@@ -43,288 +43,9 @@ module Azure {
4343 Expr getResourceLocation ( ) { result = this .getAttribute ( "location" ) }
4444 }
4545
46- /**
47- * Azure Managed Disk.
48- */
49- class ManagedDisk extends AzureResource {
50- ManagedDisk ( ) { this .getResourceType ( ) = "azurerm_managed_disk" }
51-
52- override string toString ( ) { result = "ManagedDisk " + this .getName ( ) }
53-
54- override string getName ( ) { result = this .getAttribute ( "name" ) .( StringLiteral ) .getValue ( ) }
55-
56- string getStorageAccountType ( ) {
57- result = this .getAttribute ( "storage_account_type" ) .( StringLiteral ) .getValue ( )
58- }
59-
60- /**
61- * Get the encryption settings of the managed disk.
62- */
63- ManagedDiskEncryptionSettings getEncryptionSettings ( ) {
64- result = this .getAttribute ( "encryption_settings" )
65- }
66- }
67-
68- /**
69- * Azure Managed Disk Encryption Settings.
70- */
71- class ManagedDiskEncryptionSettings extends Block {
72- private ManagedDisk disk ;
73-
74- ManagedDiskEncryptionSettings ( ) { disk .getAttribute ( "encryption_settings" ) .( Block ) = this }
75-
76- override string toString ( ) { result = "ManagedDiskEncryptionSettings" }
77-
78- boolean getEnabled ( ) { result = this .getAttribute ( "enabled" ) .( BooleanLiteral ) .getBool ( ) }
79- }
80-
81- class StorageContainer extends AzureResource {
82- StorageContainer ( ) { this .getResourceType ( ) = "azurerm_storage_container" }
83-
84- /**
85- * Get the name of the storage container.
86- */
87- override string getName ( ) { result = this .getAttribute ( "name" ) .( StringLiteral ) .getValue ( ) }
88-
89- string getContainerAccessType ( ) {
90- result = this .getAttribute ( "container_access_type" ) .( StringLiteral ) .getValue ( )
91- }
92-
93- /**
94- * Get the properties of the managed disk.
95- */
96- Object getProperties ( ) { result = this .getAttribute ( "properties" ) }
97-
98- /**
99- * Get a property of the managed disk.
100- */
101- Expr getProperty ( string name ) { result = this .getProperties ( ) .getElementByName ( name ) }
102- }
103-
104- class StorageAccount extends AzureResource {
105- StorageAccount ( ) { this .getResourceType ( ) = "azurerm_storage_account" }
106-
107- /**
108- * Get the name of the storage account.
109- */
110- override string getName ( ) { result = this .getAttribute ( "name" ) .( StringLiteral ) .getValue ( ) }
111-
112- /**
113- * Get the `allow_blob_public_access` property of the storage account. Only available
114- * for `azurerm` v2 and not v3 onwards.
115- *
116- * https://github.com/hashicorp/terraform-provider-azurerm/blob/main/CHANGELOG-v3.md
117- */
118- Expr getAllowBlobPublicAccess ( ) {
119- this .getProvider ( ) .getSemanticVersion ( ) .maybeBefore ( "3.0.0" ) and
120- result = this .getAttribute ( "allow_blob_public_access" )
121- }
122-
123- /**
124- * Get the `allow_blob_public_access` property of the storage account. Only available
125- * for `azurerm` v2 and not v3 onwards.
126- *
127- * https://github.com/hashicorp/terraform-provider-azurerm/blob/main/CHANGELOG-v3.md
128- */
129- boolean getAllowBlobPublicAccessValue ( ) {
130- exists ( Expr e | e = this .getAllowBlobPublicAccess ( ) | result = e .( BooleanLiteral ) .getBool ( ) )
131- or
132- not exists ( this .getAllowBlobPublicAccess ( ) ) and
133- result = true
134- }
135-
136- /**
137- * Get the `public_network_access_enabled` property of the storage account.
138- *
139- * https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/storage_account.html#public_network_access_enabled
140- */
141- Expr getEnableHttpsTrafficOnly ( ) {
142- result = this .getAttribute ( "enable_https_traffic_only" )
143- }
144-
145- /**
146- * Get the `public_network_access_enabled` property of the storage account.
147- *
148- * Defaults to `true`.
149- *
150- * https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/storage_account.html#public_network_access_enabled
151- */
152- boolean getEnableHttpsTrafficOnlyValue ( ) {
153- exists ( Expr e | e = this .getEnableHttpsTrafficOnly ( ) | result = e .( BooleanLiteral ) .getBool ( ) )
154- or
155- not exists ( this .getEnableHttpsTrafficOnly ( ) ) and
156- result = true
157- }
158-
159- /**
160- * Get the `public_network_access_enabled` property of the storage account.
161- *
162- * https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/storage_account.html#public_network_access_enabled
163- */
164- Expr getPublicNetworkAccess ( ) {
165- result = this .getAttribute ( "public_network_access_enabled" )
166- }
167-
168- /**
169- * Get the `public_network_access_enabled` property of the storage account.
170- *
171- * Defaults to `true`.
172- *
173- * https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/storage_account.html#public_network_access_enabled
174- */
175- boolean getPublicNetworkAccessValue ( ) {
176- exists ( Expr e | e = this .getPublicNetworkAccess ( ) | result = e .( BooleanLiteral ) .getBool ( ) )
177- or
178- not exists ( this .getPublicNetworkAccess ( ) ) and
179- result = true
180- }
181-
182- /**
183- * Get the `allow_nested_items_to_be_public` property of the storage account.
184- *
185- * Defaults to `true`
186- *
187- * https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/storage_account.html#allow_nested_items_to_be_public
188- */
189- Expr getAllowNestedItemsToBePublic ( ) {
190- result = this .getAttribute ( "allow_nested_items_to_be_public" )
191- }
192-
193- /**
194- * Get the `allow_nested_items_to_be_public` property of the storage account.
195- *
196- * Defaults to `true`
197- *
198- * https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/storage_account.html#allow_nested_items_to_be_public
199- */
200- boolean getAllowNestedItemsToBePublicValue ( ) {
201- exists ( Expr e | e = this .getAllowNestedItemsToBePublic ( ) | result = e .( BooleanLiteral ) .getBool ( ) )
202- or
203- not exists ( this .getAllowNestedItemsToBePublic ( ) ) and
204- result = true
205- }
206-
207- /**
208- * Get the `https_traffic_only_enabled` property of the storage account.
209- *
210- * https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/storage_account.html#https_traffic_only_enabled
211- */
212- Expr getHttpsTrafficOnlyEnabled ( ) {
213- result = this .getAttribute ( "https_traffic_only_enabled" )
214- }
215-
216- /**
217- * Get the `https_traffic_only_enabled` property of the storage account.
218- *
219- * Defaults to `true`
220- *
221- * https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/storage_account.html#https_traffic_only_enabled
222- */
223- boolean getHttpsTrafficOnlyEnabledValue ( ) {
224- exists ( Expr e | e = this .getHttpsTrafficOnlyEnabled ( ) | result = e .( BooleanLiteral ) .getBool ( ) )
225- or
226- not exists ( this .getHttpsTrafficOnlyEnabled ( ) ) and
227- result = true
228- }
229-
230- /**
231- * Get the `min_tls_version` property of the storage account.
232- *
233- * https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/storage_account.html#min_tls_version
234- */
235- Expr getMinTlsVersion ( ) {
236- result = this .getAttribute ( "min_tls_version" )
237- }
238-
239- /**
240- * Get the `min_tls_version` property of the storage account.
241- *
242- * Defaults to `TLS1_2`
243- *
244- * https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/storage_account.html#min_tls_version
245- */
246- string getMinTlsVersionValue ( ) {
247- exists ( Expr e | e = this .getMinTlsVersion ( ) | result = e .( StringLiteral ) .getValue ( ) )
248- or
249- not exists ( this .getMinTlsVersion ( ) ) and
250- result = "TLS1_2"
251- }
252- }
253-
254- /**
255- * Azure Databases
256- */
257- class Database extends AzureResource {
258- Database ( ) {
259- this .getResourceType ( )
260- .regexpMatch ( "^azurerm_(sql|mariadb|mssql|postgresql)_(server|database)" )
261- }
262-
263- override string toString ( ) { result = "Database " + this .getName ( ) }
264-
265- override string getName ( ) { result = this .getAttribute ( "name" ) .( StringLiteral ) .getValue ( ) }
266-
267- string getVersion ( ) { result = this .getAttribute ( "version" ) .( StringLiteral ) .getValue ( ) }
268-
269- boolean getSslEnforcementEnabled ( ) {
270- result = this .getAttribute ( "ssl_enforcement_enabled" ) .( BooleanLiteral ) .getBool ( )
271- }
272-
273- boolean getInfrastructureEncryptionEnabled ( ) {
274- result = this .getAttribute ( "infrastructure_encryption_enabled" ) .( BooleanLiteral ) .getBool ( )
275- }
276-
277- boolean getGeoRedundantBackupEnabled ( ) {
278- result = this .getAttribute ( "geo_redundant_backup_enabled" ) .( BooleanLiteral ) .getBool ( )
279- }
280-
281- Expr getAdministratorPassword ( ) { result = this .getAttribute ( "administrator_login_password" ) }
282- }
283-
284- /**
285- * Azure Key Vault.
286- */
287- class KeyVault extends AzureResource {
288- KeyVault ( ) { this .getResourceType ( ) = "azurerm_key_vault" }
289-
290- override string toString ( ) { result = "KeyVault " + this .getName ( ) }
291- }
292-
293- /**
294- * Azure Key Vault Key.
295- */
296- class KeyVaultKey extends AzureResource {
297- KeyVaultKey ( ) { this .getResourceType ( ) = "azurerm_key_vault_key" }
298-
299- override string toString ( ) { result = "KeyVaultKey " + this .getName ( ) }
300-
301- string getKeyType ( ) { result = this .getAttribute ( "key_type" ) .( StringLiteral ) .getValue ( ) }
302-
303- int getKeySize ( ) { result = this .getAttribute ( "key_size" ) .( NumericLiteral ) .getInt ( ) }
304- // string getKeyOpts() { result = this.getAttribute("key_opts") }
305- }
306-
307- /**
308- * Azure Key Vault Secret.
309- */
310- class KeyVaultSecret extends AzureResource {
311- KeyVaultSecret ( ) { this .getResourceType ( ) = "azurerm_key_vault_secret" }
312- }
313-
314- /**
315- * Azure Security Center Contact.
316- */
317- class SecurityCenterContact extends AzureResource {
318- SecurityCenterContact ( ) { this .getResourceType ( ) = "azurerm_security_center_contact" }
319-
320- string getEmail ( ) { result = this .getAttribute ( "email" ) .( StringLiteral ) .getValue ( ) }
321-
322- boolean getAlertNotifications ( ) {
323- result = this .getAttribute ( "alert_notifications" ) .( BooleanLiteral ) .getBool ( )
324- }
325-
326- boolean getAlertsToAdmins ( ) {
327- result = this .getAttribute ( "alerts_to_admins" ) .( BooleanLiteral ) .getBool ( )
328- }
329- }
46+ // Re-export the Azure resources
47+ import codeql.hcl.providers.azure.Storage:: AzureStorage
48+ import codeql.hcl.providers.azure.Databases:: AzureDatabases
49+ import codeql.hcl.providers.azure.KeyVault:: AzureKeyVault
50+ import codeql.hcl.providers.azure.SecurityCenter:: AzureSecurityCenter
33051}
0 commit comments