azqr

package
v0.0.0-...-4f557eb Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jan 14, 2025 License: MIT Imports: 13 Imported by: 0

Documentation

Overview

Copyright (c) Microsoft Corporation. Licensed under the MIT License.

Index

Constants

View Source
const (
	ImpactHigh   RecommendationImpact = "High"
	ImpactMedium RecommendationImpact = "Medium"
	ImpactLow    RecommendationImpact = "Low"

	CategoryHighAvailability      RecommendationCategory = "High Availability"
	CategoryMonitoringAndAlerting RecommendationCategory = "Monitoring and Alerting"
	CategoryScalability           RecommendationCategory = "Scalability"
	CategoryDisasterRecovery      RecommendationCategory = "Disaster Recovery"
	CategorySecurity              RecommendationCategory = "Security"
	CategoryGovernance            RecommendationCategory = "Governance"
	CategoryOtherBestPractices    RecommendationCategory = "Other Best Practices"

	TypeRecommendation RecommendationType = ""
	TypeSLA            RecommendationType = "SLA"
)

Variables

This section is empty.

Functions

func GetResourceGroupFromResourceID

func GetResourceGroupFromResourceID(resourceID string) string

GetResourceGroupFromResourceID - Get Resource Group from Resource ID

func GetResourceGroupIDFromResourceID

func GetResourceGroupIDFromResourceID(resourceID string) string

GetResourceGroupIDFromResourceID - Get Resource Group from Resource ID

func GetSubscriptionFromResourceID

func GetSubscriptionFromResourceID(resourceID string) string

GetSubscriptionFromResourceID - Get Subscription ID from Resource ID

func ListResourceGroup

func ListResourceGroup(ctx context.Context, cred azcore.TokenCredential, subscriptionID string, options *arm.ClientOptions) ([]*armresources.ResourceGroup, error)

func LogResourceGroupScan

func LogResourceGroupScan(subscriptionID string, resourceGroupName string, serviceTypeOrName string)

func LogResourceTypeScan

func LogResourceTypeScan(serviceType string)

func LogSubscriptionScan

func LogSubscriptionScan(subscriptionID string, serviceTypeOrName string)

func ShouldSkipError

func ShouldSkipError(err error) bool

Types

type AprlRecommendation

type AprlRecommendation struct {
	RecommendationID    string `yaml:"aprlGuid"`
	Recommendation      string `yaml:"description"`
	Category            string `yaml:"recommendationControl"`
	Impact              string `yaml:"recommendationImpact"`
	ResourceType        string `yaml:"recommendationResourceType"`
	MetadataState       string `yaml:"recommendationMetadataState"`
	LongDescription     string `yaml:"longDescription"`
	PotentialBenefits   string `yaml:"potentialBenefits"`
	PgVerified          bool   `yaml:"pgVerified"`
	PublishedToLearn    bool   `yaml:"publishedToLearn"`
	PublishedToAdvisor  bool   `yaml:"publishedToAdvisor"`
	AutomationAvailable string `yaml:"automationAvailable"`
	Tags                string `yaml:"tags,omitempty"`
	GraphQuery          string `yaml:"graphQuery,omitempty"`
	LearnMoreLink       []struct {
		Name string `yaml:"name"`
		Url  string `yaml:"url"`
	} `yaml:"learnMoreLink,flow"`
}

type AprlResult

type AprlResult struct {
	RecommendationID    string
	ResourceType        string
	Recommendation      string
	LongDescription     string
	PotentialBenefits   string
	ResourceID          string
	SubscriptionID      string
	SubscriptionName    string
	ResourceGroup       string
	Name                string
	Tags                string
	Category            RecommendationCategory
	Impact              RecommendationImpact
	Learn               string
	Param1              string
	Param2              string
	Param3              string
	Param4              string
	Param5              string
	AutomationAvailable string
	Source              string
}

type AzqrFilter

type AzqrFilter struct {
	Include *IncludeFilter `yaml:"include"`
	Exclude *ExcludeFilter `yaml:"exclude"`
	// contains filtered or unexported fields
}

func (*AzqrFilter) AddResourceGroup

func (e *AzqrFilter) AddResourceGroup(resourceGroupID string)

func (*AzqrFilter) AddSubscription

func (e *AzqrFilter) AddSubscription(subscriptionID string)

