diff --git a/azure-test/tests/azure_automation_account/dependencies.txt b/azure-test/tests/azure_automation_account/dependencies.txt new file mode 100644 index 00000000..e69de29b diff --git a/azure-test/tests/azure_automation_account/test-get-expected.json b/azure-test/tests/azure_automation_account/test-get-expected.json new file mode 100644 index 00000000..b26a6e95 --- /dev/null +++ b/azure-test/tests/azure_automation_account/test-get-expected.json @@ -0,0 +1,10 @@ +[ + { + "id": "{{ output.resource_id.value }}", + "name": "{{ resourceName }}", + "region": "{{ output.location.value }}", + "resource_group": "{{ resourceName }}", + "subscription_id": "{{ output.subscription_id.value }}", + "type": "Microsoft.Automation/AutomationAccounts" + } +] diff --git a/azure-test/tests/azure_automation_account/test-get-query.sql b/azure-test/tests/azure_automation_account/test-get-query.sql new file mode 100644 index 00000000..5a973b16 --- /dev/null +++ b/azure-test/tests/azure_automation_account/test-get-query.sql @@ -0,0 +1,3 @@ +select name, id, type, region, resource_group, subscription_id +from azure.azure_automation_account +where name = '{{ resourceName }}' and resource_group = '{{ resourceName }}'; \ No newline at end of file diff --git a/azure-test/tests/azure_automation_account/test-list-expected.json b/azure-test/tests/azure_automation_account/test-list-expected.json new file mode 100644 index 00000000..6fe8701d --- /dev/null +++ b/azure-test/tests/azure_automation_account/test-list-expected.json @@ -0,0 +1,7 @@ +[ + { + "id": "{{ output.resource_id.value }}", + "name": "{{ resourceName }}", + "type": "Microsoft.Automation/AutomationAccounts" + } +] diff --git a/azure-test/tests/azure_automation_account/test-list-query.sql b/azure-test/tests/azure_automation_account/test-list-query.sql new file mode 100644 index 00000000..45a0ffd0 --- /dev/null +++ b/azure-test/tests/azure_automation_account/test-list-query.sql @@ -0,0 +1,3 @@ +select name, id, type +from azure.azure_automation_account +where name = '{{ resourceName }}'; \ No newline at end of file diff --git a/azure-test/tests/azure_automation_account/test-not-found-expected.json b/azure-test/tests/azure_automation_account/test-not-found-expected.json new file mode 100644 index 00000000..19765bd5 --- /dev/null +++ b/azure-test/tests/azure_automation_account/test-not-found-expected.json @@ -0,0 +1 @@ +null diff --git a/azure-test/tests/azure_automation_account/test-not-found-query.sql b/azure-test/tests/azure_automation_account/test-not-found-query.sql new file mode 100644 index 00000000..2e2fa794 --- /dev/null +++ b/azure-test/tests/azure_automation_account/test-not-found-query.sql @@ -0,0 +1,3 @@ +select name, tags, title, akas +from azure.azure_automation_account +where name = 'dummy-{{ resourceName }}' and resource_group = '{{ resourceName }}'; \ No newline at end of file diff --git a/azure-test/tests/azure_automation_account/test-turbot-expected.json b/azure-test/tests/azure_automation_account/test-turbot-expected.json new file mode 100644 index 00000000..02cd3c76 --- /dev/null +++ b/azure-test/tests/azure_automation_account/test-turbot-expected.json @@ -0,0 +1,10 @@ +[ + { + "akas": [ + "{{ output.resource_aka.value }}", + "{{ output.resource_aka_lower.value }}" + ], + "name": "{{ resourceName }}", + "title": "{{ resourceName }}" + } +] diff --git a/azure-test/tests/azure_automation_account/test-turbot-query.sql b/azure-test/tests/azure_automation_account/test-turbot-query.sql new file mode 100644 index 00000000..4e79e1d5 --- /dev/null +++ b/azure-test/tests/azure_automation_account/test-turbot-query.sql @@ -0,0 +1,3 @@ +select name, title, akas +from azure.azure_automation_account +where name = '{{ resourceName }}' and resource_group = '{{ resourceName }}'; \ No newline at end of file diff --git a/azure-test/tests/azure_automation_account/variables.json b/azure-test/tests/azure_automation_account/variables.json new file mode 100644 index 00000000..0967ef42 --- /dev/null +++ b/azure-test/tests/azure_automation_account/variables.json @@ -0,0 +1 @@ +{} diff --git a/azure-test/tests/azure_automation_account/variables.tf b/azure-test/tests/azure_automation_account/variables.tf new file mode 100644 index 00000000..c201d060 --- /dev/null +++ b/azure-test/tests/azure_automation_account/variables.tf @@ -0,0 +1,72 @@ +variable "resource_name" { + type = string + default = "steampipe-test" + description = "Name of the resource used throughout the test." +} + +variable "azure_environment" { + type = string + default = "public" + description = "Azure environment used for the test." +} + +variable "azure_subscription" { + type = string + default = "3510ae4d-530b-497d-8f30-53b9616fc6c1" + description = "Azure subscription used for the test." +} + +provider "azurerm" { + # Cannot be passed as a variable + environment = var.azure_environment + subscription_id = var.azure_subscription + features {} +} + +data "azurerm_client_config" "current" {} + +data "null_data_source" "resource" { + inputs = { + scope = "azure:///subscriptions/${data.azurerm_client_config.current.subscription_id}" + } +} + +resource "azurerm_resource_group" "named_test_resource" { + name = var.resource_name + location = "East US" +} + +resource "azurerm_automation_account" "named_test_resource" { + name = var.resource_name + location = azurerm_resource_group.named_test_resource.location + resource_group_name = azurerm_resource_group.named_test_resource.name + sku_name = "Basic" + + tags = { + name = var.resource_name + } +} + +output "resource_aka" { + value = "azure://${azurerm_automation_account.named_test_resource.id}" +} + +output "resource_aka_lower" { + value = "azure://${lower(azurerm_automation_account.named_test_resource.id)}" +} + +output "resource_name" { + value = var.resource_name +} + +output "resource_id" { + value = azurerm_automation_account.named_test_resource.id +} + +output "location" { + value = azurerm_resource_group.named_test_resource.location +} + +output "subscription_id" { + value = var.azure_subscription +} diff --git a/azure/plugin.go b/azure/plugin.go index e07353f2..09090328 100644 --- a/azure/plugin.go +++ b/azure/plugin.go @@ -39,6 +39,7 @@ func Plugin(ctx context.Context) *plugin.Plugin { "azure_app_service_web_app": tableAzureAppServiceWebApp(ctx), "azure_application_gateway": tableAzureApplicationGateway(ctx), "azure_application_security_group": tableAzureApplicationSecurityGroup(ctx), + "azure_automation_account": tableAzureApAutomationAccount(ctx), "azure_automation_variable": tableAzureApAutomationVariable(ctx), "azure_batch_account": tableAzureBatchAccount(ctx), "azure_cognitive_account": tableAzureCognitiveAccount(ctx), diff --git a/azure/table_azure_automation_account.go b/azure/table_azure_automation_account.go new file mode 100644 index 00000000..114cb8d4 --- /dev/null +++ b/azure/table_azure_automation_account.go @@ -0,0 +1,208 @@ +package azure + +import ( + "context" + + "github.com/Azure/azure-sdk-for-go/services/automation/mgmt/2019-06-01/automation" + "github.com/turbot/steampipe-plugin-sdk/v4/grpc/proto" + "github.com/turbot/steampipe-plugin-sdk/v4/plugin/transform" + + "github.com/turbot/steampipe-plugin-sdk/v4/plugin" +) + +//// TABLE DEFINITION //// + +func tableAzureApAutomationAccount(_ context.Context) *plugin.Table { + return &plugin.Table{ + Name: "azure_automation_account", + Description: "Azure Automation Account", + Get: &plugin.GetConfig{ + KeyColumns: plugin.AllColumns([]string{"name", "resource_group"}), + Hydrate: getAutomationAccount, + IgnoreConfig: &plugin.IgnoreConfig{ + ShouldIgnoreErrorFunc: isNotFoundError([]string{"ResourceNotFound", "ResourceGroupNotFound", "404"}), + }, + }, + List: &plugin.ListConfig{ + Hydrate: listAutomationAccounts, + }, + Columns: azureColumns([]*plugin.Column{ + { + Name: "name", + Type: proto.ColumnType_STRING, + Description: "The name of the resource.", + }, + { + Name: "id", + Description: "Fully qualified resource ID.", + Type: proto.ColumnType_STRING, + Transform: transform.FromGo(), + }, + { + Name: "description", + Description: "The description for the account.", + Type: proto.ColumnType_STRING, + Transform: transform.FromField("AccountProperties.Description"), + }, + { + Name: "etag", + Description: "Gets the etag of the resource.", + Type: proto.ColumnType_STRING, + }, + { + Name: "creation_time", + Description: "The creation time of the account.", + Type: proto.ColumnType_TIMESTAMP, + Transform: transform.FromField("AccountProperties.CreationTime.Time"), + }, + { + Name: "last_modified_time", + Description: "The last modified time of the account.", + Type: proto.ColumnType_TIMESTAMP, + Transform: transform.FromField("AccountProperties.LastModifiedTime.Time"), + }, + { + Name: "last_modified_by", + Description: "The account last modified by.", + Type: proto.ColumnType_STRING, + Transform: transform.FromField("AccountProperties.LastModifiedBy"), + }, + { + Name: "type", + Description: "The type of the resource.", + Type: proto.ColumnType_STRING, + }, + { + Name: "state", + Description: "The status of account. Possible values include: 'AccountStateOk', 'AccountStateUnavailable', 'AccountStateSuspended'.", + Type: proto.ColumnType_STRING, + Transform: