Add table gcp_compute_ssl_policy. Closes #153

[Subhajit97]

Integration test logs

Logs

No env file present for the current environment:  staging 
 Falling back to .env config
No env file present for the current environment:  staging
customEnv TURBOT_TEST_EXPECTED_TIMEOUT 300

SETUP: tests/gcp_compute_ssl_policy []

PRETEST: tests/gcp_compute_ssl_policy

TEST: tests/gcp_compute_ssl_policy
Running terraform
data.google_client_config.current: Refreshing state...
data.null_data_source.resource: Refreshing state...
google_compute_ssl_policy.named_test_resource: Creating...
google_compute_ssl_policy.named_test_resource: Creation complete after 3s [id=projects/****/global/sslPolicies/turbottest28796]

Warning: Deprecated Resource

The null_data_source was historically used to construct intermediate values to
re-use elsewhere in configuration, the same can now be achieved using locals


Apply complete! Resources: 1 added, 0 changed, 0 destroyed.

Outputs:

fingerprint = SfQvUssI2Aw=
project_id = ****
resource_aka = gcp://compute.googleapis.com/projects/****/global/sslPolicies/turbottest28796
resource_id = projects/****/global/sslPolicies/turbottest28796
resource_name = turbottest28796
self_link = https://www.googleapis.com/compute/v1/projects/****/global/sslPolicies/turbottest28796

Running SQL query: test-get-query.sql
[
  {
    "description": "Test SSL policy to validate the table outcome.",
    "enabled_features": [
      "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA",
      "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256",
      "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA",
      "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384",
      "TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256",
      "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA",
      "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256",
      "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA",
      "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384",
      "TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256"
    ],
    "fingerprint": "SfQvUssI2Aw=",
    "kind": "compute#sslPolicy",
    "location": "global",
    "min_tls_version": "TLS_1_2",
    "name": "turbottest28796",
    "profile": "MODERN",
    "project": "****",
    "self_link": "https://www.googleapis.com/compute/v1/projects/****/global/sslPolicies/turbottest28796"
  }
]
✔ PASSED

Running SQL query: test-invalid-name-query.sql
null
✔ PASSED

Running SQL query: test-list-query.sql
[
  {
    "description": "Test SSL policy to validate the table outcome.",
    "name": "turbottest28796"
  }
]
✔ PASSED

Running SQL query: test-not-found-query.sql
null
✔ PASSED

Running SQL query: test-turbot-query.sql
[
  {
    "akas": [
      "gcp://compute.googleapis.com/projects/****/global/sslPolicies/turbottest28796"
    ],
    "title": "turbottest28796"
  }
]
✔ PASSED

POSTTEST: tests/gcp_compute_ssl_policy

TEARDOWN: tests/gcp_compute_ssl_policy

SUMMARY:

1/1 passed.

Example query results

Results

Basic info

select
  name,
  id,
  self_link,
  min_tls_version
from
  gcp_compute_ssl_policy;

+------------------------------+---------------------+------------------------------------------------------------------------------------------------------------+-----------------+
| name                         | id                  | self_link                                                                                                  | min_tls_version |
+------------------------------+---------------------+------------------------------------------------------------------------------------------------------------+-----------------+
| test-policy1                 | 3752922128433143336 | https://www.googleapis.com/compute/v1/projects/****/global/sslPolicies/test-policy1                 | TLS_1_2         |
| test2                        | 2364542266027400347 | https://www.googleapis.com/compute/v1/projects/****/global/sslPolicies/test2                        | TLS_1_1         |
| test-policy-with-weak-cipher | 370360805573905608  | https://www.googleapis.com/compute/v1/projects/****/global/sslPolicies/test-policy-with-weak-cipher | TLS_1_2         |
+------------------------------+---------------------+------------------------------------------------------------------------------------------------------------+-----------------+

List SSL policies with minimum TLS version 1.2 and MODERN profile

select
  name,
  id,
  min_tls_version
from
  gcp_compute_ssl_policy
where
  min_tls_version = 'TLS_1_2'
  and profile = 'MODERN';

+-------+---------------------+-----------------+
| name  | id                  | min_tls_version |
+-------+---------------------+-----------------+
| test2 | 2364542266027400347 | TLS_1_2         |
+-------+---------------------+-----------------

List SSL policies with RESTRICTED profile

select
  name,
  id,
  profile
from
  gcp_compute_ssl_policy
where
  profile = 'RESTRICTED';

+--------------+---------------------+------------+
| name         | id                  | profile    |
+--------------+---------------------+------------+
| test-policy1 | 3752922128433143336 | RESTRICTED |
+--------------+---------------------+------------+

List SSL policies with weak cipher suit(s)

select
  name,
  id,
  enabled_feature
from
  gcp_compute_ssl_policy,
  jsonb_array_elements_text(enabled_features) as enabled_feature
where
  profile = 'CUSTOM'
  and enabled_feature in('TLS_RSA_WITH_AES_128_GCM_SHA256', 'TLS_RSA_WITH_AES_256_GCM_SHA384', 'TLS_RSA_WITH_AES_128_CBC_SHA', 'TLS_RSA_WITH_AES_256_CBC_SHA', 'TLS_RSA_WITH_3DES_EDE_CBC_SHA');

+------------------------------+--------------------+---------------------------------+
| name                         | id                 | enabled_feature                 |
+------------------------------+--------------------+---------------------------------+
| test-policy-with-weak-cipher | 370360805573905608 | TLS_RSA_WITH_AES_128_GCM_SHA256 |
+------------------------------+--------------------+---------------------------------+

[LalitLab]

LGTM

[rajlearner17]

LGTM