search

inspec / inspec-azure

InSpec Azure Resource Pack
https://www.inspec.io/
Other
97 stars 80 forks source link

Alert triggered for deleted resource (Resource group 'test' could not be found.) #709

Open Rohit1509 opened 1 year ago

Rohit1509 commented 1 year ago

We are currently running into an error when resources have been deleted during the progress of the scan of a subscription. The errors typically look something like this: "Resource group 'test' could not be found.". If a deletion is in progress and Inspec catches the resource exactly at that same time, it gives an alert which ideally should not be the case.

Possible Solution

Implement error handling that skips the resource if the resource no longer exists

sathish-progress commented 1 year ago

Inspec always skips the resources when the resource is not available but tries to report it.. BTW, Could you give an example of your controls?

Rohit1509 commented 1 year ago

Inspec always skips the resources when the resource is not available but tries to report it.. BTW, Could you give an example of your controls?

Hi @sathish-progress , so it does catch a resource which is either not completely created or deleted and gives out this error mentioned in the title. This is example of control we have:

image

Rohit1509 commented 1 year ago

@sathish-progress , any updates on this issue ? Thanks!

sathish-progress commented 1 year ago

@Rohit1509 so the resource_data attribute that you have passed in this example lets you use the cached information from plural resource so if in case you have the data consistency issues, I would recommend to first check the resource with exists matcher and than use the other matchers

soumyo13 commented 1 year ago

Steps I followed:

  1. Created a resource group “test123”

  2. Created a storage_account say “sa123” in the resource group

  3. While running the control, I did the below cases:

    1. I deleted the resource_group along with the storage account - I didn’t get any errors. The control ran successfully.

    2. I deleted only the storage group keeping the resource group - I didn’t get any errors. The control ran successfully.

  4. Other cases also I tried. I hit on the delete button on the resource_group along with the storage account. And then immediately ran the control. It worked fine.

I tried these scenarios and I couldn’t able to replicate this issue. And in the comments, @sathish-progress also has given a solution.

If you are still getting this error, let us know the exact scenario so that we can work on it.