Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add support to query identity settings in App Service > Web App. closes #54 #90

Merged
merged 5 commits into from
May 4, 2021
Merged

Add support to query identity settings in App Service > Web App. closes #54 #90

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
5 commits
Select commit Hold shift + click to select a range
4c6e8a9
Add support to query identity settings in App Service > Web App
Paulami30 Apr 9, 2021
359fcd3
Added a single column for identity object
sayan133 Apr 23, 2021
8c2132c
Made review changes
sayan133 Apr 30, 2021
849c03e
Added new example in doc
sayan133 May 3, 2021
c0c0212
Update examples
cbruno10 May 4, 2021
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
9 changes: 7 additions & 2 deletions azure-test/tests/azure_app_service_web_app/test-get-expected.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,10 +4,15 @@
"enabled": true,
"https_only": false,
"id": "{{ output.resource_id.value }}",
"identity": {
"PrincipalID": "{{ output.principal_id.value }}",
"TenantID": "{{ output.tenant_id.value }}",
"Type": "SystemAssigned"
},
"kind": "app",
"name": "{{resourceName}}",
"region": "East US",
"region": "east us",
"reserved": false,
"resource_group": "{{resourceName}}"
}
]
]
4 changes: 2 additions & 2 deletions azure-test/tests/azure_app_service_web_app/test-get-query.sql
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,3 +1,3 @@
select name, id, kind, region, client_affinity_enabled, enabled, https_only, reserved, resource_group
select name, id, kind, region, client_affinity_enabled, enabled, https_only, reserved, resource_group, identity
from azure.azure_app_service_web_app
where name = '{{resourceName}}' and resource_group = '{{resourceName}}'
where name = '{{resourceName}}' and resource_group = '{{resourceName}}';
4 changes: 2 additions & 2 deletions azure-test/tests/azure_app_service_web_app/test-hydrate-expected.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@
"id": "{{ output.resource_id.value }}",
"kind": "app",
"name": "{{resourceName}}",
"region": "East US",
"region": "east us",
"resource_group": "{{resourceName}}"
}
]
]
2 changes: 1 addition & 1 deletion azure-test/tests/azure_app_service_web_app/test-hydrate-query.sql
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,3 +1,3 @@
select name, id, kind, region, client_affinity_enabled, enabled, https_only, resource_group
from azure.azure_app_service_web_app
where name = '{{resourceName}}' and resource_group = '{{resourceName}}'
where name = '{{resourceName}}' and resource_group = '{{resourceName}}';
7 changes: 6 additions & 1 deletion azure-test/tests/azure_app_service_web_app/test-list-expected.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,11 @@
[
{
"id": "{{ output.resource_id.value }}",
"identity": {
"PrincipalID": "{{ output.principal_id.value }}",
"TenantID": "{{ output.tenant_id.value }}",
"Type": "SystemAssigned"
},
"name": "{{resourceName}}"
}
]
]
4 changes: 2 additions & 2 deletions azure-test/tests/azure_app_service_web_app/test-list-query.sql
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,3 +1,3 @@
select id, name
select id, name, identity
from azure.azure_app_service_web_app
where name = '{{resourceName}}'
where name = '{{resourceName}}';
2 changes: 1 addition & 1 deletion azure-test/tests/azure_app_service_web_app/test-not-found-expected.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1 +1 @@
null
null
2 changes: 1 addition & 1 deletion azure-test/tests/azure_app_service_web_app/test-not-found-query.sql
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,3 +1,3 @@
select name, id
from azure.azure_app_service_web_app
where name = 'dummy-{{resourceName}}' and resource_group = '{{resourceName}}'
where name = 'dummy-{{resourceName}}' and resource_group = '{{resourceName}}';
2 changes: 1 addition & 1 deletion azure-test/tests/azure_app_service_web_app/test-turbot-expected.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,4 +10,4 @@
},
"title": "{{resourceName}}"
}
]
]
2 changes: 1 addition & 1 deletion azure-test/tests/azure_app_service_web_app/test-turbot-query.sql
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,3 +1,3 @@
select name, akas, title, tags
from azure.azure_app_service_web_app
where name = '{{resourceName}}' and resource_group = '{{resourceName}}'
where name = '{{resourceName}}' and resource_group = '{{resourceName}}';
11 changes: 11 additions & 0 deletions azure-test/tests/azure_app_service_web_app/variables.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -62,6 +62,9 @@ resource "azurerm_app_service" "named_test_resource" {
location = azurerm_resource_group.named_test_resource.location
resource_group_name = azurerm_resource_group.named_test_resource.name
app_service_plan_id = azurerm_app_service_plan.named_test_resource.id
identity {
type = "SystemAssigned"
}

tags = {
name = var.resource_name
Expand All @@ -87,3 +90,11 @@ output "resource_id" {
output "subscription_id" {
value = var.azure_subscription
}

output "tenant_id" {
value = azurerm_app_service.named_test_resource.identity[0].tenant_id
}

output "principal_id" {
value = azurerm_app_service.named_test_resource.identity[0].principal_id
}
28 changes: 28 additions & 0 deletions azure/table_azure_app_service_web_app.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -88,6 +88,12 @@ func tableAzureAppServiceWebApp(_ context.Context) *plugin.Table {
Type: proto.ColumnType_BOOL,
Transform: transform.FromField("SiteProperties.HTTPSOnly"),
},
{
Name: "identity",
Description: "Managed service identity for the resource.",
Type: proto.ColumnType_JSON,
Transform: transform.From(webAppIdentity),
},
{
Name: "outbound_ip_addresses",
Description: "List of IP addresses that the app uses for outbound connections (e.g. database access).",
Expand Down Expand Up @@ -286,3 +292,25 @@ func getAppServiceWebAppSiteAuthSetting(ctx context.Context, d *plugin.QueryData

return op, nil
}

//// TRANSFORM FUNCTION

func webAppIdentity(ctx context.Context, d *transform.TransformData) (interface{}, error) {
data := d.HydrateItem.(web.Site)
objectMap := make(map[string]interface{})
if data.Identity != nil {
if &data.Identity.Type != nil {
objectMap["Type"] = data.Identity.Type
}
if data.Identity.TenantID != nil {
objectMap["TenantID"] = data.Identity.TenantID
}
if data.Identity.PrincipalID != nil {
objectMap["PrincipalID"] = data.Identity.PrincipalID
}
if data.Identity.UserAssignedIdentities != nil {
objectMap["UserAssignedIdentities"] = data.Identity.UserAssignedIdentities
}
}
return objectMap, nil
}
15 changes: 15 additions & 0 deletions docs/tables/azure_app_service_web_app.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -85,3 +85,18 @@ from
where
configuration -> 'properties' ->> 'ftpsState' <> 'AllAllowed';
```


### List web apps that have managed service identity disabled

```sql
select
name,
enabled,
region,
identity
from
azure_app_service_web_app
where
identity = '{}';
```