Skip to main content

azure_container_groups resource

Use the azure_container_groups InSpec audit resource to test the properties related to all Azure container groups within a subscription.

Azure REST API version, endpoint, and HTTP client parameters

This resource interacts with API versions supported by the resource provider. You can specify the api_version as a resource parameter to use a specific version of the Azure REST API. If you don’t specify an API version, this resource uses the latest version available. For more information about API versioning, see the azure_generic_resource.

By default, this resource uses the azure_cloud global endpoint and default HTTP client settings. You can override these settings if you need to connect to a different Azure environment (such as Azure Government or Azure China). For more information about configuration options, see the resource pack README.

Syntax

An azure_container_groups resource block returns all Azure container groups within a subscription.

describe azure_container_groups do
  #...
end

Parameters

This resource does not require any parameters.

Properties

ids
A list of the unique resource IDs.

Field: id

names
A list of names for all the resources.

Field: name

types
A list of types for all the resources.

Field: type

locations
A list of the resource location for all the resources.

Field: location

tags
A list of tags for all the resources.

Field: tags

properties
A list of properties all the resources.

Field: properties

containers
A list of containers within the container group.

Field: containers

init_containers
A list of init containers for a container group.

Field: init_containers

image_registry_credentials
A list of image registry credentials through which the container group is created.

Field: image_registry_credentials

ip_address
A list of IP address type of the container group.

Field: ip_address

os_types
A list of operating system types required by the containers in the container group.

Field: os_type

provisioning_states
A list of provisioning states of the container group.

Field: provisioning_state

volumes
A list of volumes that can be mounted by containers in this container group.

Field: volumes

skus
A list SKUs for a container group.

Field: sku

restart_policies
A list of restart policies for all containers within the container group.

Field: restart_policy

Note

For information on using filter criteria on plural resources, see the documentation on FilterTable

Examples

Test to loop through container groups by their names:

azure_container_groups.names.each do |name|
  describe azure_container_group(resource_group: 'RESOURCE_GROUP_NAME', name: 'CONTAINER_GROUP_NAME') do
    it { should exist }
  end
end

Test to ensure there are container groups with valid name:

describe azure_container_groups.where(name: 'CONTAINER_GROUP_NAME') do
  it { should exist }
end

Matchers

For a full list of available matchers, see our Universal Matchers page.

This resource has the following special matchers.

exists

# Should not exist if no container groups are present in the subscription.

describe azure_container_groups do
  it { should_not exist }
end

not_exists

# Should exist if the filter returns at least one container group in the subscription.

describe azure_container_groups do
  it { should exist }
end

Azure permissions

Your Service Principal must be set up with at least a contributor role on the subscription you wish to test.

Thank you for your feedback!

×