Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fixed intrusion_detection_mode returning always null in azure_firewall_policy table and extracted the FirewallPolicyPropertiesFormat to use other columns Closes #608 #609

Merged
merged 3 commits into from
May 4, 2023
Merged

Fixed intrusion_detection_mode returning always null in azure_firewall_policy table and extracted the FirewallPolicyPropertiesFormat to use other columns Closes #608 #609

merged 3 commits into from
May 4, 2023

Conversation

ParthaI
Copy link
Contributor

@ParthaI ParthaI commented May 4, 2023

Note: If the firewall policy tier is Premium Policy, the data in the intrusion_detection_mode column will be there otherwise it will be remains null.

Integration test logs

Logs 
No env file present for the current environment:  staging 
 Falling back to .env config
No env file present for the current environment:  staging
customEnv TURBOT_TEST_EXPECTED_TIMEOUT undefined

SETUP: tests/azure_firewall_policy []

PRETEST: tests/azure_firewall_policy

TEST: tests/azure_firewall_policy
Running terraform
data.azurerm_client_config.current: Reading...
data.azurerm_client_config.current: Read complete after 0s [id=Y2xpZW50Q29uZmlncy9jbGllbnRJZD0wNGIwNzc5NS04ZGRiLTQ2MWEtYmJlZS0wMmY5ZTFiZjdiNDY7b2JqZWN0SWQ9MDZmZDQ2YjAtYTg2Ny00OWExLWE0ZjEtZjc3Njg0NjVjYWJhO3N1YnNjcmlwdGlvbklkPWQ0NmQ3NDE2LWY5NWYtNDc3MS1iYmI1LTUyOWQ0Yzc2NjU5Yzt0ZW5hbnRJZD1jZGZmZDcwOC03ZGEwLTRjZWEtYWJlYi0wYTRjMzM0ZDdmNjQ=]
data.null_data_source.resource: Reading...
data.null_data_source.resource: Read complete after 0s [id=static]

Terraform used the selected providers to generate the following execution
plan. Resource actions are indicated with the following symbols:
  + create

Terraform will perform the following actions:

  # azurerm_firewall_policy.named_test_resource will be created
  + resource "azurerm_firewall_policy" "named_test_resource" {
      + child_policies           = (known after apply)
      + firewalls                = (known after apply)
      + id                       = (known after apply)
      + location                 = "westus"
      + name                     = "turbottest73824"
      + resource_group_name      = "turbottest73824"
      + rule_collection_groups   = (known after apply)
      + sku                      = (known after apply)
      + tags                     = {
          + "name" = "turbottest73824"
        }
      + threat_intelligence_mode = "Alert"
    }

  # azurerm_resource_group.named_test_resource will be created
  + resource "azurerm_resource_group" "named_test_resource" {
      + id       = (known after apply)
      + location = "westus"
      + name     = "turbottest73824"
    }

Plan: 2 to add, 0 to change, 0 to destroy.

Changes to Outputs:
  + resource_aka       = (known after apply)
  + resource_aka_lower = (known after apply)
  + resource_id        = (known after apply)
  + resource_name      = "turbottest73824"
  + subscription_id    = "da34234r-f95f-4771-bbb5-34fewr45323fg"
azurerm_resource_group.named_test_resource: Creating...
azurerm_resource_group.named_test_resource: Creation complete after 5s [id=/subscriptions/da34234r-f95f-4771-bbb5-34fewr45323fg/resourceGroups/turbottest73824]
azurerm_firewall_policy.named_test_resource: Creating...
azurerm_firewall_policy.named_test_resource: Still creating... [10s elapsed]
azurerm_firewall_policy.named_test_resource: Creation complete after 18s [id=/subscriptions/da34234r-f95f-4771-bbb5-34fewr45323fg/resourceGroups/turbottest73824/providers/Microsoft.Network/firewallPolicies/turbottest73824]

Warning: Deprecated

  with data.null_data_source.resource,
  on variables.tf line 30, in data "null_data_source" "resource":
  30: data "null_data_source" "resource" {

The null_data_source was historically used to construct intermediate values
to re-use elsewhere in configuration, the same can now be achieved using
locals

(and one more similar warning elsewhere)

Apply complete! Resources: 2 added, 0 changed, 0 destroyed.