transform.FromField("AccountProperties.State"), + }, + { + Name: "sku_name", + Description: "The SKU name of the account. Possible values include: 'SkuNameEnumFree', 'SkuNameEnumBasic'.", + Type: proto.ColumnType_STRING, + Transform: transform.FromField("Sku.Name"), + }, + { + Name: "sku_family", + Description: "The SKU family of the account.", + Type: proto.ColumnType_STRING, + Transform: transform.FromField("Sku.Family"), + }, + { + Name: "sku_capacity", + Description: "The SKU capacity of the account.", + Type: proto.ColumnType_STRING, + Transform: transform.FromField("Sku.Capacity"), + }, + + // Steampipe standard columns + { + Name: "title", + Description: ColumnDescriptionTitle, + Type: proto.ColumnType_STRING, + Transform: transform.FromField("Name"), + }, + { + Name: "tags", + Description: ColumnDescriptionTags, + Type: proto.ColumnType_JSON, + }, + { + Name: "akas", + Description: ColumnDescriptionAkas, + Type: proto.ColumnType_JSON, + Transform: transform.FromField("ID").Transform(idToAkas), + }, + + // Azure standard columns + { + Name: "region", + Description: ColumnDescriptionRegion, + Type: proto.ColumnType_STRING, + Transform: transform.FromField("Location").Transform(toLower), + }, + { + Name: "resource_group", + Description: ColumnDescriptionResourceGroup, + Type: proto.ColumnType_STRING, + Transform: transform.FromField("ID").Transform(extractResourceGroupFromID), + }, + }), + } +} + +//// LIST FUNCTION //// + +func listAutomationAccounts(ctx context.Context, d *plugin.QueryData, _ *plugin.HydrateData) (interface{}, error) { + session, err := GetNewSession(ctx, d, "MANAGEMENT") + if err != nil { + return nil, err + } + subscriptionID := session.SubscriptionID + + accountClient := automation.NewAccountClientWithBaseURI(session.ResourceManagerEndpoint, subscriptionID) + accountClient.Authorizer = session.Authorizer + + result, err := accountClient.List(ctx) + if err != nil { + return nil, err + } + + for _, account := range result.Values() { + d.StreamListItem(ctx, account) + // Check if context has been cancelled or if the limit has been hit (if specified) + // if there is a limit, it will return the number of rows required to reach this limit + if d.QueryStatus.RowsRemaining(ctx) == 0 { + return nil, nil + } + } + + for result.NotDone() { + err = result.NextWithContext(ctx) + if err != nil { + return nil, err + } + + for _, account := range result.Values() { + d.StreamListItem(ctx, account) + // Check if context has been cancelled or if the limit has been hit (if specified) + // if there is a limit, it will return the number of rows required to reach this limit + if d.QueryStatus.RowsRemaining(ctx) == 0 { + return nil, nil + } + } + } + return nil, err +} + +//// HYDRATE FUNCTIONS //// + +func getAutomationAccount(ctx context.Context, d *plugin.QueryData, h *plugin.HydrateData) (interface{}, error) { + + name := d.KeyColumnQuals["name"].GetStringValue() + resourceGroup := d.KeyColumnQuals["resource_group"].GetStringValue() + + session, err := GetNewSession(ctx, d, "MANAGEMENT") + if err != nil { + return nil, err + } + subscriptionID := session.SubscriptionID + + accountClient := automation.NewAccountClientWithBaseURI(session.ResourceManagerEndpoint, subscriptionID) + accountClient.Authorizer = session.Authorizer + + op, err := accountClient.Get(ctx, resourceGroup, name) + if err != nil { + return nil, err + } + + // In some cases resource does not give any notFound error + // Instead it returns empty data + if op.ID != nil { + return op, nil + } + + return nil, nil +} diff --git a/docs/tables/azure_automation_account.md b/docs/tables/azure_automation_account.md new file mode 100644 index 00000000..13c4e66b --- /dev/null +++ b/docs/tables/azure_automation_account.md @@ -0,0 +1,48 @@ +# Table: azure_automation_account + + Automation accounts allow you to isolate your Automation resources, runbooks, assets, and configurations from the resources of other accounts. You can use Automation accounts to separate resources into separate logical environments or delegated responsibilities. + +## Examples + +### Basic info + +```sql +select + name, + id, + resource_group, + type +from + azure_automation_account; +``` + +### List accounts that are created in last 30 days + +```sql +select + name, + id, + resource_group, + type, + creation_time +from + azure_automation_account +where + creation_time >= now() - interval '30' day; +``` + +### List accounts that are suspended + +```sql +select + name, + id, + resource_group, + type, + creation_time, + state +from + azure_automation_account +where + state = 'AccountStateSuspended'; +```