Skip to content

Commit

Permalink
add rule for azapi resource
Browse files Browse the repository at this point in the history
  • Loading branch information
@lonegunmanb
lonegunmanb committed Feb 14, 2025
1 parent 4ce92dc commit af6db79
Show file tree
Hide file tree
Showing 2 changed files with 251 additions and 0 deletions.
234 changes: 234 additions & 0 deletions ...y-v2/azapi/network/microsoft_network_virtualNetworkGateways_properties_sku_name.mock.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -25,6 +25,240 @@
}
}
]
},
"invalid_basic": {
"resource_changes": [
{
"address": "azapi_resource.res",
"mode": "managed",
"type": "azapi_resource",
"name": "res",
"provider_name": "registry.terraform.io/azure/azapi",
"change": {
"actions": [
"create"
],
"after": {
"body": {
"properties": {
"sku": {
"name": "Basic"
}
}
},
"type": "Microsoft.Network/virtualNetworkGateways@2024-05-01"
}
}
}
]
},
"invalid_vpngw1": {
"resource_changes": [
{
"address": "azapi_resource.res",
"mode": "managed",
"type": "azapi_resource",
"name": "res",
"provider_name": "registry.terraform.io/azure/azapi",
"change": {
"actions": [
"create"
],
"after": {
"body": {
"properties": {
"sku": {
"name": "VpnGw1"
}
}
},
"type": "Microsoft.Network/virtualNetworkGateways@2024-05-01"
}
}
}
]
},
"ergw1az": {
"resource_changes": [
{
"address": "azapi_resource.res",
"mode": "managed",
"type": "azapi_resource",
"name": "res",
"provider_name": "registry.terraform.io/azure/azapi",
"change": {
"actions": [
"create"
],
"after": {
"body": {
"properties": {
"sku": {
"name": "ErGw1AZ"
}
}
},
"type": "Microsoft.Network/virtualNetworkGateways@2024-05-01"
}
}
}
]
},
"ergw2az": {
"resource_changes": [
{
"address": "azapi_resource.res",
"mode": "managed",
"type": "azapi_resource",
"name": "res",
"provider_name": "registry.terraform.io/azure/azapi",
"change": {
"actions": [
"create"
],
"after": {
"body": {
"properties": {
"sku": {
"name": "ErGw2AZ"
}
}
},
"type": "Microsoft.Network/virtualNetworkGateways@2024-05-01"
}
}
}
]
},
"ergw3az": {
"resource_changes": [
{
"address": "azapi_resource.res",
"mode": "managed",
"type": "azapi_resource",
"name": "res",
"provider_name": "registry.terraform.io/azure/azapi",
"change": {
"actions": [
"create"
],
"after": {
"body": {
"properties": {
"sku": {
"name": "ErGw3AZ"
}
}
},
"type": "Microsoft.Network/virtualNetworkGateways@2024-05-01"
}
}
}
]
},
"vpngw2az": {
"resource_changes": [
{
"address": "azapi_resource.res",
"mode": "managed",
"type": "azapi_resource",
"name": "res",
"provider_name": "registry.terraform.io/azure/azapi",
"change": {
"actions": [
"create"
],
"after": {
"body": {
"properties": {
"sku": {
"name": "VpnGw2AZ"
}
}
},
"type": "Microsoft.Network/virtualNetworkGateways@2024-05-01"
}
}
}
]
},
"vpngw3az": {
"resource_changes": [
{
"address": "azapi_resource.res",
"mode": "managed",
"type": "azapi_resource",
"name": "res",
"provider_name": "registry.terraform.io/azure/azapi",
"change": {
"actions": [
"create"
],
"after": {
"body": {
"properties": {
"sku": {
"name": "VpnGw3AZ"
}
}
},
"type": "Microsoft.Network/virtualNetworkGateways@2024-05-01"
}
}
}
]
},
"vpngw4az": {
"resource_changes": [
{
"address": "azapi_resource.res",
"mode": "managed",
"type": "azapi_resource",
"name": "res",
"provider_name": "registry.terraform.io/azure/azapi",
"change": {
"actions": [
"create"
],
"after": {
"body": {
"properties": {
"sku": {
"name": "VpnGw4AZ"
}
}
},
"type": "Microsoft.Network/virtualNetworkGateways@2024-05-01"
}
}
}
]
},
"vpngw5az": {
"resource_changes": [
{
"address": "azapi_resource.res",
"mode": "managed",
"type": "azapi_resource",
"name": "res",
"provider_name": "registry.terraform.io/azure/azapi",
"change": {
"actions": [
"create"
],
"after": {
"body": {
"properties": {
"sku": {
"name": "VpnGw5AZ"
}
}
},
"type": "Microsoft.Network/virtualNetworkGateways@2024-05-01"
}
}
}
]
}
}
}
17 changes: 17 additions & 0 deletions ...ibrary-v2/azapi/network/microsoft_network_virtualNetworkGateways_properties_sku_name.rego
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,17 @@
package Azure_Proactive_Resiliency_Library_v2.virtual_network_gateway_use_zone_redundant_sku

import rego.v1

valid_azapi_sku_name(resource) if {
zone_redundant_skus := {"ErGw1AZ", "ErGw2AZ", "ErGw3AZ", "VpnGw1AZ", "VpnGw2AZ", "VpnGw3AZ", "VpnGw4AZ", "VpnGw5AZ"}
zone_redundant_skus[resource.values.body.properties.sku.name]
}


deny_virtual_network_gateway_use_zone_redundant_sku contains reason if {
resource := data.utils.resource(input, "azapi_resource")[_]
data.utils.is_azure_type(resource.values, "Microsoft.Network/virtualNetworkGateways")
not valid_azapi_sku_name(resource)

reason := sprintf("Azure-Proactive-Resiliency-Library-v2: '%s' `azapi_resource` must have configured `sku.name` to one of {\"ErGw1AZ\", \"ErGw2AZ\", \"ErGw3AZ\", \"VpnGw1AZ\", \"VpnGw2AZ\", \"VpnGw3AZ\", \"VpnGw4AZ\", \"VpnGw5AZ\"}: https://azure.github.io/Azure-Proactive-Resiliency-Library-v2/azure-resources/Network/virtualNetworkGateways/#use-zone-redundant-expressroute-gateway-skus", [resource.address])
}

0 comments on commit af6db79

Please sign in to comment.