Outputs:

resource_aka = "azure:///subscriptions/da34234r-f95f-4771-bbb5-34fewr45323fg/resourceGroups/turbottest73824/providers/Microsoft.Network/firewallPolicies/turbottest73824"
resource_aka_lower = "azure:///subscriptions/da34234r-f95f-4771-bbb5-34fewr45323fg/resourcegroups/turbottest73824/providers/microsoft.network/firewallpolicies/turbottest73824"
resource_id = "/subscriptions/da34234r-f95f-4771-bbb5-34fewr45323fg/resourceGroups/turbottest73824/providers/Microsoft.Network/firewallPolicies/turbottest73824"
resource_name = "turbottest73824"
subscription_id = "da34234r-f95f-4771-bbb5-34fewr45323fg"

Running SQL query: test-get-query.sql
[
  {
    "id": "/subscriptions/da34234r-f95f-4771-bbb5-34fewr45323fg/resourceGroups/turbottest73824/providers/Microsoft.Network/firewallPolicies/turbottest73824",
    "name": "turbottest73824",
    "provisioning_state": "Succeeded",
    "resource_group": "turbottest73824",
    "type": "Microsoft.Network/FirewallPolicies"
  }
]
✔ PASSED

Running SQL query: test-list-query.sql
[
  {
    "id": "/subscriptions/da34234r-f95f-4771-bbb5-34fewr45323fg/resourceGroups/turbottest73824/providers/Microsoft.Network/firewallPolicies/turbottest73824",
    "name": "turbottest73824"
  }
]
✔ PASSED

Running SQL query: test-not-found-query.sql
null
✔ PASSED

Running SQL query: test-turbot-query.sql
[
  {
    "akas": [
      "azure:///subscriptions/da34234r-f95f-4771-bbb5-34fewr45323fg/resourceGroups/turbottest73824/providers/Microsoft.Network/firewallPolicies/turbottest73824",
      "azure:///subscriptions/da34234r-f95f-4771-bbb5-34fewr45323fg/resourcegroups/turbottest73824/providers/microsoft.network/firewallpolicies/turbottest73824"
    ],
    "name": "turbottest73824",
    "tags": {
      "name": "turbottest73824"
    },
    "title": "turbottest73824"
  }
]
✔ PASSED

POSTTEST: tests/azure_firewall_policy

TEARDOWN: tests/azure_firewall_policy

SUMMARY:

1/1 passed.

Example query results

Results 
> select provisioning_state, intrusion_detection_mode, sku_tier, threat_intel_mode, base_policy, child_policies, dns_settings, firewalls, intrusion_detection_configuration, rule_collection_groups, threat_intel_whitelist_ip_addresses, threat_intel_whitelist_fqdns, transport_security_certificate_authority from azure_firewall_policy
+--------------------+--------------------------+----------+-------------------+-------------+----------------+--------------+-----------+-----------------------------------+------------------------+---->
| provisioning_state | intrusion_detection_mode | sku_tier | threat_intel_mode | base_policy | child_policies | dns_settings | firewalls | intrusion_detection_configuration | rule_collection_groups | thr>
+--------------------+--------------------------+----------+-------------------+-------------+----------------+--------------+-----------+-----------------------------------+------------------------+---->
| Succeeded          | Alert                    | Premium  | Alert             | <null>      | []             | <null>       | []        | <null>                            | []                     | [] >
| Succeeded          | <null>                   | Basic    | Alert             | <null>      | []             | <null>       | []        | <null>                            | []                     | [] >
| Succeeded          | <null>                   | Standard | Alert             | <null>      | []             | <null>       | []        | <null>                            | []                     | [] >
+--------------------+--------------------------+----------+-------------------+-------------+----------------+--------------+-----------+-----------------------------------+------------------------+----

@ParthaI
Fixed intrusion_detection_mode returning always null in azure_firewal…
66f57be 
…l_policy table and extracted the FirewallPolicyPropertiesFormat to use other columns Closes #608
@ParthaI ParthaI requested a review from misraved May 4, 2023 06:42
@ParthaI ParthaI self-assigned this May 4, 2023
@ParthaI ParthaI linked an issue May 4, 2023 that may be closed by this pull request
intrusion_detection_mode returning always null in azure_firewall_policy table #608
Closed
misraved
misraved reviewed May 4, 2023
View reviewed changes
Copy link
Contributor

@misraved misraved left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@ParthaI left minor review comments. Please take a look 👍.

azure/table_azure_firewall_policy.go Outdated Show resolved Hide resolved
azure/table_azure_firewall_policy.go Outdated Show resolved Hide resolved
ParthaI and others added 2 commits May 4, 2023 13:05
@ParthaI @misraved
Update azure/table_azure_firewall_policy.go
fc1a142 
Co-authored-by: Ved misra <47312748+misraved@users.noreply.github.com>
@ParthaI @misraved
Update azure/table_azure_firewall_policy.go
ae4bb34 
Co-authored-by: Ved misra <47312748+misraved@users.noreply.github.com>
@misraved misraved merged commit ad0f6f9 into main May 4, 2023
@misraved misraved deleted the issue-608 branch May 4, 2023 07:37
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@misraved misraved misraved approved these changes

Assignees

@ParthaI ParthaI

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

intrusion_detection_mode returning always null in azure_firewall_policy table
2 participants
@ParthaI @misraved