Open ghost opened 5 years ago
mattray
commented
5 years ago I'm adding preliminary Azure support in the upcoming 0.5.0 release and testing with the current InSpec 3.7. There's not a lot there because there are only the following InSpec resources: "azure_generic_resource", "azure_resource_group", "azure_virtual_machine", "azure_virtual_machine_data_disk",
I believe InSpec 4.0 is going to upgrade the Azure SDK, which will change any mappings we do but also greatly expand coverage.
josh-barker
commented
5 years ago Hey @mattray,
Have you seen the Azure resource pack? - https://github.com/inspec/inspec-azure There's quite a few more resources in there.
Are you planning on supporting resources from there too?
mattray
commented
5 years ago @josh-barker I'm going to push supporting resource packs to the next release. I'll need to figure a way to reference them in advance, so Iggy can load the resources to make the mappings. 0.5.0 will have support for the azurerm_resource_group and azurerm_virtual_machine as I look to sort out resource packs.
mattray
commented
5 years ago The 0.6.0 branch has working resource pack loading. This is under development the next 2 weeks
aheumaier
commented
4 years ago Any updates here ? On inspec-iggy-0.8.0 it seems generating empty profile on having just on azure resourcegroup resource :
src$ inspec terraform generate --tfstate terraform.tfstate -n demo_azure_profile --platform azure --resourcepath ~/inspec-azure-1.14.2 --debug
[2020-06-03T11:47:08+02:00] DEBUG: Iggy::FileHelper.parse_json file = terraform.tfstate
[2020-06-03T11:47:08+02:00] DEBUG: Iggy::Terraform::Generate.parse_resources resource_type = azurerm_resource_group azure_resource_group TRANSLATED
[2020-06-03T11:47:08+02:00] DEBUG: Iggy::Terraform.Generate.parse_generate resource_type = azure_resource_group SKIPPED
[2020-06-03T11:47:08+02:00] DEBUG: Iggy::Terraform.Generate.parse_generate resource_type = random_uuid SKIPPED
[2020-06-03T11:47:08+02:00] DEBUG: Iggy::Terraform::Generate.parse_generate controls = []
[2020-06-03T11:47:08+02:00] DEBUG: Iggy::Terraform::Generate.parse_generate generated_controls = []inspec 4.19.0
Hi
Im trying to generate a profile from Azure tfstate file. It seems to SKIP azure resources.
$ inspec version3.0.61$ inspec terraform generate -n testprofile2 --debug[2018-12-03T21:57:11+11:00] DEBUG: Iggy::Terraform.parse_tfstate file = terraform.tfstate[2018-12-03T21:57:11+11:00] DEBUG: Iggy::Terraform.parse_generate tf_res_type = azurerm_key_vault_access_policy SKIP[2018-12-03T21:57:11+11:00] DEBUG: Iggy::Terraform.parse_generate tf_res_type = azurerm_key_vault_access_policy SKIP[2018-12-03T21:57:11+11:00] DEBUG: Iggy::Terraform.parse_generate tf_res_type = azurerm_key_vault_access_policy SKIP[2018-12-03T21:57:11+11:00] DEBUG: Iggy::Terraform.parse_generate tf_res_type = azurerm_key_vault_access_policy SKIP[2018-12-03T21:57:11+11:00] DEBUG: Iggy::Terraform.parse_generate tf_res_type = azurerm_key_vault_secret SKIP[2018-12-03T21:57:11+11:00] DEBUG: Iggy::Terraform.parse_generate tf_res_type = azurerm_key_vault_secret SKIP[2018-12-03T21:57:11+11:00] DEBUG: Iggy::Terraform.parse_generate tf_res_type = azurerm_key_vault_secret SKIP[2018-12-03T21:57:11+11:00] DEBUG: Iggy::Terraform.parse_generate tf_res_type = azurerm_key_vault_secret SKIP[2018-12-03T21:57:11+11:00] DEBUG: Iggy::Terraform.parse_generate tf_res_type = azurerm_key_vault_secret SKIP[2018-12-03T21:57:11+11:00] DEBUG: Iggy::Terraform.parse_generate tf_res_type = azurerm_key_vault_secret SKIP[2018-12-03T21:57:11+11:00] DEBUG: Iggy::Terraform.parse_generate tf_res_type = azurerm_key_vault_secret SKIP[2018-12-03T21:57:11+11:00] DEBUG: Iggy::Terraform.parse_generate tf_res_type = azurerm_resource_group SKIP[2018-12-03T21:57:11+11:00] DEBUG: Iggy::Terraform.parse_generate tf_res_type = azurerm_storage_container SKIP[2018-12-03T21:57:11+11:00] DEBUG: Iggy::Terraform.parse_generate tf_res_type = azurerm_template_deployment SKIP[2018-12-03T21:57:11+11:00] DEBUG: Iggy::Terraform.parse_generate tf_res_type = azurerm_client_config SKIP[2018-12-03T21:57:11+11:00] DEBUG: Iggy::Terraform.parse_generate tf_res_type = azurerm_key_vault_secret SKIP[2018-12-03T21:57:11+11:00] DEBUG: Iggy::Terraform.parse_generate tf_res_type = azurerm_key_vault_secret SKIP[2018-12-03T21:57:11+11:00] DEBUG: Iggy::Terraform.parse_generate tf_res_type = azurerm_storage_account SKIP[2018-12-03T21:57:11+11:00] DEBUG: Iggy::Terraform.parse_generate tf_res_type = azurerm_storage_account SKIP[2018-12-03T21:57:11+11:00] DEBUG: Iggy::Terraform.parse_generate tf_res_type = azurerm_storage_account_sas SKIP[2018-12-03T21:57:11+11:00] DEBUG: Iggy::Terraform.parse_generate tf_res_type = azurerm_storage_account_sas SKIP[2018-12-03T21:57:11+11:00] DEBUG: Iggy::Terraform.parse_generate tf_res_type = external SKIP[2018-12-03T21:57:11+11:00] DEBUG: Iggy::Terraform.parse_generate tf_res_type = external SKIP[2018-12-03T21:57:11+11:00] DEBUG: Iggy::Terraform.parse_generate tf_res_type = external SKIP[2018-12-03T21:57:11+11:00] DEBUG: Iggy::Terraform.parse_generate tf_res_type = terraform_remote_state SKIP[2018-12-03T21:57:11+11:00] DEBUG: Iggy::Terraform.parse_generate tf_res_type = null_resource SKIP[2018-12-03T21:57:11+11:00] DEBUG: Iggy::Terraform.parse_generate tf_res_type = random_string SKIP[2018-12-03T21:57:11+11:00] DEBUG: Iggy::Terraform.parse_generate tf_res_type = azurerm_key_vault SKIP[2018-12-03T21:57:11+11:00] DEBUG: Iggy::Terraform.parse_generate tf_res_type = azurerm_key_vault_access_policy SKIP[2018-12-03T21:57:11+11:00] DEBUG: Iggy::Terraform.parse_generate tf_res_type = azurerm_resource_group SKIP[2018-12-03T21:57:11+11:00] DEBUG: Iggy::Terraform.parse_generate tf_res_type = azurerm_client_config SKIP[2018-12-03T21:57:11+11:00] DEBUG: Iggy::Terraform.parse_generate tf_res_type = azurerm_key_vault SKIP[2018-12-03T21:57:11+11:00] DEBUG: Iggy::Terraform.parse_generate tf_res_type = azurerm_key_vault_access_policy SKIP[2018-12-03T21:57:11+11:00] DEBUG: Iggy::Terraform.parse_generate tf_res_type = azurerm_resource_group SKIP[2018-12-03T21:57:11+11:00] DEBUG: Iggy::Terraform.parse_generate tf_res_type = azurerm_client_config SKIP[2018-12-03T21:57:11+11:00] DEBUG: Iggy::Terraform.parse_generate tf_res_type = azurerm_resource_group SKIP[2018-12-03T21:57:11+11:00] DEBUG: Iggy::Terraform.parse_generate tf_res_type = azurerm_storage_account SKIP[2018-12-03T21:57:11+11:00] DEBUG: Iggy::Terraform.parse_generate tf_res_type = azurerm_template_deployment SKIP[2018-12-03T21:57:11+11:00] DEBUG: Iggy::Terraform.parse_generate generated_controls = []control file turn up empty,
cat testprofile2/controls/controls.rbtitle "InSpec Profile: generated by Iggy v0.4.0"