Documentation
¶
Overview ¶
Copyright (c) Microsoft Corporation. Licensed under the MIT License.
Index ¶
- Constants
- func GetResourceGroupFromResourceID(resourceID string) string
- func GetResourceGroupIDFromResourceID(resourceID string) string
- func GetSubscriptionFromResourceID(resourceID string) string
- func ListResourceGroup(ctx context.Context, cred azcore.TokenCredential, subscriptionID string, ...) ([]*armresources.ResourceGroup, error)
- func LogResourceGroupScan(subscriptionID string, resourceGroupName string, serviceTypeOrName string)
- func LogResourceTypeScan(serviceType string)
- func LogSubscriptionScan(subscriptionID string, serviceTypeOrName string)
- func ShouldSkipError(err error) bool
- type AprlRecommendation
- type AprlResult
- type AzqrFilter
- func (e *AzqrFilter) AddResourceGroup(resourceGroupID string)
- func (e *AzqrFilter) AddSubscription(subscriptionID string)
- func (e *AzqrFilter) IsRecommendationExcluded(recommendationID string) bool
- func (e *AzqrFilter) IsServiceExcluded(resourceID string) bool
- func (e *AzqrFilter) IsSubscriptionExcluded(subscriptionID string) bool
- type AzqrRecommendation
- type AzqrResult
- type AzqrServiceResult
- type ExcludeFilter
- type Filters
- type IAzureScanner
- type IncludeFilter
- type RecommendationCategory
- type RecommendationEngine
- type RecommendationImpact
- type RecommendationType
- type Resource
- type ResourceTypeCount
- type ScanContext
- type ScannerConfig
Constants ¶
View Source
const ( ImpactHigh RecommendationImpact = "High" ImpactMedium RecommendationImpact = "Medium" ImpactLow RecommendationImpact = "Low" CategoryHighAvailability RecommendationCategory = "High Availability" CategoryMonitoringAndAlerting RecommendationCategory = "Monitoring and Alerting" CategoryScalability RecommendationCategory = "Scalability" CategoryDisasterRecovery RecommendationCategory = "Disaster Recovery" CategorySecurity RecommendationCategory = "Security" CategoryGovernance RecommendationCategory = "Governance" CategoryOtherBestPractices RecommendationCategory = "Other Best Practices" TypeRecommendation RecommendationType = "" TypeSLA RecommendationType = "SLA" )
Variables ¶
This section is empty.
Functions ¶
func GetResourceGroupFromResourceID ¶
GetResourceGroupFromResourceID - Get Resource Group from Resource ID
func GetResourceGroupIDFromResourceID ¶
GetResourceGroupIDFromResourceID - Get Resource Group from Resource ID
func GetSubscriptionFromResourceID ¶
GetSubscriptionFromResourceID - Get Subscription ID from Resource ID
func ListResourceGroup ¶
func ListResourceGroup(ctx context.Context, cred azcore.TokenCredential, subscriptionID string, options *arm.ClientOptions) ([]*armresources.ResourceGroup, error)
func LogResourceGroupScan ¶
func LogResourceTypeScan ¶
func LogResourceTypeScan(serviceType string)
func LogSubscriptionScan ¶
func ShouldSkipError ¶
Types ¶
type AprlRecommendation ¶
type AprlRecommendation struct {
RecommendationID string `yaml:"aprlGuid"`
Recommendation string `yaml:"description"`
Category string `yaml:"recommendationControl"`
Impact string `yaml:"recommendationImpact"`
ResourceType string `yaml:"recommendationResourceType"`
MetadataState string `yaml:"recommendationMetadataState"`
LongDescription string `yaml:"longDescription"`
PotentialBenefits string `yaml:"potentialBenefits"`
PgVerified bool `yaml:"pgVerified"`
PublishedToLearn bool `yaml:"publishedToLearn"`
PublishedToAdvisor bool `yaml:"publishedToAdvisor"`
AutomationAvailable string `yaml:"automationAvailable"`
Tags string `yaml:"tags,omitempty"`
GraphQuery string `yaml:"graphQuery,omitempty"`
LearnMoreLink []struct {
Name string `yaml:"name"`
Url string `yaml:"url"`
} `yaml:"learnMoreLink,flow"`
}
type AprlResult ¶
type AprlResult struct {
RecommendationID string
ResourceType string
Recommendation string
LongDescription string
PotentialBenefits string
ResourceID string
SubscriptionID string
SubscriptionName string
ResourceGroup string
Name string
Tags string
Category RecommendationCategory
Impact RecommendationImpact
Learn string
Param1 string
Param2 string
Param3 string
Param4 string
