forked from mikaelkrief/inspec-azure
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathazurerm_subnets.md.erb
119 lines (77 loc) · 3.16 KB
/
azurerm_subnets.md.erb
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
---
title: About the azurerm_subnets Resource
platform: azure
---
# azurerm\_subnets
Use the `azurerm\_subnets` InSpec audit resource to test properties related to
subnets for a resource group.
<br />
## Azure REST API version
This resource interacts with version `2018-02-01` of the Azure
Management API. For more information see the [official Azure documentation](https://docs.microsoft.com/en-us/rest/api/virtualnetwork/subnets/list).
At the moment, there doesn't appear to be a way to select the version of the
Azure API docs. If you notice a newer version being referenced in the official
documentation please open an issue or submit a pull request using the updated
version.
## Availability
### Installation
This resource is available in the `inspec-azure` [resource
pack](https://www.inspec.io/docs/reference/glossary/#resource-pack). To use it, add the
following to your `inspec.yml` in your top-level profile:
depends:
inspec-azure:
git: https://github.com/inspec/inspec-azure.git
You'll also need to setup your Azure credentials; see the resource pack
[README](https://github.com/inspec/inspec-azure#inspec-for-azure).
### Version
This resource first became available in 1.2.0 of the inspec-azure resource pack.
## Syntax
The `resource_group` and 'vnet' must be given as a parameter.
describe azurerm_subnets(resource_group: 'MyResourceGroup', vnet: 'MyVnetName') do
...
end
## Examples
# Exists if any subnetss exist for a given virtual network in the resource group
describe azurerm_subnets(resource_group: 'MyResourceGroup', vnet: 'MyVnetName') do
it { should exist }
end
<br />
## Parameters
- `resource_group`, 'vnet'
### Parameter Examples
### resource\_group (required)
Defines the resource group of the subnet that you wish to test resides in.
describe azurerm_subnets(resource_group: 'MyResourceGroup', vnet: 'MyVnetName') do
...
end
### vnet (required)
Defines the virtual network that the subnet that you wish to test is a part of.
describe azurerm_subnets(resource_group: 'MyResourceGroup', vnet: 'MyVnetName') do
...
end
<br />
### name
Filters the results to only those that match the given name.
# Insist that MySubnet exists
describe azurerm_subnets(resource_group: 'MyResourceGroup', vnet: 'MyVnetName') do
.where(name: 'MySubnet') do
it { should exist }
end
## Attributes
- `names`
### names
Gives a list of all the subnet names in the virtual network.
its('names') { should include('SubnetName1', 'SubnetName2') }
## Matchers
This InSpec audit resource has the following special matchers. For a full list of
available matchers, please visit our [Universal Matchers
page](https://www.inspec.io/docs/reference/matchers/).
### exists
# Should not exist if no subnets are in the virtual network
describe azurerm_subnets(resource_group: 'MyResourceGroup', vnet: 'MyVnetName') do
it { should_not exist }
end
## Azure Permissions
Your [Service
Principal](https://docs.microsoft.com/en-us/azure/azure-resource-manager/resource-group-create-service-principal-portal)
must be setup with a `contributor` role on the subscription you wish to test.