-
Notifications
You must be signed in to change notification settings - Fork 12
Expand file tree
/
Copy pathAzure.qll
More file actions
51 lines (40 loc) · 1.57 KB
/
Azure.qll
File metadata and controls
51 lines (40 loc) · 1.57 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
private import codeql.hcl.AST
private import codeql.hcl.Resources
private import codeql.hcl.Constants
private import codeql.hcl.Terraform::Terraform
module Azure {
/**
* Azure resources.
*
* https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs
*/
class AzureResource extends Resource, Block {
AzureResource() { this.getResourceType().regexpMatch("^azurerm.*") }
override RequiredProvider getProvider() { result = getProviderByName("azurerm") }
}
/**
* Azure provider.
*
* https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs
*/
class AzureProvider extends Provider {
AzureProvider() { this.getName() = "azurerm" }
Expr getHost() { result = this.getAttribute("host") }
Expr getConfigPath() { result = this.getAttribute("config_path") }
Expr getFeatures() { result = this.getAttribute("features") }
}
/**
* Azure Resource Group.
*/
class ResourceGroup extends AzureResource {
ResourceGroup() { this.getResourceType() = "azurerm_resource_group" }
override string toString() { result = "ResourceGroup " + this.getName() }
override string getName() { result = this.getAttribute("name").(StringLiteral).getValue() }
Expr getResourceLocation() { result = this.getAttribute("location") }
}
// Re-export the Azure resources
import codeql.hcl.providers.azure.Storage::AzureStorage
import codeql.hcl.providers.azure.Databases::AzureDatabases
import codeql.hcl.providers.azure.KeyVault::AzureKeyVault
import codeql.hcl.providers.azure.SecurityCenter::AzureSecurityCenter
}