Param5 string
AutomationAvailable string
Source string
}
type AzqrFilter ¶
type AzqrFilter struct {
Include *IncludeFilter `yaml:"include"`
Exclude *ExcludeFilter `yaml:"exclude"`
// contains filtered or unexported fields
}
func (*AzqrFilter) AddResourceGroup ¶
func (e *AzqrFilter) AddResourceGroup(resourceGroupID string)
func (*AzqrFilter) AddSubscription ¶
func (e *AzqrFilter) AddSubscription(subscriptionID string)
func (*AzqrFilter) IsRecommendationExcluded ¶
func (e *AzqrFilter) IsRecommendationExcluded(recommendationID string) bool
func (*AzqrFilter) IsServiceExcluded ¶
func (e *AzqrFilter) IsServiceExcluded(resourceID string) bool
func (*AzqrFilter) IsSubscriptionExcluded ¶
func (e *AzqrFilter) IsSubscriptionExcluded(subscriptionID string) bool
type AzqrRecommendation ¶
type AzqrRecommendation struct {
RecommendationID string
ResourceType string
Recommendation string
Category RecommendationCategory
Impact RecommendationImpact
RecommendationType RecommendationType
LearnMoreUrl string
Eval func(target interface{}, scanContext *ScanContext) (bool, string)
}
func (*AzqrRecommendation) ToAzureAprlRecommendation ¶
func (r *AzqrRecommendation) ToAzureAprlRecommendation() AprlRecommendation
type AzqrResult ¶
type AzqrResult struct {
RecommendationID string
ResourceType string
Recommendation string
Category RecommendationCategory
Impact RecommendationImpact
RecommendationType RecommendationType
LearnMoreUrl string
NotCompliant bool
Result string
}
type AzqrServiceResult ¶
type AzqrServiceResult struct {
SubscriptionID string
SubscriptionName string
ResourceGroup string
Location string
Type string
ServiceName string
Recommendations map[string]AzqrResult
}
AzqrServiceResult - Struct for all Azure Service Results
func (*AzqrServiceResult) ResourceID ¶
func (r *AzqrServiceResult) ResourceID() string
type ExcludeFilter ¶
type ExcludeFilter struct {
Subscriptions []string `yaml:"subscriptions,flow"`
ResourceGroups []string `yaml:"resourceGroups,flow"`
Services []string `yaml:"services,flow"`
Recommendations []string `yaml:"recommendations,flow"`
}
ExcludeFilter - Struct for ExcludeFilter
type IAzureScanner ¶
type IAzureScanner interface {
Init(config *ScannerConfig) error
GetRecommendations() map[string]AzqrRecommendation
Scan(scanContext *ScanContext) ([]AzqrServiceResult, error)
ResourceTypes() []string
}
IAzureScanner - Interface for all Azure Scanners
type IncludeFilter ¶
type IncludeFilter struct {
Subscriptions []string `yaml:"subscriptions,flow"`
ResourceGroups []string `yaml:"resourceGroups,flow"`
ResourceTypes []string `yaml:"resourceTypes,flow"`
}
IncludeFilter - Struct for IncludeFilter
type RecommendationCategory ¶
type RecommendationCategory string
type RecommendationEngine ¶
type RecommendationEngine struct{}
func (*RecommendationEngine) EvaluateRecommendations ¶
func (e *RecommendationEngine) EvaluateRecommendations(rules map[string]AzqrRecommendation, target interface{}, scanContext *ScanContext) map[string]AzqrResult
type RecommendationImpact ¶
type RecommendationImpact string
type RecommendationType ¶
type RecommendationType string
type ResourceTypeCount ¶
type ResourceTypeCount struct {
Subscription string `json:"Subscription"`
ResourceType string `json:"Resource Type"`
Count float64 `json:"Number of Resources"`
AvailableInAPRL string `json:"Available In APRL?"`
Custom1 string `json:"Custom1"`
Custom2 string `json:"Custom2"`
Custom3 string `json:"Custom3"`
}
type ScanContext ¶
type ScanContext struct {
Filters *Filters
PrivateEndpoints map[string]bool
DiagnosticsSettings map[string]bool
PublicIPs map[string]*armnetwork.PublicIPAddress
SiteConfig *armappservice.WebAppsClientGetConfigurationResponse
BlobServiceProperties *armstorage.BlobServicesClientGetServicePropertiesResponse
}
ScanContext - Struct for Scanner Context
type ScannerConfig ¶
type ScannerConfig struct {
Ctx context.Context
Cred azcore.TokenCredential
ClientOptions *arm.ClientOptions
SubscriptionID string
SubscriptionName string
}
ScannerConfig - Struct for Scanner Config
Source Files
Click to show internal directories.
Click to hide internal directories.