Add lib for mysql server and mysql database

.gitignore

@@ -1,6 +1,6 @@
 test/fixtures/vcr_cassettes
 .terraform
-terraform/.*-attributes.yml
+**/.*-attributes.yml
 terraform/.terraform/
 terraform/terraform.tfstate*
 terraform/terraform.tfstate.backup

README.md

@@ -99,6 +99,7 @@ end
 
 The following resources are available in the InSpec Azure Resource Pack
 
+
 - [azurerm_ad_user](docs/resources/azurerm_ad_user.md.erb)
 - [azurerm_ad_users](docs/resources/azurerm_ad_users.md.erb)
 - [azurerm_key_vault](docs/resources/azurerm_key_vault.md.erb)
@@ -111,6 +112,10 @@ The following resources are available in the InSpec Azure Resource Pack
 - [azurerm_monitor_activity_log_alerts](docs/resources/azurerm_monitor_activity_log_alerts.md.erb)
 - [azurerm_monitor_log_profile](docs/resources/azurerm_monitor_log_profile.md.erb)
 - [azurerm_monitor_log_profiles](docs/resources/azurerm_monitor_log_profiles.md.erb)
+- [azurerm_mysql_database](docs/resources/azurerm_mysql_database.md.erb)
+- [azurerm_mysql_databases](docs/resources/azurerm_mysql_databases.md.erb)
+- [azurerm_mysql_server](docs/resources/azurerm_mysql_server.md.erb)
+- [azurerm_mysql_servers](docs/resources/azurerm_mysql_servers.md.erb)
 - [azurerm_network_security_group](docs/resources/azurerm_network_security_group.md.erb)
 - [azurerm_network_security_groups](docs/resources/azurerm_network_security_groups.md.erb)
 - [azurerm_network_watcher](docs/resources/azurerm_network_watcher.md.erb)
@@ -132,6 +137,8 @@ The following resources are available in the InSpec Azure Resource Pack
 - [azurerm_virtual_network](docs/resources/azurerm_virtual_network.md.erb)
 - [azurerm_virtual_networks](docs/resources/azurerm_virtual_networks.md.erb)
 
+
+
 ## Connectors
 
 See [Connectors](docs/reference/connectors.md) for more information on the different connection strategies we support.

Rakefile

@@ -13,7 +13,7 @@ require_relative 'lib/environment_file'
 RuboCop::RakeTask.new
 
 FIXTURE_DIR   = "#{Dir.pwd}/test/fixtures"
-TERRAFORM_DIR = 'terraform'
+TERRAFORM_DIR = "terraform"
 REQUIRED_ENVS = %w{AZURE_CLIENT_ID AZURE_CLIENT_SECRET AZURE_TENANT_ID}.freeze
 
 task default: :test
@@ -38,6 +38,14 @@ namespace :azure do
       '-u', ENV['AZURE_CLIENT_ID'],
       '-p', ENV['AZURE_CLIENT_SECRET'],
       '--tenant', ENV['AZURE_TENANT_ID']
+
+
+    )
+
+    sh(
+      'az', 'account', 
+      'set',
+      '--subscription', ENV['AZURE_SUBSCRIPTION_ID']
     )
   end
 end
@@ -131,7 +139,7 @@ namespace :test do
   task :integration, [:controls] => [:check_attributes_file] do |_t, args|
     cmd = %W( bin/inspec exec test/integration/verify
               --attrs terraform/#{ENV['ATTRIBUTES_FILE']}
-              --reporter progress
+              --reporter cli
               -t azure://#{ENV['AZURE_SUBSCRIPTION_ID']} )
 
     if args[:controls]

docs/resources/azurerm_mysql_database.md.erb

@@ -0,0 +1,124 @@
+---
+title: About the myazurerm_sql_database Resource
+platform: azure
+---
+
+# azurerm\_mysql\_database
+
+Use the `azurerm_mysql_database` InSpec audit resource to test properties and configuration of
+an Azure MySQL Database on a MySQL Server.
+<br />
+
+## Azure REST API version
+
+This resource interacts with version `2017-12-01` of the Azure Management API. For more
+information see the [Official Azure Documentation](https://docs.microsoft.com/en-us/rest/api/mysql/databases/get).
+
+At the moment, there doesn't appear to be a way to select the version of the
+Azure API docs. If you notice a newer version being referenced in the official
+documentation please open an issue or submit a pull request using the updated
+version.
+
+## Availability
+
+### Installation
+
+This resource is available in the `inspec-azure` [resource
+pack](https://www.inspec.io/docs/reference/glossary/#resource-pack). To use it, add the
+following to your `inspec.yml` in your top-level profile:
+
+    depends:
+      inspec-azure:
+        git: https://github.com/inspec/inspec-azure.git
+
+You'll also need to setup your Azure credentials; see the resource pack
+[README](https://github.com/inspec/inspec-azure#inspec-for-azure).
+
+### Version
+
+This resource first became available in 1.2.0 of the inspec-azure resource pack.
+
+## Syntax
+
+The `resource_group`, `server_name` and `database_name` must be given as a parameter.
+
+    describe azurerm_mysql_database(resource_group: 'inspec-rg', server_name: 'customer_server', database_name: 'order-db') do
+      it { should exist }
+    end
+
+<br />
+
+## Examples
+
+If a MySQL Database is referenced with a valid `Resource Group`, `Server Name` and `Database name`
+
+    describe azurerm_mysql_database(resource_group: 'inspec-rg', server_name: 'customer_server', database_name: 'order-db') do
+      it            { should exist }
+      its('name')   { should be 'order-db'}
+    end
+
+If a MySQL Database is referenced with an invalid `Resource Group`, `Server Name` or `Database Name`
+
+    describe azurerm_mysql_database(resource_group: 'inspec-rg', server_name: 'customer_server', database_name: 'invalid-db-name') do
+      it { should_not exist }
+    end
+<br />
+
+## Parameters
+
+  - `resource_group` - The resource Group to which the MySQL Server belongs.
+  - `server_name` - The unique name of the MySQL Server.
+  - `database_name` - The unique name of the MySQL Database.
+
+## Attributes
+
+- `id`
+- `name`
+- `type`
+- `properties`
+
+### id
+Azure resource ID.
+
+### name
+SQL Server name, e.g. `customer-database`.
+
+
+### type
+The type of Resource, typically `Microsoft.DBforMySQL/servers/databases`.
+
+
+### properties
+A collection of additional configuration properties related to the MySQL Database, e.g. `collation`.
+
+### Other Attributes
+
+There are additional attributes that may be accessed that we have not
+documented. Please take a look at the [Azure documentation](#-Azure-REST-API-version).
+Any attribute in the response may be accessed with the key names separated by
+dots (`.`).
+
+The API may not always return keys that do not have any associated data. There
+may be cases where the deeply nested property may not have the desired
+attribute along your call chain. If you find yourself writing tests against
+properties that may be nil, fork this resource pack and add an accessor to the
+resource. Within that accessor you'll be able to guard against nil keys. Pull
+requests are always welcome.
+
+## Matchers
+
+This InSpec audit resource has the following special matchers. For a full list of
+available matchers, please visit our [Universal Matchers
+page](https://www.inspec.io/docs/reference/matchers/).
+
+### exists
+
+    describe azurerm_mysql_database(resource_group: 'my-rg', server_name: 'server-name-1', database_name: 'customer-db') do
+      it { should exist }
+    end
+
+## Azure Permissions
+
+Your [Service
+Principal](https://docs.microsoft.com/en-us/azure/azure-resource-manager/resource-group-create-service-principal-portal)
+must be setup with a `contributor` role on the subscription you wish to test.

