search

prancer-io / cloud-validation-framework

prancer platform is an IaC Security engine + Continuous Compliance for your cloud (Azure, AWS, GCP) and Kubernetes environment
https://www.prancer.io
Mozilla Public License 2.0
121 stars 29 forks source link

Azure Cloud: Microsoft.EventGrid/domains 'privateEndpointConnections' is generating as resource property while its a related resource type and should be generated as seperate resource type on same snapshot. #647

Open rezoan opened 1 year ago

rezoan commented 1 year ago

Generated Snapshot via prancer CVF:

{
  "structure": "azure",
  "reference": "Prancer Sandbox",
  "contentType": "json",
  "source": "azureConnector",
  "path": "/subscriptions/a6941677-4c37-42fb-960c-dad8f25060a3/resourceGroups/dev-rezoan/providers/Microsoft.EventGrid/domains/r4reduevgrd",
  "timestamp": 1672207177718,
  "queryuser": "whitekite-spn-shahin",
  "checksum": "c1e6357ee74007c76a350a7dafdac515",
  "node": {
    "masterSnapshotId": [
      "AZRSNP_509"
    ],
    "type": "Microsoft.EventGrid/domains",
    "collection": "Microsoft.EventGrid",
    "version": "2022-06-15",
    "snapshotId": "AZRSNP_50987",
    "path": "/subscriptions/a6941677-4c37-42fb-960c-dad8f25060a3/resourceGroups/dev-rezoan/providers/Microsoft.EventGrid/domains/r4reduevgrd",
    "validate": true,
    "status": "active"
  },
  "snapshotId": "AZRSNP_50987",
  "mastersnapshot": false,
  "masterSnapshotId": null,
  "collection": "microsofteventgrid",
  "region": "eastus",
  "session_id": "session_1672234362172",
  "json": {
    "resources": [
      {
        "properties": {
          "privateEndpointConnections": [
            {
              "properties": {
                "privateEndpoint": {
                  "id": "/subscriptions/a6941677-4c37-42fb-960c-dad8f25060a3/resourceGroups/dev-rezoan/providers/Microsoft.Network/privateEndpoints/r4reduevgpe"
                },
                "groupIds": [
                  "domain"
                ],
                "privateLinkServiceConnectionState": {
                  "status": "Approved",
                  "description": "Auto-approved",
                  "actionsRequired": "None"
                },
                "provisioningState": "Succeeded"
              },
              "id": "/subscriptions/a6941677-4c37-42fb-960c-dad8f25060a3/resourceGroups/dev-rezoan/providers/Microsoft.EventGrid/domains/r4reduevgrd/privateEndpointConnections/r4reduevgpe.24affcc0-db05-4df6-963b-92637e5109a3",
              "name": "r4reduevgpe.24affcc0-db05-4df6-963b-92637e5109a3",
              "type": "Microsoft.EventGrid/domains/privateEndpointConnections"
            }
          ],
          "provisioningState": "Succeeded",
          "endpoint": "https://r4reduevgrd.eastus-1.eventgrid.azure.net/api/events",
          "inputSchema": "EventGridSchema",
          "metricResourceId": "d53f56a5-f06a-452a-9270-34ebec95f469",
          "publicNetworkAccess": "Disabled",
          "inboundIpRules": [],
          "disableLocalAuth": true,
          "dataResidencyBoundary": "WithinGeopair"
        },
        "identity": {
          "type": "SystemAssigned",
          "principalId": "76d39641-bc97-4c79-8d6b-c0694799037b",
          "tenantId": "2367bdec-cf51-44b1-a8db-3677de1acc38",
          "userAssignedIdentities": null
        },
        "systemData": null,
        "location": "eastus",
        "tags": {},
        "id": "/subscriptions/a6941677-4c37-42fb-960c-dad8f25060a3/resourceGroups/dev-rezoan/providers/Microsoft.EventGrid/domains/r4reduevgrd",
        "name": "r4reduevgrd",
        "type": "Microsoft.EventGrid/domains"
      }
    ],
    "subscription_id": "a6941677-4c37-42fb-960c-dad8f25060a3",
    "resource_group": "dev-rezoan"
  }
}

Live cloud resource template:

{
    "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
    "contentVersion": "1.0.0.0",
    "parameters": {
        "domains_r4reduevgrd_name": {
            "defaultValue": "r4reduevgrd",
            "type": "String"
        },
        "privateEndpoints_r4reduevgpe_externalid": {
            "defaultValue": "/subscriptions/a6941677-4c37-42fb-960c-dad8f25060a3/resourceGroups/dev-rezoan/providers/Microsoft.Network/privateEndpoints/r4reduevgpe",
            "type": "String"
        }
    },
    "variables": {},
    "resources": [
        {
            "type": "Microsoft.EventGrid/domains",
            "apiVersion": "2022-06-15",
            "name": "[parameters('domains_r4reduevgrd_name')]",
            "location": "eastus",
            "identity": {
                "type": "SystemAssigned"
            },
            "properties": {
                "inputSchema": "EventGridSchema",
                "publicNetworkAccess": "Disabled",
                "inboundIpRules": [],
                "disableLocalAuth": true,
                "dataResidencyBoundary": "WithinGeopair"
            }
        },
        {
            "type": "Microsoft.EventGrid/domains/privateEndpointConnections",
            "apiVersion": "2022-06-15",
            "name": "[concat(parameters('domains_r4reduevgrd_name'), '/r4reduevgpe.24affcc0-db05-4df6-963b-92637e5109a3')]",
            "dependsOn": [
                "[resourceId('Microsoft.EventGrid/domains', parameters('domains_r4reduevgrd_name'))]"
            ],
            "properties": {
                "privateEndpoint": {
                    "id": "[parameters('privateEndpoints_r4reduevgpe_externalid')]"
                },
                "groupIds": [
                    "domain"
                ],
                "privateLinkServiceConnectionState": {
                    "status": "Approved",
                    "description": "Auto-approved",
                    "actionsRequired": "None"
                },
                "provisioningState": "Succeeded"
            }
        }
    ]
}

Live Resource url: https://portal.azure.com/#@prancerenterprise.com/resource/subscriptions/a6941677-4c37-42fb-960c-dad8f25060a3/resourceGroups/dev-rezoan/providers/Microsoft.EventGrid/domains/r4reduevgrd/exporttemplate

Compliance: PR-AZR-CLD-EGR-003