Skip to main content

azure_subnets resource

Use the azure_subnets InSpec audit resource to test the properties related to subnets of a virtual network.

Azure REST API version, endpoint, and HTTP client parameters

This resource interacts with API versions supported by the resource provider. You can specify the api_version as a resource parameter to use a specific version of the Azure REST API. If you don’t specify an API version, this resource uses the latest version available. For more information about API versioning, see the azure_generic_resource.

By default, this resource uses the azure_cloud global endpoint and default HTTP client settings. You can override these settings if you need to connect to a different Azure environment (such as Azure Government or Azure China). For more information about configuration options, see the resource pack README.

Syntax

The resource_group and vnet are required parameters.

describe azure_subnets(resource_group: 'RESOURCE_GROUP', vnet: 'VNET_NAME') do
  #...
end

Parameters

resource_group
Azure resource group where the targeted resource resides.
vnet
The virtual network where the subnet you wish to test is a part of.

Properties

ids
A list of the unique resource IDs.

Field: id

names
A list of all the resources being interrogated.

Field: name

etags
A list of etags defined on the resources.

Field: etag

Note

For information on using filter criteria on plural resources, see the documentation on FilterTable

Examples

Exists if any subnets exist for a specified virtual network in the resource group:

describe azure_subnets(resource_group: 'RESOURCE_GROUP', vnet: 'VNET_NAME') do
  it { should exist }
end

Filters the results to only those that match the specified name:

describe azure_subnets(resource_group: 'RESOURCE_GROUP', vnet: 'VNET_NAME')
  .where(name: 'MySubnet') do
  it { should exist }
end

Matchers

For a full list of available matchers, see our Universal Matchers page.

This resource has the following special matchers.

exists

# Should not exist if no subnets are in the virtual network.

describe azure_subnets(resource_group: 'RESOURCE_GROUP', vnet: 'VNET_NAME') do
  it { should_not exist }
end

Azure permissions

Your Service Principal must be set up with at least a contributor role on the subscription you wish to test.

Thank you for your feedback!

×