docs/resources/azurerm_mysql_databases.md.erb

@@ -0,0 +1,125 @@
+---
+title: About the azurerm_mysql_databases Resource
+platform: azure
+---
+
+# azurerm\_mysql\_databases
+
+Use the `azurerm_mysql_databases` InSpec audit resource to test properties and configuration of Azure MySQL Databases.
+<br />
+
+## Azure REST API version
+
+This resource interacts with version `2017-12-01` of the Azure Management API. For more
+information see the [Official Azure Documentation](https://docs.microsoft.com/en-us/rest/api/mysql/databases/listbyserver).
+
+At the moment, there doesn't appear to be a way to select the version of the
+Azure API docs. If you notice a newer version being referenced in the official
+documentation please open an issue or submit a pull request using the updated
+version.
+
+## Availability
+
+### Installation
+
+This resource is available in the `inspec-azure` [resource
+pack](https://www.inspec.io/docs/reference/glossary/#resource-pack). To use it, add the
+following to your `inspec.yml` in your top-level profile:
+
+    depends:
+      inspec-azure:
+        git: https://github.com/inspec/inspec-azure.git
+
+You'll also need to setup your Azure credentials; see the resource pack
+[README](https://github.com/inspec/inspec-azure#inspec-for-azure).
+
+### Version
+
+This resource first became available in 1.2.0 of the inspec-azure resource pack.
+
+## Syntax
+
+An `azurerm_mysql_databases` resource block returns all MySQL Databases on a MySQL Server, within a Rsource Group.
+
+    describe azurerm_mysql_databases(resource_group: ..., server_name: ...) do
+      ...
+    end
+
+<br />
+
+## Examples
+
+The following examples show how to use this InSpec audit resource.
+
+### Check MySQL Databases are present
+
+    describe azurerm_mysql_databases(resource_group: 'resource-group-1', server_name: 'production') do
+      it            { should exist }
+      its('names')  { should include 'my-database-name' }
+    end
+<br />
+
+## Filter Criteria
+
+* `azure_mysql_databases` resources are filterable on all available properties. Below are some examples.
+
+### names
+
+Filters the results to include only those databases that match the given
+name. This is a string value.
+
+    describe azurerm_mysql_databases(resource_group: 'rg', server_name: 'server').where{ name.eql?('production-database') } do
+      it { should exist }
+    end
+
+* `location`
+
+### location
+
+Filters the results to include only those resource groups that reside ina given location. This is a string value.
+
+    describe azurerm_mysql_databases(resource_group: 'rg', server_name: 'server').where{ location.eql?('eastus') } do
+      it { should exist }
+    end
+
+## Attributes
+
+- `id`
+- `name`
+- `type`
+- `properties`
+
+### ids
+Azure resource ID.
+
+### names
+SQL Database name, e.g. `my-sql-database`.
+
+    its('names') { should include 'my-sql-database' }
+
+### type
+The type of Resource, typically `Microsoft.Sql/servers/databases`.
+
+
+### properties
+A collection of additional configuration properties related to the MySQL Database, e.g. `collation`.
+
+## Matchers
+
+This InSpec audit resource has the following special matchers. For a full list of available matchers,
+please visit our [Universal Matchers page](https://www.inspec.io/docs/reference/matchers/).
+
+### exists
+
+The control will pass if the filter returns at least one result. Use
+`should_not` if you expect zero matches.
+
+    describe azurerm_mysql_databases do
+      it { should exist }
+    end
+
+## Azure Permissions
+
+Your [Service
+Principal](https://docs.microsoft.com/en-us/azure/azure-resource-manager/resource-group-create-service-principal-portal)
+must be setup with a `contributor` role on the subscription you wish to test.