azurerm_network_security_groups resource
Use the azurerm_network_security_groups
InSpec audit resource to enumerate Network Security Groups.
Azure REST API version
This resource interacts with version 2018-02-01
of the Azure Management API. For more information see the official Azure documentation.
At the moment, there doesn’t appear to be a way to select the version of the Azure API docs. If you notice a newer version being referenced in the official documentation please open an issue or submit a pull request using the updated version.
Availability
Installation
This resource is available in the inspec-azure
resource pack. To use it, add the following to your inspec.yml
in your top-level profile:
depends:
- name: inspec-azure
git: https://github.com/inspec/inspec-azure.git
You’ll also need to setup your Azure credentials; see the resource pack README.
Syntax
An azurerm_network_security_groups
resource block identifies Network Security Groups by Resource Group.
describe azurerm_network_security_groups(resource_group: 'ExampleGroup') do
...
end
Examples
Test that an example Resource Group has the named Network Security Group
describe azurerm_network_security_groups(resource_group: 'ExampleGroup') do
its('names') { should include('ExampleNetworkSecurityGroup') }
end
Attributes
names
names
The name of the Network Security Group
its('names') { should include('ExampleNetworkSecurityGroup') }
Matchers
This InSpec audit resource has the following special matchers. For a full list of available matchers, please visit our Universal Matchers page.
exists
The control will pass if the resource returns a result. Use should_not
if you expect zero matches.
# If we expect 'ExampleGroup' Resource Group to have Network Security Groups
describe azurerm_network_security_groups(resource_group: 'ExampleGroup') do
it { should exist }
end
# If we expect 'EmptyExampleGroup' Resource Group to not have Network Security Groups
describe azurerm_network_security_groups(resource_group: 'EmptyExampleGroup') do
it { should_not exist }
end
Azure Permissions
Your Service Principal must be setup with a contributor
role on the subscription you wish to test.
© Chef Software, Inc.
Licensed under the Creative Commons Attribution 3.0 Unported License.
The Chef™ Mark and Chef Logo are either registered trademarks/service marks or trademarks/servicemarks of Chef, in the United States and other countries and are used with Chef Inc's permission.
We are not affiliated with, endorsed or sponsored by Chef Inc.
https://docs.chef.io/inspec/resources/azurerm_network_security_groups/