From f6bec056d23cc3a5624e001c59de8ebba75bdc44 Mon Sep 17 00:00:00 2001
From: vj <victoria.daphnee.jeffrey@gmail.com>
Date: Thu, 26 Dec 2024 11:35:26 -0700
Subject: [PATCH] =?UTF-8?q?=F0=9F=A7=B9=20add=20extensions=20values=20to?=
 =?UTF-8?q?=20defender=20for=20containers=20resource?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 providers/azure/resources/cloud_defender.go | 26 +++++++++++++++++----
 1 file changed, 22 insertions(+), 4 deletions(-)

diff --git a/providers/azure/resources/cloud_defender.go b/providers/azure/resources/cloud_defender.go
index c0dc82ea7b..48dc775ade 100644
--- a/providers/azure/resources/cloud_defender.go
+++ b/providers/azure/resources/cloud_defender.go
@@ -7,12 +7,13 @@ import (
 	"context"
 	"errors"
 	"fmt"
+	"strings"
+
 	"go.mondoo.com/cnquery/v11/llx"
 	"go.mondoo.com/cnquery/v11/providers-sdk/v1/plugin"
 	"go.mondoo.com/cnquery/v11/providers-sdk/v1/util/convert"
 	"go.mondoo.com/cnquery/v11/providers/azure/connection"
 	"go.mondoo.com/cnquery/v11/types"
-	"strings"
 
 	"github.com/Azure/azure-sdk-for-go/sdk/azcore/arm"
 	"github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/security/armsecurity"
@@ -373,11 +374,16 @@ func (a *mqlAzureSubscriptionCloudDefenderService) defenderForContainers() (inte
 	if err != nil {
 		return nil, err
 	}
+	type extension struct {
+		Name      string `json:"name"`
+		IsEnabled bool   `json:"isEnabled"`
+	}
 
 	type defenderForContainers struct {
-		DefenderDaemonSet        bool `json:"defenderDaemonSet"`
-		AzurePolicyForKubernetes bool `json:"azurePolicyForKubernetes"`
-		Enabled                  bool `json:"enabled"`
+		DefenderDaemonSet        bool        `json:"defenderDaemonSet"`
+		AzurePolicyForKubernetes bool        `json:"azurePolicyForKubernetes"`
+		Enabled                  bool        `json:"enabled"`
+		Extensions               []extension `json:"extensions"`
 	}
 
 	kubernetesDefender := false
@@ -418,11 +424,23 @@ func (a *mqlAzureSubscriptionCloudDefenderService) defenderForContainers() (inte
 	if containersPricing.Properties.PricingTier != nil {
 		enabled = *containersPricing.Properties.PricingTier == security.PricingTierStandard
 	}
+	extensions := []extension{}
+	for _, ext := range containersPricing.Properties.Extensions {
+		if ext.IsEnabled == nil || ext.Name == nil {
+			continue
+		}
+		e := false
+		if *ext.IsEnabled == security.IsEnabledTrue {
+			e = true
+		}
+		extensions = append(extensions, extension{Name: *ext.Name, IsEnabled: e})
+	}
 
 	def := defenderForContainers{
 		DefenderDaemonSet:        arcDefender && kubernetesDefender,
 		AzurePolicyForKubernetes: arcPolicyExt && kubernetesPolicyExt,
 		Enabled:                  enabled,
+		Extensions:               extensions,
 	}
 
 	return convert.JsonToDict(def)