func (*AzqrFilter) IsRecommendationExcluded

func (e *AzqrFilter) IsRecommendationExcluded(recommendationID string) bool

func (*AzqrFilter) IsServiceExcluded

func (e *AzqrFilter) IsServiceExcluded(resourceID string) bool

func (*AzqrFilter) IsSubscriptionExcluded

func (e *AzqrFilter) IsSubscriptionExcluded(subscriptionID string) bool

type AzqrRecommendation

type AzqrRecommendation struct {
	RecommendationID   string
	ResourceType       string
	Recommendation     string
	Category           RecommendationCategory
	Impact             RecommendationImpact
	RecommendationType RecommendationType
	LearnMoreUrl       string
	Eval               func(target interface{}, scanContext *ScanContext) (bool, string)
}

func (*AzqrRecommendation) ToAzureAprlRecommendation

func (r *AzqrRecommendation) ToAzureAprlRecommendation() AprlRecommendation

type AzqrResult

type AzqrResult struct {
	RecommendationID   string
	ResourceType       string
	Recommendation     string
	Category           RecommendationCategory
	Impact             RecommendationImpact
	RecommendationType RecommendationType
	LearnMoreUrl       string
	NotCompliant       bool
	Result             string
}

type AzqrServiceResult

type AzqrServiceResult struct {
	SubscriptionID   string
	SubscriptionName string
	ResourceGroup    string
	Location         string
	Type             string
	ServiceName      string
	Recommendations  map[string]AzqrResult
}

AzqrServiceResult - Struct for all Azure Service Results

func (*AzqrServiceResult) ResourceID

func (r *AzqrServiceResult) ResourceID() string

type ExcludeFilter

type ExcludeFilter struct {
	Subscriptions   []string `yaml:"subscriptions,flow"`
	ResourceGroups  []string `yaml:"resourceGroups,flow"`
	Services        []string `yaml:"services,flow"`
	Recommendations []string `yaml:"recommendations,flow"`
}

ExcludeFilter - Struct for ExcludeFilter

type Filters

type Filters struct {
	Azqr *AzqrFilter `yaml:"azqr"`
}

func LoadFilters

func LoadFilters(filterFile string) *Filters

type IAzureScanner

type IAzureScanner interface {
	Init(config *ScannerConfig) error
	GetRecommendations() map[string]AzqrRecommendation
	Scan(scanContext *ScanContext) ([]AzqrServiceResult, error)
	ResourceTypes() []string
}

IAzureScanner - Interface for all Azure Scanners

type IncludeFilter

type IncludeFilter struct {
	Subscriptions  []string `yaml:"subscriptions,flow"`
	ResourceGroups []string `yaml:"resourceGroups,flow"`
	ResourceTypes  []string `yaml:"resourceTypes,flow"`
}

IncludeFilter - Struct for IncludeFilter

type RecommendationCategory

type RecommendationCategory string

type RecommendationEngine

type RecommendationEngine struct{}

func (*RecommendationEngine) EvaluateRecommendations

func (e *RecommendationEngine) EvaluateRecommendations(rules map[string]AzqrRecommendation, target interface{}, scanContext *ScanContext) map[string]AzqrResult

type RecommendationImpact

type RecommendationImpact string

type RecommendationType

type RecommendationType string

type Resource

type Resource struct {
	ID             string
	SubscriptionID string
	ResourceGroup  string
	Type           string
	Location       string
	Name           string
	SkuName        string
	SkuTier        string
	Kind           string
	SLA            string
}

type ResourceTypeCount

type ResourceTypeCount struct {
	Subscription    string  `json:"Subscription"`
	ResourceType    string  `json:"Resource Type"`
	Count           float64 `json:"Number of Resources"`
	AvailableInAPRL string  `json:"Available In APRL?"`
	Custom1         string  `json:"Custom1"`
	Custom2         string  `json:"Custom2"`
	Custom3         string  `json:"Custom3"`
}

type ScanContext

type ScanContext struct {
	Filters               *Filters
	PrivateEndpoints      map[string]bool
	DiagnosticsSettings   map[string]bool
	PublicIPs             map[string]*armnetwork.PublicIPAddress
	SiteConfig            *armappservice.WebAppsClientGetConfigurationResponse
	BlobServiceProperties *armstorage.BlobServicesClientGetServicePropertiesResponse
}

ScanContext - Struct for Scanner Context

type ScannerConfig

type ScannerConfig struct {
	Ctx              context.Context
	Cred             azcore.TokenCredential
	ClientOptions    *arm.ClientOptions
	SubscriptionID   string
	SubscriptionName string
}

ScannerConfig - Struct for Scanner Config

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL