Update the plugin to use SDK v0.2.0

README.md

@@ -1,7 +1,50 @@
 # Plugin Azure VM
 
-## Assumptions
+## Configuration
 
-- That the agent running this plugin has access to the classic Azure env vars in order to use SDK methods
-- There is a set of policies specfically scoped to Azure that the config in the agent is pointing to
-- Ensure you set AZURE_SUBSCRIPTION_ID as an env var before you run the agent
+> [!NOTE]
+> Requires the typical Azure credentials to be set in your environment for the client to work. This can either be set manually or using the `az` tool
+
+| Name | Environment Variable | Required | Description |
+| --- | --- |:---:| --- |
+| `subscription_id` | `$CCF_PLUGINS_AZURE_CONFIG_SUBSCRIPTION_ID` | ✅ | Subscription ID for the Azure instance |
+
+## Building the plugin
+
+```shell
+$ mkdir -p dist
+$ go build -o dist/plugin main.go
+```
+
+## Data structure passed to the policy manager
+
+The plugin does not do any manipulation of the structures provided back from `azure-go-sdk`, so anything that is passed back can be queried in rego. However, due to the linked nature of azure with IDs through the API, the plugin saturates the data that is passed back and places them in a wrapper around structures.
+
+The golang definition can be found below: 
+
+```golang
+type AzureVMInstance struct {
+	Instance          *armcompute.VirtualMachine `json:"instance"`
+	NetworkInterfaces []*AzureVMNetworkInterface `json:"network_interfaces"`
+}
+
+type AzureVMNetworkInterface struct {
+	Config        *armnetwork.InterfacesClientGetResponse          `json:"config"`
+	PublicIPs     []*armnetwork.PublicIPAddressesClientGetResponse `json:"public_ips,omitempty"`
+	SecurityGroup *armnetwork.SecurityGroupsClientGetResponse      `json:"security_group,omitempty"`
+}
+```
+
+To see what data is available, the recommendation is to look at the golang documentation for the different types:
+
+* [`armcompute.VirtualMachine`](https://pkg.go.dev/github.com/Azure/azure-sdk-for-go/arm/compute#VirtualMachine)
+* [`armnetwork.InterfacesClientGetResponse`](https://pkg.go.dev/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/network/armnetwork/v7#InterfacesClientGetResponse)
+* [`armnetwork.PublicIPAddressesClientGetResponse`](https://pkg.go.dev/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/network/armnetwork/v7#PublicIPAddressesClientGetResponse)
+* [`armnetwork.SecurityGroupsClientGetResponse`](https://pkg.go.dev/github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/network/armnetwork/v7#SecurityGroupsClientGetResponse)
+
+To see the data in action, have a look at the unit tests found in the [policies repo](https://github.com/compliance-framework/plugin-azure-vm-policies/tree/main/policies)
+
+
+## Licence 
+
+[AGPL v3](./LICENSE)

go.mod

@@ -6,15 +6,9 @@ require (
 	github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.8.2
 	github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/compute/armcompute v1.0.0
 	github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/network/armnetwork v1.0.0
-	github.com/aws/aws-sdk-go-v2 v1.36.3
-	github.com/aws/aws-sdk-go-v2/config v1.29.9
-	github.com/aws/aws-sdk-go-v2/service/ec2 v1.209.0
-	github.com/compliance-framework/agent v0.1.1
-	github.com/compliance-framework/configuration-service v0.1.1
-	github.com/google/uuid v1.6.0
+	github.com/compliance-framework/agent v0.2.0
 	github.com/hashicorp/go-hclog v1.5.0
 	github.com/hashicorp/go-plugin v1.6.2
-	google.golang.org/protobuf v1.35.2
 )
 
 require (
@@ -23,28 +17,19 @@ require (
 	github.com/AzureAD/microsoft-authentication-library-for-go v1.3.3 // indirect
 	github.com/OneOfOne/xxhash v1.2.8 // indirect
 	github.com/agnivade/levenshtein v1.2.0 // indirect
-	github.com/aws/aws-sdk-go-v2/credentials v1.17.62 // indirect
-	github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.16.30 // indirect
-	github.com/aws/aws-sdk-go-v2/internal/configsources v1.3.34 // indirect
-	github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.6.34 // indirect
-	github.com/aws/aws-sdk-go-v2/internal/ini v1.8.3 // indirect
-	github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.12.3 // indirect
-	github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.12.15 // indirect
-	github.com/aws/aws-sdk-go-v2/service/sso v1.25.1 // indirect
-	github.com/aws/aws-sdk-go-v2/service/ssooidc v1.29.1 // indirect
-	github.com/aws/aws-sdk-go-v2/service/sts v1.33.17 // indirect
-	github.com/aws/smithy-go v1.22.2 // indirect
 	github.com/beorn7/perks v1.0.1 // indirect
 	github.com/cespare/xxhash/v2 v2.3.0 // indirect
+	github.com/compliance-framework/configuration-service v0.2.12-0.20250708103936-23c66564a854 // indirect
 	github.com/defenseunicorns/go-oscal v0.6.2 // indirect
 	github.com/fatih/color v1.15.0 // indirect
 	github.com/go-ini/ini v1.67.0 // indirect
 	github.com/go-logr/logr v1.4.2 // indirect
 	github.com/go-logr/stdr v1.2.2 // indirect
-	github.com/go-viper/mapstructure/v2 v2.2.1 // indirect
+	github.com/go-viper/mapstructure/v2 v2.3.0 // indirect
 	github.com/gobwas/glob v0.2.3 // indirect
-	github.com/golang-jwt/jwt/v5 v5.2.1 // indirect
+	github.com/golang-jwt/jwt/v5 v5.2.2 // indirect
 	github.com/golang/protobuf v1.5.4 // indirect
+	github.com/google/uuid v1.6.0 // indirect
 	github.com/gorilla/mux v1.8.1 // indirect
 	github.com/hashicorp/yamux v0.1.1 // indirect
 	github.com/kylelemons/godebug v1.1.0 // indirect
@@ -65,16 +50,17 @@ require (
 	github.com/xeipuuv/gojsonreference v0.0.0-20180127040603-bd5ef7bd5415 // indirect
 	github.com/yashtewari/glob-intersection v0.2.0 // indirect
 	go.opentelemetry.io/auto/sdk v1.1.0 // indirect
-	go.opentelemetry.io/otel v1.33.0 // indirect
-	go.opentelemetry.io/otel/metric v1.33.0 // indirect
+	go.opentelemetry.io/otel v1.35.0 // indirect
+	go.opentelemetry.io/otel/metric v1.35.0 // indirect
 	go.opentelemetry.io/otel/sdk v1.33.0 // indirect
-	go.opentelemetry.io/otel/trace v1.33.0 // indirect
-	golang.org/x/crypto v0.33.0 // indirect
-	golang.org/x/net v0.35.0 // indirect
-	golang.org/x/sys v0.30.0 // indirect
-	golang.org/x/text v0.22.0 // indirect
-	google.golang.org/genproto/googleapis/rpc v0.0.0-20241209162323-e6fa225c2576 // indirect
+	go.opentelemetry.io/otel/trace v1.35.0 // indirect
+	golang.org/x/crypto v0.37.0 // indirect
+	golang.org/x/net v0.38.0 // indirect
+	golang.org/x/sys v0.33.0 // indirect
+	golang.org/x/text v0.24.0 // indirect
+	google.golang.org/genproto/googleapis/rpc v0.0.0-20241223144023-3abc09e42ca8 // indirect
 	google.golang.org/grpc v1.69.2 // indirect
+	google.golang.org/protobuf v1.36.1 // indirect
 	gopkg.in/yaml.v3 v3.0.1 // indirect
 	sigs.k8s.io/yaml v1.4.0 // indirect
 )