_azure_application_gateway.go | 41 ++++++++++++++++++++++-- 1 file changed, 39 insertions(+), 2 deletions(-) diff --git a/azure/table_azure_application_gateway.go b/azure/table_azure_application_gateway.go index a7ef5b5d..6b2c58de 100644 --- a/azure/table_azure_application_gateway.go +++ b/azure/table_azure_application_gateway.go @@ -2,9 +2,11 @@ package azure import ( "context" + "reflect" + "strings" - "github.com/Azure/azure-sdk-for-go/profiles/preview/preview/monitor/mgmt/insights" "github.com/Azure/azure-sdk-for-go/profiles/latest/network/mgmt/network" + "github.com/Azure/azure-sdk-for-go/profiles/preview/preview/monitor/mgmt/insights" "github.com/turbot/steampipe-plugin-sdk/v5/grpc/proto" "github.com/turbot/steampipe-plugin-sdk/v5/plugin/transform" @@ -241,11 +243,16 @@ func tableAzureApplicationGateway(_ context.Context) *plugin.Table { Type: proto.ColumnType_JSON, Transform: transform.From(extractGatewayURLPathMaps), }, + // The list/get API response contains a property called WebApplicationFirewallConfiguration. + // However, in all cases, we are receiving a null value for this property. + // The CLI command exhibits the same behavior as the API. + // Therefore, we have added a hydrate function to retrieve these details. { Name: "web_application_firewall_configuration", Description: "Web application firewall configuration of the application gateway.", Type: proto.ColumnType_JSON, - Transform: transform.FromField("ApplicationGatewayPropertiesFormat.WebApplicationFirewallConfiguration"), + Hydrate: getWebApplicationFirewallConfiguration, + Transform: transform.FromValue(), }, { Name: "zones", @@ -405,6 +412,36 @@ func listApplicationGatewayDiagnosticSettings(ctx context.Context, d *plugin.Que return diagnosticSettings, nil } +func getWebApplicationFirewallConfiguration(ctx context.Context, d *plugin.QueryData, h *plugin.HydrateData) (interface{}, error) { + firewallPolicy := h.Item.(network.ApplicationGateway).FirewallPolicy + + // Check for any WAF policy association + if firewallPolicy == nil { + return nil, nil + } + policyId := firewallPolicy.ID + rgName := strings.Split(*policyId, "/")[4] + policyname := strings.Split(*policyId, "/")[len(strings.Split(*policyId, "/"))-1] + + // Create session + session, err := GetNewSession(ctx, d, "MANAGEMENT") + if err != nil { + return nil, err + } + subscriptionID := session.SubscriptionID + + client := network.NewWebApplicationFirewallPoliciesClientWithBaseURI(session.ResourceManagerEndpoint, subscriptionID) + client.Authorizer = session.Authorizer + + op, err := client.Get(ctx, rgName, policyname) + if err != nil { + plugin.Logger(ctx).Error("azure_application_gateway.getWebApplicationFirewallConfiguration", "api_error", err) + return nil, err + } + + return structToMap(reflect.ValueOf(*op.WebApplicationFirewallPolicyPropertiesFormat)), nil +} + //// TRANSFORM FUNCTIONS // If we return the API response directly, the output will not provide all the properties of GatewayIPConfigurations From ad65b1ef0e0290fc317f20b1b3affa7d61b8d259 Mon Sep 17 00:00:00 2001 From: ParthaI <47887552+ParthaI@users.noreply.github.com> Date: Wed, 5 Jun 2024 11:20:17 +0530 Subject: [PATCH 2/2] Updated the variable naming --- azure/table_azure_application_gateway.go | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/azure/table_azure_application_gateway.go b/azure/table_azure_application_gateway.go index 6b2c58de..68da1a25 100644 --- a/azure/table_azure_application_gateway.go +++ b/azure/table_azure_application_gateway.go @@ -420,7 +420,7 @@ func getWebApplicationFirewallConfiguration(ctx context.Context, d *plugin.Query return nil, nil } policyId := firewallPolicy.ID - rgName := strings.Split(*policyId, "/")[4] + resourceGroup := strings.Split(*policyId, "/")[4] policyname := strings.Split(*policyId, "/")[len(strings.Split(*policyId, "/"))-1] // Create session @@ -433,7 +433,7 @@ func getWebApplicationFirewallConfiguration(ctx context.Context, d *plugin.Query client := network.NewWebApplicationFirewallPoliciesClientWithBaseURI(session.ResourceManagerEndpoint, subscriptionID) client.Authorizer = session.Authorizer - op, err := client.Get(ctx, rgName, policyname) + op, err := client.Get(ctx, resourceGroup, policyname) if err != nil { plugin.Logger(ctx).Error("azure_application_gateway.getWebApplicationFirewallConfiguration", "api_error", err) return nil, err